From f406b49276a46d8ac8ee139c023ab80fdbc883d3 Mon Sep 17 00:00:00 2001 From: Charles Hu <106095667+charleshu-8@users.noreply.github.com> Date: Thu, 22 Aug 2024 01:33:25 -0400 Subject: [PATCH] Add SBOM Convert Command (#2798) * SBOM convert command Signed-off-by: Charles Hu * Fix tests Signed-off-by: Charles Hu * SBOM update Signed-off-by: Charles Hu * Example SPDX to CycloneDX added Signed-off-by: Charles Hu * Testing changes; README blurb Signed-off-by: Charles Hu * Blurb update Signed-off-by: Charles Hu * Linting Signed-off-by: Charles Hu * Input check update Signed-off-by: Charles Hu --------- Signed-off-by: Charles Hu Co-authored-by: Amndeep Singh Mann --- README.md | 30 + src/commands/convert/cyclonedx_sbom2hdf.ts | 30 + src/commands/convert/index.ts | 9 +- .../convert/cyclonedx_sbom2hdf.test.ts | 127 + .../dropwizard-no-vulns.json | 10043 + .../sample_input_report/dropwizard-vex.json | 2555 + .../sample_input_report/dropwizard-vulns.json | 12583 + .../generated-saf-sbom.json | 89212 ++++++++ .../spdx-to-cyclonedx.json | 550 + .../syft-scan-alpine-container.json | 1115 + .../sample_input_report/vex.json | 99 + .../sbom-converted-spdx-hdf-withraw.json | 1127 + .../sbom-converted-spdx-hdf.json | 577 + .../sbom-dropwizard-no-vulns-hdf-withraw.json | 20115 ++ .../sbom-dropwizard-no-vulns-hdf.json | 10072 + .../sbom-dropwizard-vex-hdf-withraw.json | 6385 + .../sbom-dropwizard-vex-hdf.json | 3830 + .../sbom-dropwizard-vulns-hdf-withraw.json | 26578 +++ .../sbom-dropwizard-vulns-hdf.json | 13995 ++ .../cyclonedx_sbom/sbom-saf-hdf-withraw.json | 178179 +++++++++++++++ .../cyclonedx_sbom/sbom-saf-hdf.json | 88967 +++++++ ...bom-syft-alpine-container-hdf-withraw.json | 3072 + .../sbom-syft-alpine-container-hdf.json | 1550 + .../cyclonedx_sbom/sbom-vex-hdf-withraw.json | 213 + .../cyclonedx_sbom/sbom-vex-hdf.json | 114 + 25 files changed, 471126 insertions(+), 1 deletion(-) create mode 100644 src/commands/convert/cyclonedx_sbom2hdf.ts create mode 100644 test/commands/convert/cyclonedx_sbom2hdf.test.ts create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json create mode 100644 test/sample_data/cyclonedx_sbom/sample_input_report/vex.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-saf-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-saf-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-vex-hdf-withraw.json create mode 100644 test/sample_data/cyclonedx_sbom/sbom-vex-hdf.json diff --git a/README.md b/README.md index f6fd232f3..02ec37444 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ The SAF CLI is the successor to [Heimdall Tools](https://github.com/mitre/heimda * [AWS Config to HDF](#aws-config-to-hdf) * [Burp Suite to HDF](#burp-suite-to-hdf) * [CKL to POA&M](#ckl-to-poam) + * [CycloneDX SBOM to HDF](#cyclonedx-sbom-to-hdf) * [DBProtect to HDF](#dbprotect-to-hdf) * [Fortify to HDF](#fortify-to-hdf) * [gosec to HDF](#gosec-to-hdf) @@ -568,6 +569,35 @@ convert ckl2POAM Translate DISA Checklist CKL file(s) to POA&M file EXAMPLES $ saf convert ckl2POAM -i checklist_file.ckl -o output-folder -d abcdefg -s 2 ``` + +[top](#convert-other-formats-to-hdf) +#### CycloneDX SBOM to HDF + +Note: Currently, only the CycloneDX SBOM, VEX, and HBOM formats are officially supported in the CycloneDX SBOM convert command (formats like SaaSBOM are NOT supported and will result in errors). To convert other non-CycloneDX SBOM formats, first convert your current SBOM data file into the CycloneDX SBOM data format with [their provided utility](https://github.com/CycloneDX/cyclonedx-cli) and then convert the CycloneDX SBOM file to OHDF with the `saf convert cyclonedx_sbom2hdf` command. + +EX) To convert SPDX SBOM format to CycloneDX SBOM format using the [CycloneDX CLI](https://github.com/CycloneDX/cyclonedx-cli), you can perform the following: + +``` +cyclonedx-cli convert --input-file spdx-sbom.json --output-file cyclonedx-sbom.json --input-format spdxjson --output-format json +``` + +And then use that resulting CycloneDX SBOM file to convert to OHDF. + +``` +convert cyclonedx_sbom2hdf Translate a CycloneDX SBOM report into an HDF results set + + USAGE + $ saf convert cyclonedx_sbom2hdf -i -o [-h] + + FLAGS + -h, --help Show CLI help. + -i, --input= (required) Input CycloneDX SBOM File + -o, --output= (required) Output HDF JSON File + + EXAMPLES + $ saf convert cyclonedx_sbom2hdf -i cyclonedx_sbom.json -o output-hdf-name.json +``` + [top](#convert-other-formats-to-hdf) #### DBProtect to HDF ``` diff --git a/src/commands/convert/cyclonedx_sbom2hdf.ts b/src/commands/convert/cyclonedx_sbom2hdf.ts new file mode 100644 index 000000000..38847c015 --- /dev/null +++ b/src/commands/convert/cyclonedx_sbom2hdf.ts @@ -0,0 +1,30 @@ +import {Command, Flags} from '@oclif/core' +import fs from 'fs' +import {CycloneDXSBOMResults as Mapper} from '@mitre/hdf-converters' +import {checkInput, checkSuffix} from '../../utils/global' + +export default class CycloneDXSBOM2HDF extends Command { + static usage = 'convert cyclonedx_sbom2hdf -i -o [-h] [-w]' + + static description = 'Translate a CycloneDX SBOM report into an HDF results set' + + static examples = ['saf convert cyclonedx_sbom2hdf -i cyclonedx_sbom.json -o output-hdf-name.json'] + + static flags = { + help: Flags.help({char: 'h'}), + input: Flags.string({char: 'i', required: true, description: 'Input CycloneDX SBOM file'}), + output: Flags.string({char: 'o', required: true, description: 'Output HDF JSON file'}), + 'with-raw': Flags.boolean({char: 'w', required: false, description: 'Include raw input file in HDF JSON file'}), + } + + async run() { + const {flags} = await this.parse(CycloneDXSBOM2HDF) + + // Check for correct input type + const data = fs.readFileSync(flags.input, 'utf8') + checkInput({data, filename: flags.input}, 'cyclonedx_sbom', 'CycloneDX SBOM output file') + + const converter = new Mapper(data, flags['with-raw']) + fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2)) + } +} diff --git a/src/commands/convert/index.ts b/src/commands/convert/index.ts index dda773f21..4b7a79800 100644 --- a/src/commands/convert/index.ts +++ b/src/commands/convert/index.ts @@ -1,4 +1,4 @@ -import {ASFFResults, ChecklistResults, BurpSuiteMapper, ConveyorResults, DBProtectMapper, fingerprint, FortifyMapper, JfrogXrayMapper, MsftSecureScoreMapper, NessusResults, NetsparkerMapper, NiktoMapper, PrismaMapper, SarifMapper, ScoutsuiteMapper, SnykResults, TrufflehogResults, TwistlockResults, XCCDFResultsMapper, ZapMapper} from '@mitre/hdf-converters' +import {ASFFResults, ChecklistResults, BurpSuiteMapper, ConveyorResults, CycloneDXSBOMResults, DBProtectMapper, fingerprint, FortifyMapper, JfrogXrayMapper, MsftSecureScoreMapper, NessusResults, NetsparkerMapper, NiktoMapper, PrismaMapper, SarifMapper, ScoutsuiteMapper, SnykResults, TrufflehogResults, TwistlockResults, XCCDFResultsMapper, ZapMapper} from '@mitre/hdf-converters' import fs from 'fs' import _ from 'lodash' import {checkSuffix, convertFullPathToFilename} from '../../utils/global' @@ -51,6 +51,7 @@ export default class Convert extends Command { case 'nikto': case 'prisma': case 'sarif': + case 'cyclonedx_sbom': case 'scoutsuite': case 'snyk': case 'trufflehog': @@ -127,6 +128,12 @@ export default class Convert extends Command { break } + case 'cyclonedx_sbom': { + converter = new CycloneDXSBOMResults(fs.readFileSync(flags.input, 'utf8')) + fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2)) + break + } + case 'fortify': { converter = new FortifyMapper(fs.readFileSync(flags.input, 'utf8')) fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2)) diff --git a/test/commands/convert/cyclonedx_sbom2hdf.test.ts b/test/commands/convert/cyclonedx_sbom2hdf.test.ts new file mode 100644 index 000000000..ca8bb1dbb --- /dev/null +++ b/test/commands/convert/cyclonedx_sbom2hdf.test.ts @@ -0,0 +1,127 @@ +import {expect, test} from '@oclif/test' +import tmp from 'tmp' +import path from 'path' +import fs from 'fs' +import {omitHDFChangingFields} from '../utils' + +describe('Test sbom', () => { + const tmpobj = tmp.dirSync({unsafeCleanup: true}) + + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - dropwizard no vulns', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - dropwizard vex', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - dropwizard w/ vulns', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - saf', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-saf-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/vex.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - vex', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-vex-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - spdx converted cyclonedx', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`]) + .it('hdf-converter output test - syft-generated alpine container', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) +}) + +describe('Test sbom using withraw flag', () => { + const tmpobj = tmp.dirSync({unsafeCleanup: true}) + + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - dropwizard no vulns', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - dropwizard vex', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - dropwizard w/ vulns', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - saf', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-saf-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/vex.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - vex', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-vex-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - spdx converted cyclonedx', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) + test + .stdout() + .command(['convert cyclonedx_sbom2hdf', '-i', path.resolve('./test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json'), '-o', `${tmpobj.name}/cyclonedx_sbom.json`, '-w']) + .it('hdf-converter withraw output test - syft-generated alpine container', () => { + const converted = JSON.parse(fs.readFileSync(`${tmpobj.name}/cyclonedx_sbom.json`, 'utf8')) + const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf-withraw.json'), 'utf8')) + expect(omitHDFChangingFields(converted)).to.eql(omitHDFChangingFields(sample)) + }) +}) diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json new file mode 100644 index 000000000..6ea86bda4 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-no-vulns.json @@ -0,0 +1,10043 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:21541b57-cd8f-482c-a80f-9c79c75ca7cf", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:25Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json new file mode 100644 index 000000000..6ea5f232b --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vex.json @@ -0,0 +1,2555 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:b9d34fa9-4f62-4b08-ae38-af606a1dc7fd", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:31:55Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "vulnerabilities": [ + { + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "id": "GHSA-5mg8-w23w-74h3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 173, + 200, + 378, + 732 + ], + "description": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "id": "GHSA-7g45-4rm6-3mm3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 379, + 552 + ], + "description": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "id": "GHSA-5p34-5m6p-p58g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "id": "GHSA-27xj-rqx5-2255", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "id": "GHSA-58pp-9c76-5625", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "id": "GHSA-v3xw-c963-f5hc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "id": "GHSA-h4rc-386g-6m85", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "id": "GHSA-9vvp-fxw6-jcxr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "id": "GHSA-rf6r-2c4q-2vwg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "id": "GHSA-758m-v56v-grj4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "id": "GHSA-95cm-88f5-f2c7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "id": "GHSA-c2q3-4qrh-fm48", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "id": "GHSA-mc6h-4qgp-37qh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "id": "GHSA-j823-4qch-3rgm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "id": "GHSA-c265-37vj-cwcc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "id": "GHSA-4w82-r329-3q67", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "id": "GHSA-rpr3-cw39-3pxh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "id": "GHSA-fmmc-742q-jg75", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "id": "GHSA-gjmw-vf9h-g25v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "id": "GHSA-mx7p-6679-8g3q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "id": "GHSA-q93h-jc49-78gg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "id": "GHSA-p43x-xfjf-5jhr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "id": "GHSA-h3cw-g4mq-c5x2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 94, + 502 + ], + "description": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "id": "GHSA-qjw2-hr98-qgfh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "id": "GHSA-8w26-6f25-cm9x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "id": "GHSA-m6x4-97wx-4q27", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "id": "GHSA-v585-23hc-c647", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "id": "GHSA-r695-7vr9-jgc2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "id": "GHSA-vfqx-33qm-g869", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "id": "GHSA-f9xh-2qgp-cq57", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "id": "GHSA-cvm9-fjm9-3572", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "id": "GHSA-9gph-22xh-8x98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "id": "GHSA-89qr-369f-5m5x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "id": "GHSA-8c4j-34r4-xr8g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "id": "GHSA-9m6f-7xcq-8vf8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "id": "GHSA-5r5r-6hpj-8gg9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "id": "GHSA-wh8g-3j2c-rqj5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "id": "GHSA-r3gr-cxrf-hg25", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502, + 913 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "id": "GHSA-jjjh-jjxp-wpff", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "id": "GHSA-5949-rw7g-wx7w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "id": "GHSA-57j2-w4cx-62h2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 787 + ], + "description": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "id": "GHSA-288c-cq4h-88gq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "id": "GHSA-gww7-p5w4-wrfv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "id": "GHSA-rgv9-q543-rqg4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "id": "GHSA-fqwf-pjwf-7vqv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "id": "GHSA-8jpx-m2wh-2v34", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "id": "GHSA-3mcp-9wr4-cjqf", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "id": "GHSA-rvwf-54qp-4r6v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 776 + ], + "description": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "id": "GHSA-9w3m-gqgf-c4p9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "id": "GHSA-w37g-rhq8-7m4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "id": "GHSA-c4r9-r8fh-9vj2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "id": "GHSA-hhhw-99gj-p3c3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "id": "GHSA-98wm-3w3q-mw94", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "id": "GHSA-3mc7-4q67-w48m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 776 + ], + "description": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "id": "GHSA-mjmj-j48q-9wg2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 20, + 502 + ], + "description": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "id": "GHSA-668q-qrv7-99fm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "id": "GHSA-m394-8rww-3jr7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "id": "GHSA-m6cp-vxjx-65j6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 613 + ], + "description": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "id": "GHSA-26vr-8j45-3r4w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 551, + 755 + ], + "description": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "id": "GHSA-p26g-97m4-6q7c", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "id": "GHSA-qw69-rqj8-6qw8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400, + 770 + ], + "description": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "id": "GHSA-86wm-rrjm-8wh8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 226 + ], + "description": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "id": "GHSA-cj7v-27pg-wf7q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 20 + ], + "description": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "id": "GHSA-hmr7-m48g-48f6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 130 + ], + "description": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "id": "GHSA-g3wg-6mcf-8jj6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 378, + 379, + 552 + ], + "description": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "id": "GHSA-58qw-p7qm-5rvh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "id": "GHSA-gwcr-j4wh-j3cq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "id": "GHSA-3gh6-v5v9-6v9j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 149 + ], + "description": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "id": "GHSA-269g-pwp5-87pp", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200, + 732 + ], + "description": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "id": "INT-f70z-tbpp-4o5d", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "high", + "method": "other" + } + ], + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "id": "INT-63e3-49kp-blqt", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "low", + "method": "other" + } + ], + "description": "testing", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "id": "GHSA-j8jw-g6fq-mp7h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "id": "GHSA-8grg-q944-cch5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "id": "GHSA-hwj3-m3p6-hj38", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "id": "GHSA-7r82-7xv7-xcpj", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 79 + ], + "description": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "id": "GHSA-jvfv-hrrc-6q72", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "id": "GHSA-wgmr-mf83-7x4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 410 + ], + "description": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "id": "GHSA-rggv-cv7r-mw98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "id": "GHSA-wgh7-54f2-x98r", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 190 + ], + "description": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "id": "GHSA-w4g2-9hj6-5472", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 295 + ], + "description": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "id": "GHSA-mm8h-8587-p46h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "id": "GHSA-h376-j262-vhq6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "id": "GHSA-45hx-wfhj-473x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 88 + ], + "description": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json new file mode 100644 index 000000000..d2e7aff08 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/dropwizard-vulns.json @@ -0,0 +1,12583 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:dbaf64af-0eec-4ff1-bffe-8b642d1d16c9", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:28Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "vulnerabilities": [ + { + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "id": "GHSA-5mg8-w23w-74h3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 173, + 200, + 378, + 732 + ], + "description": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z", + "affects": [ + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967" + } + ] + }, + { + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "id": "GHSA-7g45-4rm6-3mm3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 379, + 552 + ], + "description": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z", + "affects": [ + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967" + } + ] + }, + { + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "id": "GHSA-5p34-5m6p-p58g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "id": "GHSA-27xj-rqx5-2255", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "id": "GHSA-58pp-9c76-5625", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "id": "GHSA-v3xw-c963-f5hc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "id": "GHSA-h4rc-386g-6m85", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "id": "GHSA-9vvp-fxw6-jcxr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "id": "GHSA-rf6r-2c4q-2vwg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "id": "GHSA-758m-v56v-grj4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "id": "GHSA-95cm-88f5-f2c7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "id": "GHSA-c2q3-4qrh-fm48", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "id": "GHSA-mc6h-4qgp-37qh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "id": "GHSA-j823-4qch-3rgm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "id": "GHSA-c265-37vj-cwcc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "id": "GHSA-4w82-r329-3q67", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "id": "GHSA-rpr3-cw39-3pxh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "id": "GHSA-fmmc-742q-jg75", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "id": "GHSA-gjmw-vf9h-g25v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "id": "GHSA-mx7p-6679-8g3q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "id": "GHSA-q93h-jc49-78gg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "id": "GHSA-p43x-xfjf-5jhr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "id": "GHSA-h3cw-g4mq-c5x2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 94, + 502 + ], + "description": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "id": "GHSA-qjw2-hr98-qgfh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "id": "GHSA-8w26-6f25-cm9x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "id": "GHSA-m6x4-97wx-4q27", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "id": "GHSA-v585-23hc-c647", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "id": "GHSA-r695-7vr9-jgc2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "id": "GHSA-vfqx-33qm-g869", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "id": "GHSA-f9xh-2qgp-cq57", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "id": "GHSA-cvm9-fjm9-3572", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "id": "GHSA-9gph-22xh-8x98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "id": "GHSA-89qr-369f-5m5x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "id": "GHSA-8c4j-34r4-xr8g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "id": "GHSA-9m6f-7xcq-8vf8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "id": "GHSA-5r5r-6hpj-8gg9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "id": "GHSA-wh8g-3j2c-rqj5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "id": "GHSA-r3gr-cxrf-hg25", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502, + 913 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "id": "GHSA-jjjh-jjxp-wpff", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "id": "GHSA-5949-rw7g-wx7w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "id": "GHSA-57j2-w4cx-62h2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 787 + ], + "description": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "id": "GHSA-288c-cq4h-88gq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "id": "GHSA-gww7-p5w4-wrfv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "id": "GHSA-rgv9-q543-rqg4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "id": "GHSA-fqwf-pjwf-7vqv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "id": "GHSA-8jpx-m2wh-2v34", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z", + "affects": [ + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30" + } + ] + }, + { + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "id": "GHSA-3mcp-9wr4-cjqf", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z", + "affects": [ + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30" + } + ] + }, + { + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "id": "GHSA-rvwf-54qp-4r6v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 776 + ], + "description": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "id": "GHSA-9w3m-gqgf-c4p9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "id": "GHSA-w37g-rhq8-7m4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "id": "GHSA-c4r9-r8fh-9vj2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "id": "GHSA-hhhw-99gj-p3c3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "id": "GHSA-98wm-3w3q-mw94", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "id": "GHSA-3mc7-4q67-w48m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 776 + ], + "description": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "id": "GHSA-mjmj-j48q-9wg2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 20, + 502 + ], + "description": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "id": "GHSA-668q-qrv7-99fm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z", + "affects": [ + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + } + ] + }, + { + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "id": "GHSA-m394-8rww-3jr7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "id": "GHSA-m6cp-vxjx-65j6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 613 + ], + "description": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "id": "GHSA-26vr-8j45-3r4w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 551, + 755 + ], + "description": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "id": "GHSA-p26g-97m4-6q7c", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "id": "GHSA-qw69-rqj8-6qw8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400, + 770 + ], + "description": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "id": "GHSA-86wm-rrjm-8wh8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 226 + ], + "description": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "id": "GHSA-cj7v-27pg-wf7q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 20 + ], + "description": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z", + "affects": [ + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769" + } + ] + }, + { + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "id": "GHSA-hmr7-m48g-48f6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 130 + ], + "description": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769" + } + ] + }, + { + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "id": "GHSA-g3wg-6mcf-8jj6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 378, + 379, + 552 + ], + "description": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z", + "affects": [ + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941" + } + ] + }, + { + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "id": "GHSA-58qw-p7qm-5rvh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z", + "affects": [ + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9" + } + ] + }, + { + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "id": "GHSA-gwcr-j4wh-j3cq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z", + "affects": [ + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc" + } + ] + }, + { + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "id": "GHSA-3gh6-v5v9-6v9j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 149 + ], + "description": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc" + } + ] + }, + { + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "id": "GHSA-269g-pwp5-87pp", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200, + 732 + ], + "description": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z", + "affects": [ + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2" + } + ] + }, + { + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "id": "INT-f70z-tbpp-4o5d", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "high", + "method": "other" + } + ], + "affects": [ + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d" + } + ] + }, + { + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "id": "INT-63e3-49kp-blqt", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "low", + "method": "other" + } + ], + "description": "testing", + "affects": [ + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d" + } + ] + }, + { + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "id": "GHSA-j8jw-g6fq-mp7h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z", + "affects": [ + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371" + } + ] + }, + { + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "id": "GHSA-8grg-q944-cch5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z", + "affects": [ + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371" + } + ] + }, + { + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "id": "GHSA-hwj3-m3p6-hj38", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z", + "affects": [ + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db" + } + ] + }, + { + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "id": "GHSA-7r82-7xv7-xcpj", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 79 + ], + "description": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z", + "affects": [ + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507" + } + ] + }, + { + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "id": "GHSA-jvfv-hrrc-6q72", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z", + "affects": [ + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910" + } + ] + }, + { + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "id": "GHSA-wgmr-mf83-7x4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 410 + ], + "description": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z", + "affects": [ + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54" + } + ] + }, + { + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "id": "GHSA-rggv-cv7r-mw98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z", + "affects": [ + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b" + } + ] + }, + { + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "id": "GHSA-wgh7-54f2-x98r", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 190 + ], + "description": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z", + "affects": [ + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709" + } + ] + }, + { + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "id": "GHSA-w4g2-9hj6-5472", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 295 + ], + "description": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z", + "affects": [ + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + } + ] + }, + { + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "id": "GHSA-mm8h-8587-p46h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + }, + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "info", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z", + "affects": [ + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + } + ] + }, + { + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "id": "GHSA-h376-j262-vhq6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "unknown", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z", + "affects": [ + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8" + } + ] + }, + { + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "id": "GHSA-45hx-wfhj-473x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "info", + "method": "other" + } + ], + "cwes": [ + 88 + ], + "description": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z", + "affects": [ + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8" + } + ] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json b/test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json new file mode 100644 index 000000000..32dfa7bdd --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/generated-saf-sbom.json @@ -0,0 +1,89212 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "serialNumber": "urn:uuid:7103f08b-5c5e-4b5b-b2c7-d4be65fa19fe", + "metadata": { + "timestamp": "2024-07-08T18:08:55.978Z", + "tools": [ + { + "name": "npm", + "version": "10.7.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "1.19.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "6.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "saf", + "group": "@mitre", + "version": "1.4.7", + "bom-ref": "@mitre/saf@1.4.7", + "author": "The MITRE Security Automation Framework", + "description": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/saf@1.4.7?vcs_url=git%2Bhttps%3A//github.com/mitre/saf.git", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/saf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/saf", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/saf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "client-config-service", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Config Service Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-config-service@3.590.0#clients/client-config-service", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-config-service", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-config-service", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ad29ae81b639104043527461f1bd58d83f0294a7d812a161b7210ff7855d54705dae36775d2b2269d856e08b21e4ed081c2c93ba6c189b90327e25fcb03aa3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/token-providers" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha256-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-browser/-/sha256-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f152e65b607e82315b539b8c7aab5033a363d3f1756eba3cd31417096e824015a0a2c1565d3c7beda78e17908020099b38aeb849d30125d36be89e35c8fe66bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "ie11-detection", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions and types for detecting if the host environment is IE11", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/ie11-detection@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/ie11-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/ie11-detection/-/ie11-detection-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df8d650419226350df0cd29a8bfc173376ae8cd0645d1eedab55113d00cbf708b70146c8f34351ef8b85d535c7326ee9a3501c9c593c8aed92d88794ffefc0f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha256-js", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-js@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-js@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-js/-/sha256-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e734dee8b34fb27755ef5c0cb6dc214e9936cc683c60c57b53287c9bac9dfd63c906cc10138011626d624a1fa061cad2c8fd9caccecf3bc4238137206283abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "supports-web-crypto", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions for detecting if the host environment supports the WebCrypto API", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/supports-web-crypto@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/supports-web-crypto", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/supports-web-crypto/-/supports-web-crypto-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d3a84174cc1401bd96153b861bbdcb482d307cfbbddf15b0a39bcbd9eb7d7b29a09aedc8779bc500705b6a355688684f3b7eea72c7426a9fc5a97bc918958f22" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "util", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/util@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/util@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/util", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/util/-/util-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8e265a5e269091e3c082f2bfae2950a1cecf48ba7823f70919ae5f19d38d435845afc881c82d82823cdcc98212ac8af8fe4b798ba3a05573b981373771038eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/util@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/types@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.577.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "153d896444b7c0128dfda95f9a1968fb764eabf5c9d02ed039970336ba4a8c1d24a98a0a8e154a67f1f1e80ad1d1cce429f1f304112ceb2e3479b207c769d298" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/types" + } + ] + }, + { + "type": "library", + "name": "util-utf8-browser", + "group": "@aws-sdk", + "version": "3.259.0", + "bom-ref": "@aws-sdk/util-utf8-browser@3.259.0", + "author": "AWS SDK for JavaScript Team", + "description": "A browser UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-utf8-browser@3.259.0#packages/util-utf8-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-utf8-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-utf8-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52f15afef47e7b5f57a2891917c47315906bc361149105b18815b4c9840086f9370be4151a5d07de8b9c6bc2c306505f40a5f0996de1ba8ff9f47f2bc1bd7027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-utf8-browser" + } + ] + }, + { + "type": "library", + "name": "util-locate-window", + "group": "@aws-sdk", + "version": "3.535.0", + "bom-ref": "@aws-sdk/util-locate-window@3.535.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-locate-window@3.535.0#packages/util-locate-window", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-locate-window", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-locate-window", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.535.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c727748be9dda3a5c81ba9d8223f1917a6eec3adcd8f6158b0c5222abef30a843c33481d56de632fb69cf028ce0813bccb168759a3418a8c9f40b285e775784" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-locate-window" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "2.6.3", + "bom-ref": "tslib@2.6.3", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@2.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4dbf12443948963c6854b9475080024f28e3897c69c8c8ac9239cd3d5e42ac81d515ff7136cefc1961d7a38e64603c281cca6d63b8b1f7db6eb203bb0414929" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-host-header@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.577.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c6b9309cf8e7908e0c8557b34fec5a6266eeddd03b81146b5cdff2913c82b2e9cdfd09f786f3fec9035a6dfb3e58b5dd3dd66804011c24e21f681455f0ac5a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-host-header" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-logger@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.577.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68f146a468d365c25893edb86e0ee34f85dd229e369855d2b8fb78f65c392b281e7cbc8933fb01d1b28aa8f6188af5b4adcb99f5bad0e7c79950db61af3600be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-logger" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.577.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a67dd95447768a86ca2654771fe6c38a51e38119cdad0e873262bd673670f3d0a49f70dc6efe3cc4ebf8449beed1a53c4832e5fd2342c69a4a8de2c34cf18134" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-recursion-detection" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.577.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc40331e047a1d6a59387ef11607892dcebf0b331cc789f1790a25671559a01e693da25ddc28f246164dd315de641d1721109699be322418328ae8172cd3242c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-browser" + } + ] + }, + { + "type": "library", + "name": "config-resolver", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/config-resolver@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/config-resolver@3.0.1#packages/config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85b91825cdb44810f3daaa8bcedb6323f12a5de9ad996934a284739cbb225e9df4eba290453bee2876bb5388c264226ae83a33aafcb4475fef344482f629cf26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/config-resolver" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@smithy", + "version": "2.1.1", + "bom-ref": "@smithy/core@2.1.1", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/core@2.1.1#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/core/-/core-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2f6c8c3051c83414c85354980c85bb1148014bd2bc1dbb2fce433ed7ab5a495c93b2686bfe3c68e3d6219ac119730543c0e41909bfb4baabe614d94f2093f58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/core" + } + ] + }, + { + "type": "library", + "name": "fetch-http-handler", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/fetch-http-handler@3.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/fetch-http-handler@3.0.1#packages/fetch-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/fetch-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/fetch-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9a1fbe22e410e3fab070a106978a82a923448704916d395c33ac2a71671a61396d248b98e18fb757bc33183362097a6f13a5d16f4b6882d3cb2339b95f14616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/fetch-http-handler" + } + ] + }, + { + "type": "library", + "name": "hash-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-node@3.0.0#packages/hash-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f38a97b2d35e98fdd74b98dca1fd1e97af9b0df8f3baf8493d04c47eba37960b5b0ad2a0ccf9b7320892e9e85754f8de439f894b41ea993cfc7ff4587f31d5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-node" + } + ] + }, + { + "type": "library", + "name": "invalid-dependency", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/invalid-dependency@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/invalid-dependency@3.0.0#packages/invalid-dependency", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/invalid-dependency", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/invalid-dependency", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17ac0105a105809ce3d2ce0a5259622063e6a977a6c0fe846af82f0ea630087e343b95ebda2307bd2f2da1d986559b6e242a2b0645ec60bc93bb83ee8b356ae6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/invalid-dependency" + } + ] + }, + { + "type": "library", + "name": "middleware-content-length", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-content-length@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-content-length@3.0.0#packages/middleware-content-length", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-content-length", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-content-length", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc2e2ce1dfe21a86e00ad936b67596ebecd24ce060d4f4409b6bed5992ddae2c13ae815b6d6352af795ccb31ddad01e71176020b92b9d846e97e875a21463cb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-content-length" + } + ] + }, + { + "type": "library", + "name": "middleware-endpoint", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/middleware-endpoint@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-endpoint@3.0.1#packages/middleware-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "950fd439d183e0a33990b662025d2af10cb774f6f29ef0172807579d896b0353a9694c2bfa7792b15a240d9a58e9955be58c7c8e7bacdbdbafe975a933d3f849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-endpoint" + } + ] + }, + { + "type": "library", + "name": "middleware-retry", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/middleware-retry@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-retry@3.0.3#packages/middleware-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5af7b5ab325bf3754453feaafbf2347107409039eecc42c2e88bc80700f3504886a4aa97817d6fd74154b9919b452e8ebff3fe1c7b61700a07389650bd934090" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-retry" + } + ] + }, + { + "type": "library", + "name": "middleware-serde", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-serde@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-serde@3.0.0#packages/middleware-serde", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-serde", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-serde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "235bca1b57e823ea0f806f6bec8318d52fb10679809f5212aa9968cafaa4c07a126fc54fb278070d33a0606601a27b8e2a775a591506259aca6182c1f809deeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-serde" + } + ] + }, + { + "type": "library", + "name": "middleware-stack", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-stack@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a means for composing multiple middleware functions into a single handler", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-stack@3.0.0#packages/middleware-stack", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-stack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-stack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87d239b27c0c874455e6eb0ba7b24b8d02ab63ef27e6c0507a169dfb7a7cada76ab4e3bfce77dc5eb446946e5bb22263a51a71a969519a55f8f06b04abfa2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-stack" + } + ] + }, + { + "type": "library", + "name": "node-config-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/node-config-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "Load config default values from ini config files and environmental variable", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-config-provider@3.1.0#packages/node-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e07c1f1022d51f4c54df1ccbcab9cda0d56eb4575bab220647a83d49345642dad4d65da86a7f65ef297a9c052ef266a47b1aa910419cb5d72fe534e516ceaed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-config-provider" + } + ] + }, + { + "type": "library", + "name": "node-http-handler", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/node-http-handler@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-http-handler@3.0.0#packages/node-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dedac3e2becd38cca0c0b6d4268e1ea1dc90bb2a405abeeebcf9de6cd27d6bbd1d421567f944bc8ff9429efa094ba0577d9785ecf924908d037a6549c3e9fe79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-http-handler" + } + ] + }, + { + "type": "library", + "name": "protocol-http", + "group": "@smithy", + "version": "4.0.0", + "bom-ref": "@smithy/protocol-http@4.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/protocol-http@4.0.0#packages/protocol-http", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/protocol-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/protocol-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e4193842365cb5915813bd020218b87baa8d9d9cb32afcfc89601431c336e2202c0311c76065f1c9395390fa561f433dda1a569bb3c1631ad3171d2f83bf01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/protocol-http" + } + ] + }, + { + "type": "library", + "name": "smithy-client", + "group": "@smithy", + "version": "3.1.1", + "bom-ref": "@smithy/smithy-client@3.1.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/smithy-client@3.1.1#packages/smithy-client", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/smithy-client", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/smithy-client", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63e0abbb329cd947c72656e3dc49bacb155c66a6d5a4b6624cc124ffb8812ae2c6ab69b11d17c09b99075807bb89fd7e7542ad846309d1b284bb85d47807bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/smithy-client" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/types@3.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/types@3.0.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/types/-/types-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "56f5ae424d91285b8eafdf201618dc6bb7e4052fb12cb5114fc6d48e4e5742857464b9bb58fc163cf637fc0c334cbb940437a82830ad85f7b502c4d459a48487" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/types" + } + ] + }, + { + "type": "library", + "name": "url-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/url-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/url-parser@3.0.0#packages/url-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/url-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/url-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d972dacc5814bbe60e187b568a10771522c07c251a8d57cd05718662339a54a8cb02e031c77a52058de10602f3220075ee169fe7d80e1b78a62aa4f2f2672b8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/url-parser" + } + ] + }, + { + "type": "library", + "name": "util-base64", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-base64@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A Base64 <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-base64@3.0.0#packages/util-base64", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-base64", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-base64", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-base64/-/util-base64-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b1be887942db74083b1f6a3899382a49c60b4f1d738ac2633e672e30683e3752810c03ea8fc716bdf1a13fed985d9c115915730e881479c5b71a3212edce741" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-base64" + } + ] + }, + { + "type": "library", + "name": "util-body-length-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in browsers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-browser@3.0.0#packages/util-body-length-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-browser/-/util-body-length-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71b8c9b3603598b626aa6c9597cd2ea0b4c984071fccc3b23e08f0018bac58a31d2de36dce6333f58c4d977fe344ba31492df092a91fd23c0d76d5d6b7210169" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-browser" + } + ] + }, + { + "type": "library", + "name": "util-body-length-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-node@3.0.0#packages/util-body-length-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-node/-/util-body-length-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3ee96786d49683543fa3f3c2137b2b7f3ab664a61044fd42d420d1381d34e9f1859bc2b2c1e38bea194d422ecf110245f1bcadd9b63ccc3658216ce9e21890" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-node" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-browser", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-browser@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-browser@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc314e3766ef5c902e9097bea8580f57fae8ac6ed90f79b88230971c3d55e73fed80a429e4c09308b9edaddebcead5fab63f14962de579f59726e74d8395a608" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-browser" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-node", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-node@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-node@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f46fc1895de713d346daa124372227aede4de667b198f30d739a0f29768818ac6bd625e2dc21c96a93681b906e0ad03681196aceeafeabdb48b02057c362b98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-node" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@smithy", + "version": "2.0.1", + "bom-ref": "@smithy/util-endpoints@2.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-endpoints@2.0.1#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6514f45423a72a556885fa0004c73c956790a3f24416e3d672d7cd4578131dbc8e56cb0c38b60550d5ae931c621d119502157e9f773490f5becd4a9c92354f10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-middleware", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-middleware@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-middleware@3.0.0#packages/util-middleware", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-middleware", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-middleware", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab921374e9d5da95c74950e7296af08123530c100c1cba6d144d3bb9aff94f2e56275d5bbebd2f9366bb6a0bbba9186b085450967a39bb70a7794e4410b2be0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-middleware" + } + ] + }, + { + "type": "library", + "name": "util-retry", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-retry@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared retry utilities to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-retry@3.0.0#packages/util-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9caf7d6ef262ce21affd438a2650ef145e39174d1680f2ca5481947c02be98387354dda16ff4b7dee5b64e5860e4f541a2a63bb4356a2f4ce6bb83b1007828f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-retry" + } + ] + }, + { + "type": "library", + "name": "util-utf8", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-utf8@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-utf8@3.0.0#packages/util-utf8", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-utf8", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-utf8", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad4793d766f1167a656037bcd791976eafe88b11061df44516d71317761d0e2fc968434833a6926182c9c9d1bcdd43732d77912392bc69b61dffc4a9fd033490" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-utf8" + } + ] + }, + { + "type": "library", + "name": "signature-v4", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/signature-v4@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A standalone implementation of the AWS Signature V4 request signing algorithm", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/signature-v4@3.0.0#packages/signature-v4", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/signature-v4", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/signature-v4", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91714e90d5fe0501dedaa9cbc693046824466a9f49ead5062f373703d8dd9fe9c3e0974cc0229327ecc5c10db41a463e9805c66adc93c371dca14951dfd1f098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/signature-v4" + } + ] + }, + { + "type": "library", + "name": "is-array-buffer", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/is-array-buffer@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a function for detecting if an argument is an ArrayBuffer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/is-array-buffer@3.0.0#packages/is-array-buffer", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/is-array-buffer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/is-array-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f85b2ee90e82e114898b2f3563c780a63101e6056d33ea052937df83e8d2bb0b6fa26249ae150906edb34bcc235d2807fe0d4c2845abcf20a14c17ba7256f915" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/is-array-buffer" + } + ] + }, + { + "type": "library", + "name": "util-hex-encoding", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-hex-encoding@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Converts binary buffers to and from lowercase hexadecimal encoding", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-hex-encoding@3.0.0#packages/util-hex-encoding", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-hex-encoding", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-hex-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-hex-encoding/-/util-hex-encoding-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7859dd8755842b960c518bf2de53e5566618fdf65c404d43f2849fe3521ddaf09e2242895cf7180c2643fb8fb156223a6f55d277bb44face40997cf3e6295a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-hex-encoding" + } + ] + }, + { + "type": "library", + "name": "util-uri-escape", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-uri-escape@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-uri-escape@3.0.0#packages/util-uri-escape", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-uri-escape", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-uri-escape", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-uri-escape/-/util-uri-escape-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2ea47ba982e06530fb9d62c179c522e1aaa8970f0c8736bd02ba4d110f3cd4c249214dac13988708ae93772aaacdc0cbcb438f7b5d086384fc72d55db729ee6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-uri-escape" + } + ] + }, + { + "type": "library", + "name": "strnum", + "version": "1.0.5", + "bom-ref": "strnum@1.0.5", + "author": "Amit Gupta", + "description": "Parse String to Number based on configuration", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strnum@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/strnum.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27c6db37228a5e5e6a61c477e9320ef16de6546547ae69b1b1de4f008b46926cb3c09bf26e2c36215ab99ea7748b82d2352901fecc7d5479656df15dafd93524" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strnum" + } + ] + }, + { + "type": "library", + "name": "property-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/property-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/property-provider@3.1.0#packages/property-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/property-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/property-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3dfea1586a75981e9a30a25a31650037e1bcb1780bfb8a0ee2a8effb6512c450f7edde982ade476c67763f7bd104914ac882114f21656dfff0942efa7e70e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/property-provider" + } + ] + }, + { + "type": "library", + "name": "util-stream", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/util-stream@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-stream@3.0.1#packages/util-stream", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5ed534d840b1f31103c23df3a61d398e5f134fd3d7f663145e8e2ecaa4bd054d3f7bd9feccd80df182ca985bee2a00d3daf7d8aff4a9b4857cd154ebc692cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-stream" + } + ] + }, + { + "type": "library", + "name": "credential-provider-imds", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/credential-provider-imds@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/credential-provider-imds@3.1.0#packages/credential-provider-imds", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/credential-provider-imds", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/credential-provider-imds", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab8038777f2ff296189ac7aefe34d2dd9e48df35e510e7b939b8be109ade54a8125725941ce77bff26950a29c2eb4406e0c4720acf7cb5cc411f520c0b46eeed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/credential-provider-imds" + } + ] + }, + { + "type": "library", + "name": "shared-ini-file-loader", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/shared-ini-file-loader@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/shared-ini-file-loader@3.1.0#packages/shared-ini-file-loader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/shared-ini-file-loader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/shared-ini-file-loader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74033bc125f4351dea4cdc8654dfe7c30a440f37d5f53ff700dd9e0011315a675ae55a99292b2394836aa263b98634161aff88224a177ecdeedaf192373f3e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/shared-ini-file-loader" + } + ] + }, + { + "type": "library", + "name": "util-config-provider", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-config-provider@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities package for configuration providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-config-provider@3.0.0#packages/util-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-config-provider/-/util-config-provider-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5b8e4e2cd1fc2adc38bf00d2feac2bc930a3396f3010744e52ffa44be4d5e0304c45022e9481030f3a6e723da2163e9afe10e5ca5d1a27277168c4a7f898225" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-config-provider" + } + ] + }, + { + "type": "library", + "name": "bowser", + "version": "2.11.0", + "bom-ref": "bowser@2.11.0", + "author": "Dustin Diaz", + "description": "Lightweight browser detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bowser@2.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/lancedikson/bowser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lancedikson/bowser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lancedikson/bowser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bowser/-/bowser-2.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02571a2418bfa6aa8904843c53d31ca5cf62f00ab19fcf1292fe5dfb1057d34e81639bbc3779862c76b92e0a696bb2ff1dfc20c0b819e8d62cf8083ab9498944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bowser" + } + ] + }, + { + "type": "library", + "name": "querystring-builder", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-builder@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-builder@3.0.0#packages/querystring-builder", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d6f058b4373c9f904d13990a610d7af50260436cad35700e02d59ee0830300539443cf9000bff2a6a11c334004b49315cd7ff0f600b4c48302b45367382ed46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-builder" + } + ] + }, + { + "type": "library", + "name": "util-buffer-from", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-buffer-from@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-buffer-from@3.0.0#packages/util-buffer-from", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-buffer-from", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-buffer-from", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6843870a0ab945615b3fe5033ef3e8b76e842478ce0be6d182c7b903c5771524a1a9de44e54378a9cef3930b2f24f3c056c7fbdd0c18707375fe0b7faed2f040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-buffer-from" + } + ] + }, + { + "type": "library", + "name": "service-error-classification", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/service-error-classification@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/service-error-classification@3.0.0#packages/service-error-classification", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/service-error-classification", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/service-error-classification", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc1b01b4e52dd86b277375f6ddec3eaf633bd56c2da477c40c684760748383aab5b7c16b5a1d798d3db90cb6a3155d47f8fa71009ea0a9ef7261e454b2649d14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/service-error-classification" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "9.0.1", + "bom-ref": "uuid@9.0.1", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@9.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fed5e24e96c47d2bc1c9a68c3d3a4ddf896396488708cd7a1dbefd2b42356839536958ca717f5c19369b78cbd875d2874236baa7629d4e073464b5c9017b7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "querystring-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-parser@3.0.0#packages/querystring-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5331f0b6193450471c578747ccfc929c1cb7e005b0dd5f6522a513c66a3343ec0f0c03bd72c09631f38b7bb57d0366a0358cbbc44f8f6f44ba2bf276dc94b37d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-parser" + } + ] + }, + { + "type": "library", + "name": "client-securityhub", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-securityhub@3.590.0#clients/client-securityhub", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-securityhub", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-securityhub", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cc0da783606c03b91489ecb6ea697c41b66088bb51a013b0e30dcec6364162dfcd31500d89bb9108bf63959a057c2f7b3f54f245c9baebdde57ee35adba1f92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/token-providers" + } + ] + } + ] + }, + { + "type": "library", + "name": "xlsx", + "group": "@e965", + "version": "0.20.1", + "bom-ref": "@e965/xlsx@0.20.1", + "author": "sheetjs", + "description": "SheetJS Spreadsheet data parser and writer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40e965/xlsx@0.20.1", + "externalReferences": [ + { + "url": "git+https://github.com/e965/sheetjs-npm-publisher.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://git.sheetjs.com/SheetJS/sheetjs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@e965/xlsx/-/xlsx-0.20.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd1bfc34b0751fa6aa43266ddff80b8ddd31919b07fbf588462e181c0c359281123533cf9b35c96cfa8ed8730dec3641d6f9c5d5448ac50f59bd2d12f4baa66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@e965/xlsx" + } + ] + }, + { + "type": "library", + "name": "emass_client", + "group": "@mitre", + "version": "3.10.0", + "bom-ref": "@mitre/emass_client@3.10.0", + "author": "OpenAPI-Generator Contributors", + "description": "OpenAPI client for @mitre/emass_client", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/emass_client@3.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/emass_client.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/emass_client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/emass_client/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/emass_client/-/emass_client-3.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e10952e45a11106c15df5d35d150ad7a8e7d7a76cf08d11405e99a1331c422a5284f08bf4b64a4f7c4d429d31838c0a53f826d363e984cfaad76ae2fe821e705" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client" + } + ], + "components": [ + { + "type": "library", + "name": "axios", + "version": "0.21.4", + "bom-ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@0.21.4", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bade6f7b0922bbc8e318176aa4ce385f18ee0a3abd2c029e1d59a855f1d5cf2f1e1e0c71abc49b01540da2f0c0f26562d3990fd046bf9ff5337121dc4c941f36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client/node_modules/axios" + } + ] + } + ] + }, + { + "type": "library", + "name": "follow-redirects", + "version": "1.15.6", + "bom-ref": "follow-redirects@1.15.6", + "author": "Ruben Verborgh", + "description": "HTTP and HTTPS modules that follow redirects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/follow-redirects@1.15.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/follow-redirects/follow-redirects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1637ad9821311a3a948ae7ce0465725a7c7d401a93bc45580495f92e5db4ceacf5f87c87cec84a56fc2b2235df09758ac0a0ebda7d14ce127bec3befaa0aa14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/follow-redirects" + } + ] + }, + { + "type": "library", + "name": "hdf-converters", + "group": "@mitre", + "version": "2.10.8", + "bom-ref": "@mitre/hdf-converters@2.10.8", + "description": "Converter util library used to transform various scan results into HDF format", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/hdf-converters@2.10.8", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/hdf-converters" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@mdi", + "version": "7.4.47", + "bom-ref": "@mdi/js@7.4.47", + "author": "Austin Andrews", + "description": "Dist for Material Design Icons for JS/TypeScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mdi/js@7.4.47", + "externalReferences": [ + { + "url": "git+https://github.com/Templarian/MaterialDesign-JS.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mdi/js/-/js-7.4.47.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28f9cd3ad9b98b6a4c69ba99c69533ee241ffa67eb619c8a099f10373f39733804b7b72e1dc1a8ad67ddcd4316600d120fe6ba1e7e05989f98873cf38e44d9ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mdi/js" + } + ] + }, + { + "type": "library", + "name": "jsonix", + "group": "@mitre", + "version": "3.0.7", + "bom-ref": "@mitre/jsonix@3.0.7", + "author": "Alexey Valikov", + "description": "Jsonix (JSON interfaces for XML) is a JavaScript library which allows converting between XML and JSON structures.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause", + "url": "http://github.com/highsource/jsonix/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/%40mitre/jsonix@3.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mitre/jsonix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/mitre/jsonix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/mitre/jsonix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/jsonix/-/jsonix-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f1a0cd2f6bf46f606a68e8bedc77fdfc4b8d914315cc53d83aeb0bc7d318fcacbd2cbcf60f90718062fcfa1e669d8a53887c859271a6e16aff3059b3ee81cb63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/jsonix" + } + ] + }, + { + "type": "library", + "name": "xmldom", + "group": "@xmldom", + "version": "0.8.10", + "bom-ref": "@xmldom/xmldom@0.8.10", + "description": "A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40xmldom/xmldom@0.8.10", + "externalReferences": [ + { + "url": "git://github.com/xmldom/xmldom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xmldom/xmldom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xmldom/xmldom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9600b7d3978c68d9290609846deab0d315f93d475733981bd4432d7680ad8ab91288a5612171b6f3cbc1195edcff8e446a1d7f1b14473a142d478d7e1351663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@xmldom/xmldom" + } + ] + }, + { + "type": "library", + "name": "amdefine", + "version": "0.0.4", + "bom-ref": "amdefine@0.0.4", + "author": "James Burke", + "description": "Provide AMD's define() API for declaring modules in the AMD format", + "licenses": [ + { + "license": { + "name": "BSD", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/amdefine@0.0.4", + "externalReferences": [ + { + "url": "http://github.com/jrburke/amdefine.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://registry.npmjs.org/amdefine/-/amdefine-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbdb8d95aaa6f246746d80ee845b759aa3682ccd88e00b12781fba75d74d8927e6465251ab7f0852e36d503e3ec4eccea0f96d387cd2be795282c70c7e99c30e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/amdefine" + } + ] + }, + { + "type": "library", + "name": "xmlhttprequest", + "version": "1.8.0", + "bom-ref": "xmlhttprequest@1.8.0", + "author": "Dan DeFelippi", + "description": "XMLHttpRequest for Node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlhttprequest@1.8.0", + "externalReferences": [ + { + "url": "git://github.com/driverdan/node-XMLHttpRequest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/driverdan/node-XMLHttpRequest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/driverdan/node-XMLHttpRequest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c226fd4d2695504b337f0d7598c7ca1b8cb42a9aeb5e3af64d983ff01a3dbbc2a15f5a4065296c9063d50466db2b518954010ff7ecc3b2f66c9183550b3004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlhttprequest" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "group": "@types", + "version": "1.4.5", + "bom-ref": "@types/csv2json@1.4.5", + "description": "TypeScript definitions for csv2json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/csv2json@1.4.5#types/csv2json", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/csv2json", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/csv2json/-/csv2json-1.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d79d88c649cffcca76149023a6968d23036bdae7d65ed55c6cd814fb651371ac12af61569ea85a4e4dac2153a6967b4503226b19d3400acdc0ccacf9808a4d38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/csv2json" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "group": "@types", + "version": "1.4.4", + "bom-ref": "@types/pumpify@1.4.4", + "description": "TypeScript definitions for pumpify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pumpify@1.4.4#types/pumpify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pumpify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pumpify/-/pumpify-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9c59b41479c0f4e0c41892334184f99c5083f7ebc6a5a189aa9be22674c280f2b329c51340859003ea0223fac0154c5d43962aab4ffa94a7a686362ffd537b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "group": "@types", + "version": "3.6.4", + "bom-ref": "@types/duplexify@3.6.4", + "description": "TypeScript definitions for duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/duplexify@3.6.4#types/duplexify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/duplexify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/duplexify/-/duplexify-3.6.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e6a154fb1df9dcb708be85ba003325cc68ada5a15208591844099ecd644ca7c25d6289e621bf564681d39c1156b0ca1df3852aa6f45f491787dd5e13df5166" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/duplexify" + } + ] + }, + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.14.1", + "bom-ref": "@types/node@20.14.1", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.14.1#types/node", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f633348612efb2b01fc59167ea9a15773cbc90968c1da6d9a6803db40ba431b12f059afe528e96756b25da102d12db5fe1e5427d880e96ff9bd2354e65d3438" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "ms", + "group": "@types", + "version": "0.7.34", + "bom-ref": "@types/ms@0.7.34", + "description": "TypeScript definitions for ms", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/ms@0.7.34#types/ms", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/ms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/ms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c6f7a1b75a9e9a73202026a19ab233836fe69cac8eca96d3e2471cc73d79cfdcd808dbc6e940346fe77a256ea1976df7201796a288798edf1a701294b92ddf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "group": "@types", + "version": "4.2.5", + "bom-ref": "@types/mustache@4.2.5", + "description": "TypeScript definitions for mustache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mustache@4.2.5#types/mustache", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mustache", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mustache", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3cbc2256f4c1839f6d1852fff15a5c1afa8ebb72f83aebde36f3e2d0461b59c85174454ffbec9151724f165f82029284ab5df4d7bff835feda439953b4750db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "group": "@types", + "version": "5.3.14", + "bom-ref": "@types/papaparse@5.3.14", + "description": "TypeScript definitions for papaparse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/papaparse@5.3.14#types/papaparse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/papaparse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/papaparse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/papaparse/-/papaparse-5.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f127888415ca6a73a3044f0a7d7fa055e9555ce379ba31f1f456a168b07beb5207d78857bac30ed1de2b64390f9308ae98f88bfff919e7bed4599e473929cf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "group": "@types", + "version": "0.3.12", + "bom-ref": "@types/revalidator@0.3.12", + "description": "TypeScript definitions for revalidator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/revalidator@0.3.12#types/revalidator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/revalidator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/revalidator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/revalidator/-/revalidator-0.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ec0368c77f3ef725a211395a0c0ddff1ee75565c19847434a85c1e324250f3bff342064158d9f30793213a0c6aefa282c30057b9408ea5f56ab44e0768a4cb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/revalidator" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/triple-beam@1.3.5", + "description": "TypeScript definitions for triple-beam", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/triple-beam@1.3.5#types/triple-beam", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/triple-beam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/triple-beam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/triple-beam/-/triple-beam-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e966987ac4e144c0a5d7d8abc8c60feffc76395802b5b2157e50c61695a76fd8ab5c8dd48d8138033998ba250a635009b2d1a28e863e32052cccc811c4861363" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/triple-beam" + } + ] + }, + { + "type": "library", + "name": "validator", + "group": "@types", + "version": "13.12.0", + "bom-ref": "@types/validator@13.12.0", + "description": "TypeScript definitions for validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/validator@13.12.0#types/validator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/validator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/validator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c7e392e4ee83c8275455385e8980523a0f2d10a47133ab841e71986f82ec583c3c13f1cf77a6b08ca80b6222db66dfdbe867e0c347eaa436732926630146a6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/validator" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "group": "@types", + "version": "0.4.14", + "bom-ref": "@types/xml2js@0.4.14", + "description": "TypeScript definitions for xml2js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/xml2js@0.4.14#types/xml2js", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/xml2js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e189eb45e9814a15913b6423bd48a7f04480e35ac7fbd9d018b506655ff5203862dd22fd3a1769342fccaee9535aea6d5cac21c7f683c44eeda15d1fff2a485d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/xml2js" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "1.7.2", + "bom-ref": "axios@1.7.2", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@1.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80f1084e32b6e89a50ee88b78af5789b201cee1de45caaa34e1e9d02ca9e44a09d4814387e5d91f703a0645edbf42b880518223463804cec1d703848b446683" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "compare-versions", + "version": "6.1.0", + "bom-ref": "compare-versions@6.1.0", + "author": "Ole Michelsen", + "description": "Compare semver version strings to find greater, equal or lesser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/compare-versions@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/omichelsen/compare-versions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd6505e1a94bea513a2da59d34a8b49a89fcb76f85450f9f3c691afc30a170e02314afdf32b73096e700c7e6ac7f0c46399020d771b711b82a8bd2ccc47f6b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/compare-versions" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "version": "2.0.2", + "bom-ref": "csv2json@2.0.2", + "author": "Julien Fontanet", + "description": "Stream and CLI to convert CSV to JSON", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/csv2json@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/julien-f/csv2json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/julien-f/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/julien-f/csv2json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv2json/-/csv2json-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61567bd8e7a14acf7e8f694c135d28b2624d1de23475c1e55fea8dabcc5c4744fe46df1668e09c84a884545dc6b0ae0e7f7cff2c4eb8c746dad5ca542e601c97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv2json" + } + ] + }, + { + "type": "library", + "name": "csv-parser", + "version": "2.3.5", + "bom-ref": "csv-parser@2.3.5", + "author": "mafintosh", + "description": "Streaming CSV parser that aims for maximum speed as well as compatibility with the csv-spectrum test suite", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parser@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/csv-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parser/-/csv-parser-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c21e8942e0094dc0bfb912e0f92c7d9554d2a90fc422c595b6cf32b55e6ad56146ac945638739068a0444738222e6c6f62bff0c0c858ece31d07bd6359bb25a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parser" + } + ] + }, + { + "type": "library", + "name": "minimist", + "version": "1.2.8", + "bom-ref": "minimist@1.2.8", + "author": "James Halliday", + "description": "parse argument options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minimist@1.2.8", + "externalReferences": [ + { + "url": "git://github.com/minimistjs/minimist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/minimistjs/minimist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/minimistjs/minimist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db2c8047ca8190ddd8ba17896a7529582e54ddb6f9a2c0f2c0d07c4730d5943c031dba1c009bdeaaa8f5bbcf92543ee39164f8cafb070a95aaa96a80c5bd3308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimist" + } + ] + }, + { + "type": "library", + "name": "through2", + "version": "3.0.2", + "bom-ref": "through2@3.0.2", + "author": "Rod Vagg", + "description": "A tiny wrapper around Node.js streams.Transform (Streams2/3) to avoid explicit subclassing noise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through2@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/rvagg/through2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/rvagg/through2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/rvagg/through2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through2/-/through2-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a7683438314c8fd96e99c93e84b0ccea04f65a33f6af83c8aea3e976777402b3427ee916aa90757fdbf94ec034ee7811de27fd8b1bd96b2d6ddde6b58fb9cb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through2" + } + ] + }, + { + "type": "library", + "name": "exec-promise", + "version": "0.7.0", + "bom-ref": "exec-promise@0.7.0", + "author": "Julien Fontanet", + "description": "Testable CLIs with promises", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/exec-promise@0.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/exec-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exec-promise/-/exec-promise-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6b817e065a23cdb0f42b28227c5f754e6ec89d6afe89ad61853209a95362bd4d202ee90f3d27ec98ea4a7fa2d85845727852199e3bc8c18f8e99411af9e1780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exec-promise" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "1.0.2", + "bom-ref": "log-symbols@1.0.2", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: ✔︎ success", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a63eb5b4161d9fc4ecdd05b16fe20d66ea947bda16852cf2761b94891042dfd72fa2690ac31ba71608f8f2e7844761b640b7b5fe96cebdd0ac3ad807565c1cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "1.1.3", + "bom-ref": "log-symbols@1.0.2|chalk@1.1.3", + "description": "Terminal string styling done right. Much color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53795154b31296c09f8ea60f6cbc95bf5d4cf423d6e08ef6f1de9308a300389b9e11e07dffca3e792b0c9f13c90fe43e2bdd3db1d11283b0beb489281faa27d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "2.2.1", + "bom-ref": "log-symbols@1.0.2|ansi-styles@2.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "92609ebc582146258cec7079cd33d42e5e2bf5b5454968f3eb6321aa2cc3194aead8d5ae34c432bafe2d1c7a0a247b3af4cfcc17ae2511c1dd608a1cadd59060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "561ba64926c1a834cff29d992ca8f8d148c1095e3ebfc6d4484a546f82a34605a4f696ea185e111058fa2846a089d6f67ff33a0330b41261720cd19ac3d382ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "log-symbols@1.0.2|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "2.0.0", + "bom-ref": "log-symbols@1.0.2|supports-color@2.0.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28a355b5dea909880f20a538729dbbdf71d6602a6995085d7592c152bc9a007a2eef6df1f854734390dff36e058fe232cae8904d1a2e6f84a72057c872ba7bd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "has-ansi", + "version": "2.0.0", + "bom-ref": "has-ansi@2.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string has ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-ansi@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0bcbc127c0f0502c75f6f866eeeae14ee52caf8fc8c8fea5e15ccd403bfeaf21d039b5b74d34e9f7207af16a588117b66db686b99fec7bbe08a857959cc9cb66" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "has-ansi@2.0.0|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi/node_modules/ansi-regex" + } + ] + } + ] + }, + { + "type": "library", + "name": "promise-toolbox", + "version": "0.14.0", + "bom-ref": "promise-toolbox@0.14.0", + "author": "Julien Fontanet", + "description": "Essential utils for promises", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-toolbox@0.14.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/promise-toolbox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/promise-toolbox/-/promise-toolbox-0.14.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "555e655cae255da3c1f6804ee74a297b5a9dd0028df0dde72b5e2362f57dfea1667d95b63f1fdb2633d90678868d770825fe89e58fdca0d809b4f1c3ca2515fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/promise-toolbox" + } + ] + }, + { + "type": "library", + "name": "make-error", + "version": "1.3.6", + "bom-ref": "make-error@1.3.6", + "author": "Julien Fontanet", + "description": "Make your own error types!", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-error@1.3.6", + "externalReferences": [ + { + "url": "git://github.com/JsCommunity/make-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/make-error", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/make-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b3c52194d7bbbcf2a8990842d6a15e94ca24aff49cdc080d6eca379fbe2654f0392d3670901f4d9577f85cf6a62f1244f21d2087bdeb33de31bf0453d825489f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-error" + } + ] + }, + { + "type": "library", + "name": "pump", + "version": "3.0.0", + "bom-ref": "pump@3.0.0", + "author": "Mathias Buus Madsen", + "description": "pipe streams together and close all of them if one of them closes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pump@3.0.0", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pump.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pump#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pump/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f0672fa9dd216cd4fcad77f8d872de30a6fe3d1e2602a9df5195ce5955d93457ef18cefea34790659374d198f2f57edebd4f13f420c64627e58f154d81161c3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pump" + } + ] + }, + { + "type": "library", + "name": "end-of-stream", + "version": "1.4.4", + "bom-ref": "end-of-stream@1.4.4", + "author": "Mathias Buus", + "description": "Call a callback when a readable/writable/duplex stream has completed or failed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/end-of-stream@1.4.4", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/end-of-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faec358a720754f428695b87cd1c97776d6270cf9c9ede02cc3e6b5be342d708ce5124ceb3e4deec53afec084deef4bdc7fa08ca12cfe4f4751fea614001eee5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/end-of-stream" + } + ] + }, + { + "type": "library", + "name": "once", + "version": "1.4.0", + "bom-ref": "once@1.4.0", + "author": "Isaac Z. Schlueter", + "description": "Run a function exactly one time", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/once@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/once.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/once#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/once/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94d689808fb643951140191c7042874d038f697754c67659125413658d0c15402e684a9ed44f8dcaf81dcff688c8d8ba67d3333b976fd47f27e7cfc610ba77fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/once" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "version": "2.0.1", + "bom-ref": "pumpify@2.0.1", + "author": "Mathias Buus", + "description": "Combine an array of streams into a single duplex stream using pump and duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pumpify@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pumpify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pumpify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pumpify/-/pumpify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9bb28e8deee3671ae6bad6a79644b575a8f5752eb3e8182c97339799c484a48942c4cdd5247ee51b940b79c93fea1805e85e1cac57f4d54b5098db097f079303" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "version": "4.1.3", + "bom-ref": "duplexify@4.1.3", + "author": "Mathias Buus", + "description": "Turn a writable and readable stream into a streams2 duplex stream with support for async initialization and streams1/streams2 input", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/duplexify@4.1.3", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/duplexify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/duplexify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/duplexify/-/duplexify-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "337066061c09459b12c77f25672844e770ac75d83397947bc4624d93b09575d643e82726c0c087f09fbb029ac8ad0287ed3a272b16828dcbf6ed099ffac43ea0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/duplexify" + } + ] + }, + { + "type": "library", + "name": "inherits", + "version": "2.0.4", + "bom-ref": "inherits@2.0.4", + "description": "Browser-friendly inheritance fully compatible with standard node.js inherits()", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inherits@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/inherits.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inherits#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inherits/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93fbc6697e3f6256b75b3c8c0af4d039761e207bea38ab67a8176ecd31e9ce9419cc0b2428c859d8af849c189233dcc64a820578ca572b16b8758799210a9ec1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inherits" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "3.6.2", + "bom-ref": "readable-stream@3.6.2", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@3.6.2", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f6efec9e20ab6370f959db04447cc71381b66025eaa06e454c7522082e1221bafa5dc2d9058d39c9af442a361e93d3b9c4e0308c6abed497460404bb43d49ca0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "stream-shift", + "version": "1.0.3", + "bom-ref": "stream-shift@1.0.3", + "author": "Mathias Buus", + "description": "Returns the next buffer/object in a stream's readable queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-shift@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/stream-shift.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efa3914740ced68d6194ac136e2fc33371175867f764960ef1c5d7e512709ee9760c4836a32a19ca32cda1033c5acbd988528245f0b53b427b882be27b745999" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-shift" + } + ] + }, + { + "type": "library", + "name": "strip-bom-stream", + "version": "4.0.0", + "bom-ref": "strip-bom-stream@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-stream@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-stream/-/strip-bom-stream-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d00a4ade20241efe966e02c80b0fc9e278701de0d9b01c4822c383fa01e064808be92789d12f5ffd666a7a691af5c8e44f230de6078877a7bc5395861409f771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-stream" + } + ] + }, + { + "type": "library", + "name": "first-chunk-stream", + "version": "3.0.0", + "bom-ref": "first-chunk-stream@3.0.0", + "author": "Sindre Sorhus", + "description": "Transform the first chunk in a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/first-chunk-stream@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/first-chunk-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/first-chunk-stream/-/first-chunk-stream-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd46f47886bfd2f1c5d7908639a538153fb2f7b6ae8b95859c83d9d606e5bba3534cc4a668ea83956bfe8621e90c188d08c3bb82f875a298c7bdbbf54078aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/first-chunk-stream" + } + ] + }, + { + "type": "library", + "name": "strip-bom-buf", + "version": "2.0.0", + "bom-ref": "strip-bom-buf@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-buf@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-buf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-buf/-/strip-bom-buf-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80b14d1ee71dea0cdbf2332c9794266774209d4266a7baa7e2e5121cdc045ee980a7b622ce8198c35f595157eeab868139052dca7da4f17fc2c33581ef75b695" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-buf" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "acc60f62f0b3b17cb022c95d80b692a0f970e4f7e807fb2cafb858e292df72876b03933f780af36b56bd5664e234804d323386af53b0f664f2536a3af54e94f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.4.0", + "bom-ref": "fast-xml-parser@4.4.0", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90b6378c5970218c01343a237252ac3400b5dac7c3e8dc16ef8401d82a0d18fbed5718e58987a156e9c1dc7632362fa7e13b75740720c18be6285fd9d7c7e5aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "html-entities", + "version": "2.5.2", + "bom-ref": "html-entities@2.5.2", + "author": "Marat Dulin", + "description": "Fastest HTML entities encode/decode library.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-entities@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mdevils/html-entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mdevils/html-entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdevils/html-entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-entities/-/html-entities-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bffcf491310938159efc2b26aefa666eac79f7147d15c2bf87dfa784d2b3db798911462f58c5c7983e1b8deb45305a8af1c8a1e1aa800997638529ae0156d68" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-entities" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "9.1.0", + "bom-ref": "htmlparser2@9.1.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@9.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e737e0ea61d4a1a7abffded3c671a9c666d1ef326d3f021814c67f1f9b9c4e53d984abedba6d39ca23cadcc81a8b76b40f2571bfba98aa8c1e6847769eb610cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "inspecjs", + "version": "2.10.8", + "bom-ref": "inspecjs@2.10.8", + "description": "Schema definitions, classes on top, and utilities to deal with HDF files", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/inspecjs@2.10.8", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inspecjs/-/inspecjs-2.10.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7254873aba523f31f309f195a81cf5f5fa6162c37032af4b2383ed3d690a45521ee79e1bb2a255b7f49f665859d4be7919ac4ff7e3e49d8b026984338d276109" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inspecjs" + } + ] + }, + { + "type": "library", + "name": "lodash", + "version": "4.17.21", + "bom-ref": "lodash@4.17.21", + "author": "John-David Dalton", + "description": "Lodash modular utilities.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash@4.17.21", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf690311ee7b95e713ba568322e3533f2dd1cb880b189e99d4edef13592b81764daec43e2c54c61d5c558dc5cfb35ecb85b65519e74026ff17675b6f8f916f4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash" + } + ] + }, + { + "type": "library", + "name": "moment", + "version": "2.30.1", + "bom-ref": "moment@2.30.1", + "author": "Iskren Ivov Chernev", + "description": "Parse, validate, manipulate, and display dates", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/moment@2.30.1", + "externalReferences": [ + { + "url": "git+https://github.com/moment/moment.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://momentjs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moment/moment/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/moment/-/moment-2.30.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b849ad3616c33ab58f152fa176314205fcbd7f6628cb3469c1c97e0eaa42ead697db5173b132d055b315fd6ecfccd497eb1fdb842d73037736510e4dcc7ea1a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/moment" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e85973b9b4cb646dc9d9afcd542025784863ceae68c601f268253dc985ef70bb2fa1568726afece715c8ebf5d73fab73ed1f7100eb479d23bfb57b45dd645394" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "version": "4.2.0", + "bom-ref": "mustache@4.2.0", + "author": "mustache.js Authors", + "description": "Logic-less {{mustache}} templates with JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mustache@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/janl/mustache.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/janl/mustache.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/janl/mustache.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef58a9a52cb0ab961beffb5563219b9018206d4f07deee51cf9e9f1fad2318582bf2e1f0c6cf9a48a7aa9a5b885733349b4901ef1423292eaa3df7746f6668a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "version": "5.4.1", + "bom-ref": "papaparse@5.4.1", + "author": "Matthew Holt", + "description": "Fast and powerful CSV parser for the browser that supports web workers and streaming large files. Converts CSV to JSON and JSON to CSV.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/papaparse@5.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/mholt/PapaParse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://papaparse.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mholt/PapaParse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e2a4cb2026466ef1baf6de95b5e6ebe8eac89beb09deff8c282d93e515fdeba43c8c7bdcb011752cb83efee8af4f464265553e758ffb023980ca1864b7649af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "version": "0.3.1", + "bom-ref": "revalidator@0.3.1", + "author": "Charlie Robbins", + "description": "A cross-browser / node.js validator powered by JSON Schema", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/revalidator@0.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/flatiron/revalidator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flatiron/revalidator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flatiron/revalidator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/revalidator/-/revalidator-0.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2babe370f95e690e9430184b8dda7d40809fb403c5aa8451cab792a09317c0a3050a80ed42595df6211dd3341e20f7f157de026df6a0493bc0d8970a279c1d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/revalidator" + } + ] + }, + { + "type": "library", + "name": "run-script-os", + "version": "1.1.6", + "bom-ref": "run-script-os@1.1.6", + "author": "Charlie Guse", + "description": "run-script-os is a tool that will let you use generic npm script commands that will pass through to os specific commands.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-script-os@1.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/charlesguse/run-script-os.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-script-os/-/run-script-os-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa5e8fd8bce10534c37f32adb3e428e07f785542a9c4a0c5cfa431c7069464dd26c2f8bb2f7969388ec1a8f0aaee58038775cb974769797c1f715222b65ad8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-script-os" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-7.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d0080560b1f6a7118681dc81c27482f53b48dd65614d995ee49f974e1b482e4ea6f0c71722428dd347a263d7c6342508153aed85bae0fcd8eff548107ec5db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.4.3", + "bom-ref": "tailwindcss@3.4.3", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bb31424fe7dfdec19b1e091db271fe248e3afe46f882377f59292e963641e52fe4370f75c4ec60b96eb197ead4db611d2d5cd5c668c859a691ec75af391ed0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "group": "@alloc", + "version": "5.2.0", + "bom-ref": "@alloc/quick-lru@5.2.0", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40alloc/quick-lru@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@alloc/quick-lru/-/quick-lru-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52b700041fb86d4ac5001c1b96e4c8044ad7c2f6ec53f57b4d959f99b8097db930881bb3892f60c5d383532ba279c7dd190f398e094c5ba8ee4b7fb3e53b0a2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@alloc/quick-lru" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "5.0.2", + "bom-ref": "arg@5.0.2", + "author": "Josh Junon", + "description": "Unopinionated, no-frills CLI argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@5.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d88f214e2ca43dcb9ec9bd0e902e8f1d02036ab3087c33544c25875076e4fac5b59280adfa3ff67fbfea7cf3ca4cebd8cc31f4bc5ddf05e88d6443f23d1d41a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "chokidar", + "version": "3.5.3", + "bom-ref": "chokidar@3.5.3", + "author": "Paul Miller", + "description": "Minimal and efficient cross-platform file watching library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chokidar@3.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/paulmillr/chokidar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/chokidar", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/chokidar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ebdec7ca44fea84dc8dfd8999498525f79532f5c175e83107489543979bd95d74b852540804bc381c9975503255bf315cdcf71a38d3823f642d6b194ea13a93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar" + } + ], + "components": [ + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "chokidar@3.5.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar/node_modules/glob-parent" + } + ] + } + ] + }, + { + "type": "library", + "name": "didyoumean", + "version": "1.2.2", + "bom-ref": "didyoumean@1.2.2", + "author": "Dave Porter", + "description": "Match human-quality input to potential matches by edit distance.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/didyoumean@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/dcporter/didyoumean.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/didyoumean/-/didyoumean-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "831b727ea320ec62b285099bd39e8aeccdf1b33cbf9b21fcc3e078453f905c142cbc039d7375f29aa0c33c7c750603e0b1d000e522227e89daf3d62d4404c3cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/didyoumean" + } + ] + }, + { + "type": "library", + "name": "dlv", + "version": "1.1.3", + "bom-ref": "dlv@1.1.3", + "author": "Jason Miller", + "description": "Safely get a dot-notated property within an object.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dlv@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/developit/dlv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/developit/dlv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/developit/dlv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dlv/-/dlv-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87972b728e53ca9c81bc5ee446f16be604ff31b3c3fbd72f9228a4ba6575a81202ee78fc6d0e8504887ed691d78f5ab439241a44e9aa15a9f65f2544248d7c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dlv" + } + ] + }, + { + "type": "library", + "name": "fast-glob", + "version": "3.3.2", + "bom-ref": "fast-glob@3.3.2", + "author": "Denis Malinochkin", + "description": "It's a very fast and efficient glob library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-glob@3.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/mrmlnc/fast-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a17dabb80150c1ffceae3f26ef7ed8e5a7710d03b42c007bfd2e4c9f109d4cd0dde29e81b32215b2ff4942c0136d34aaf0a1d1a4bc081db56550d6adc5dfb53b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob" + } + ], + "components": [ + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob/node_modules/glob-parent" + } + ] + } + ] + }, + { + "type": "library", + "name": "fs.stat", + "group": "@nodelib", + "version": "2.0.5", + "bom-ref": "@nodelib/fs.stat@2.0.5", + "description": "Get the status of a file with some features", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.stat@2.0.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "46484f3e9db3aea0c0400ff68cd867ced70f025bfae17761229edaef8e78039a2f23b06e93182decc5fbb9dc00bb7ce0d437293d4d2bcf7555d5279aaaf638f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.stat" + } + ] + }, + { + "type": "library", + "name": "fs.walk", + "group": "@nodelib", + "version": "1.2.8", + "bom-ref": "@nodelib/fs.walk@1.2.8", + "description": "A library for efficiently walking a directory recursively", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.walk@1.2.8#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0607e53196059c810920c28f067041b07a6a1316ddc520ef5a6da6c199a1b05c8a01299f864f2d293f5f396de1a0ecb96287f3521d25765c0b35967ce7a1c4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.walk" + } + ] + }, + { + "type": "library", + "name": "is-glob", + "version": "4.0.3", + "bom-ref": "is-glob@4.0.3", + "author": "Jon Schlinkert", + "description": "Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-glob@4.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/is-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/is-glob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/is-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e9526b21c7dfa66013b6568658bba56df884d6cd97c3a3bf92959a4243e2105d0f7b61f137e4f6f61ab0b33e99758e6611648197f184b4a7af046be1e9524a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-glob" + } + ] + }, + { + "type": "library", + "name": "merge2", + "version": "1.4.1", + "bom-ref": "merge2@1.4.1", + "description": "Merge multiple streams into one stream in sequence or parallel.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge2@1.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/teambition/merge2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/teambition/merge2", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/teambition/merge2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2aed51203095b827cb5c7d53f2f20d3d35c43065d6f0144aa17bf5999282338e7ff74c60f0b4e098b571b10373bcb4fce97330820e0bfe3f63f9cb4d1924e3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge2" + } + ] + }, + { + "type": "library", + "name": "micromatch", + "version": "4.0.5", + "bom-ref": "micromatch@4.0.5", + "author": "Jon Schlinkert", + "description": "Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/micromatch@4.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/micromatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/micromatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/micromatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0cccbe1117045b6abc6763e8f96357bb0ddce586944858c03b91ac26a7c497b523bed22e14a3ba66b2af708b5dcbdf1dc05236375b60df334874a6904fe68d74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/micromatch" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "6.0.2", + "bom-ref": "glob-parent@6.0.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@6.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f1c08f043a1550816a7a8832feddbd2bf3a7f877a017eb3494e791df078c9d084b972d773915c61e3aefa79c67ed4b84c48eeff5d6bb782893d33206df9afe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "jiti", + "version": "1.21.0", + "bom-ref": "jiti@1.21.0", + "description": "Runtime typescript and ESM support for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jiti@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/unjs/jiti.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/unjs/jiti#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/unjs/jiti/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jiti/-/jiti-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "805a8021bb8acb2b28ff71b6aa188ed8e33ab2163a10f3ff474fa69036f2b29c4a6b387c0570c2e45885b148e573381d373fef7eb6b475adb2f9a1ebbac2c6fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jiti" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "2.1.0", + "bom-ref": "lilconfig@2.1.0", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad58eb7f187cee5319cb2b107a764f3546839ea0d78781bad78ae1a4e32c85e6a951cfe888556bb9e84d9fa861c5ad7cf440d5212c1ffc9caaaf447eba24a19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "braces", + "version": "3.0.2", + "bom-ref": "braces@3.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/braces@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/braces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/braces", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/braces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fcba6f8bd51cccdd60d2cef866ea0233d727d36c1b7a61395c10a02fb26a82659170e3acfadba9558fd8f5c843d6df71f91fe94142964c3f593c97eefc1dad0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/braces" + } + ] + }, + { + "type": "library", + "name": "picomatch", + "version": "2.3.1", + "bom-ref": "picomatch@2.3.1", + "author": "Jon Schlinkert", + "description": "Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/picomatch@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/picomatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/picomatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/picomatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "254ded7874cd8e6136542185cee63c117cc20d5c04a81d9af1fb08bf0692b4784058911e55dd68d500fcd0253af997445d748b6d2b2e2f0263902056a9141454" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picomatch" + } + ] + }, + { + "type": "library", + "name": "normalize-path", + "version": "3.0.0", + "bom-ref": "normalize-path@3.0.0", + "author": "Jon Schlinkert", + "description": "Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-path@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/normalize-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9e66ce4bb375ad0a2b075a9f52d86532f1daa4a468b80554b3dc66aa884e9ecee6f4e75d844b3b57530501e82e8829b4246363e76ff983e166288c24707302c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-path" + } + ] + }, + { + "type": "library", + "name": "object-hash", + "version": "3.0.0", + "bom-ref": "object-hash@3.0.0", + "author": "Scott Puleo", + "description": "Generate hashes from javascript objects in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-hash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/puleos/object-hash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/puleos/object-hash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/puleos/object-hash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4529fd17af0f8c7f47aad96db129ea602d575e859ef418eee7edb5dd1f7c70d1adb5a83dabdc80393cdd6ecaaf21aeda366e567df059169598af6696ae495603" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-hash" + } + ] + }, + { + "type": "library", + "name": "picocolors", + "version": "1.0.0", + "bom-ref": "picocolors@1.0.0", + "author": "Alexey Raspopov", + "description": "The tiniest and the fastest library for terminal output formatting with ANSI colors", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/picocolors@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexeyraspopov/picocolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5fca0ae84cb947bbaeb38b6e95a130eff324609b415c71e72cb2da3e321b19d03fc3196dac9bc13c0235bb354e5555346de46c5b799e6a06e26bf87c8b6248d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picocolors" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "15.1.0", + "bom-ref": "postcss-import@15.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@15.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-15.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "869afe274e41d855585005c778ad58c88dbaec9fdd0c384c53a07a722be6f21498d636099c15f1cca0ca0ecc33266b4b1ebcab8e19c38eaaa9ff8f6df0500b7b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-value-parser", + "version": "4.2.0", + "bom-ref": "postcss-value-parser@4.2.0", + "author": "Bogdan Chadkin", + "description": "Transforms css values and at-rule params into the tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-value-parser@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/postcss-value-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4d342b3abaeadf9156de5c6e12f09153f6dd7d9b8e480a789ff3358b779a0f499e74427c0c7caf87de3bf8d3c7788f0ffb06db6fe5ac52e48887a0b69534779" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-value-parser" + } + ] + }, + { + "type": "library", + "name": "postcss", + "version": "8.4.38", + "bom-ref": "postcss@8.4.38", + "author": "Andrey Sitnik", + "description": "Tool for transforming styles with JS plugins", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss@8.4.38", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://postcss.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a0969764d370527d7907a106b76ffa2e96ba2d024c2b94b0d148e6fd0f46cdf3a15d47213d969a52a77dda1cd3e005ad09282a01f9dac52d9910a1145869ee4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss" + } + ] + }, + { + "type": "library", + "name": "read-cache", + "version": "1.0.0", + "bom-ref": "read-cache@1.0.0", + "author": "Bogdan Chadkin", + "description": "Reads and caches the entire contents of a file until it is modified", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-cache@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/read-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/read-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/read-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-cache/-/read-cache-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b076ffc5b7b2233a09bf8b4c6f3436752eb4403517dec386f6a6b1773963102f12dfbb76d2f055610acad208c2b8951e7a63dc9af804e1a13a43093c429a944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-cache" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9d82c018f9f4e7befee423b69ac5bab058d6f4007881d2a04ef3d3d928f9284e618e81d6eb1c3283fb40765f8b937c9fc54f5474f6bf604ec8d48cd268b6ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "resolve", + "version": "1.22.8", + "bom-ref": "resolve@1.22.8", + "author": "James Halliday", + "description": "resolve like require.resolve() on behalf of files asynchronously and synchronously", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve@1.22.8", + "externalReferences": [ + { + "url": "git://github.com/browserify/resolve.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserify/resolve#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserify/resolve/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a59e3c2c6aa5de8594bbc6575554d31edb90f9a608da25c738cc7f835cce80e741c216ac017e70fb599f98ba9fe45f0f677d8b4b73a4a9c6e98935ebcc88cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve" + } + ] + }, + { + "type": "library", + "name": "postcss-js", + "version": "4.0.1", + "bom-ref": "postcss-js@4.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS for CSS-in-JS and styles in JS objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-js@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-js/-/postcss-js-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7432c5f2910ed7dd6124cb651c53d16bcc6c8b31da33cd8c2df364507754b55115ded813a79a23fbca9b12a60ce7b48b7dcef82926f0fffe1278999ad8b45523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-js" + } + ] + }, + { + "type": "library", + "name": "camelcase-css", + "version": "2.0.1", + "bom-ref": "camelcase-css@2.0.1", + "author": "Steven Vachon", + "description": "Convert a kebab-cased CSS property into a camelCased DOM property.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase-css@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/stevenvachon/camelcase-css.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40e4af7af86c9628e0630471e91bfbcca74c17c95b466c7eb901b1dbebc373e288fde067b32f648ade5a8f6dc0806bb7a5ae2df408306e75d6a92fa2398fb668" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase-css" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "4.0.2", + "bom-ref": "postcss-load-config@4.0.2", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2561c8918bd34c0c5683d4cc05409db1285b2a91c648efeb8b54978dbb48a9cfac436daba849c14a23ae8333d9507e43579d9a2e087eb00fa5a9a2e5556031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config" + } + ], + "components": [ + { + "type": "library", + "name": "lilconfig", + "version": "3.1.1", + "bom-ref": "postcss-load-config@4.0.2|lilconfig@3.1.1", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5f297fb9f2bc74dc92e9cf5825755d4357535a62bb4d72d9bec04c9d29a6452493ca1ca95581ad88c9042c070e30ff65671fcab0343f880a8735868b910835" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config/node_modules/lilconfig" + } + ] + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "10.9.2", + "bom-ref": "ts-node@10.9.2", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@10.9.2", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://typestrong.org/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f4145a4875c1e09fccdc3d26dfd5d45ebf0b74e3b60c9da889337bb6c3645ec2b07e7e86ffcde3d972b3b24282cc30eeda04875d2dc40810ae5d62390b9c6ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node" + } + ], + "components": [ + { + "type": "library", + "name": "arg", + "version": "4.1.3", + "bom-ref": "ts-node@10.9.2|arg@4.1.3", + "author": "Josh Junon", + "description": "Another simple argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@4.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c4bd403a86d17c76ed8c0f4adf5f2718af8d8978df6602c1f0cc7d9fbbd5102a52b65e7fb2eb2906772c72cec024b814b341a653f9df7671f3de5278e087bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node/node_modules/arg" + } + ] + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "2.4.3", + "bom-ref": "yaml@2.4.3", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b27b609b18fca3b0c4ee0fd08bad1caa92c10371c6dd24dc0c0d243be59f074e6310a85931b63bba6366dab06942fb26675ebf94f5c22465b6ebbd9d80e524ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.1", + "bom-ref": "postcss-nested@6.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "984a78c4f322e5b49688c6ec8283df70fef896c58b1e441b65cdec63e8d661deb9094c17ad4693a747e63696b4d597044ca94881474537f3294b6c59b6a2fd75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03445526b5fe21491565b5b70a5ae8456bab7ab70586279ebc7077f2caf6fa5f5e50294caa899edcb9849a7865372fb932bd8460de81d8a6b0f7061d77e5478b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-selector-parser" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd36ff25c8cad75d67352706a1be4c36db27b4d3356823540e2a41fd39306458720ebac4e3b48ec7fd7cc05d9b6e381cdd9cc248a5b54f99ede446c5a00cff56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cssesc" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f0f9ab5b97c85c49a42acb9c27359c79eade039ae83641a1c008888d93692080ed5089d5424331a802cc891736c5187c3d5d68afff2d3110f318886eb1ed73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/util-deprecate" + } + ] + }, + { + "type": "library", + "name": "nanoid", + "version": "3.3.7", + "bom-ref": "nanoid@3.3.7", + "author": "Andrey Sitnik", + "description": "A tiny (116 bytes), secure URL-friendly unique string ID generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nanoid@3.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/ai/nanoid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ai/nanoid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ai/nanoid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "792469a6370f21ab5120c0b553a52780ff1715ccfc31058641db75313050ecd6809af5c37ef3716ef595df1db2e8274451c8824ac0c70d065b858681f10128da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nanoid" + } + ] + }, + { + "type": "library", + "name": "source-map-js", + "version": "1.2.0", + "bom-ref": "source-map-js@1.2.0", + "author": "Valentin 7rulnik Semirulnik", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map-js@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/7rulnik/source-map-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad256f25bd20344d71298624686b0b0292c9e57fc4b2be617322196da801e5b9777cf2990277e7172551d30f0742af4233c29b529b4df9207424b54bb541432" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-js" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "847ac88ef66c7ed3acbca4a7d9345897adf3bf1b201342bed2660ca07ea00f8a264792160762b29e2bc141cce8dfec05d5c0a48f3be9b6723d434b0f53aea297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-core-module" + } + ] + }, + { + "type": "library", + "name": "path-parse", + "version": "1.0.7", + "bom-ref": "path-parse@1.0.7", + "author": "Javier Blanco", + "description": "Node.js path.parse() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-parse@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jbgutierrez/path-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c32733d510410f47ecb8f33f7703411dd325dbf29001c865a8fe4e5861d620a58dbfd84b0eb24b09aeaee5387c6bcab54e9f57a31baa00a7c6a1bce2100fcb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-parse" + } + ] + }, + { + "type": "library", + "name": "supports-preserve-symlinks-flag", + "version": "1.0.0", + "bom-ref": "supports-preserve-symlinks-flag@1.0.0", + "author": "Jordan Harband", + "description": "Determine if the current node version supports the `--preserve-symlinks` flag.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/node-supports-preserve-symlinks-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2dd169d74bd7e076480871e3dee911cd935580f3e9ae3dae9c4a3791dd5f0adbbabd041d6b4c4dd1d69ec7bf4cf567201cf2ce95beff0323259febcd4c02dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-preserve-symlinks-flag" + } + ] + }, + { + "type": "library", + "name": "sucrase", + "version": "3.35.0", + "bom-ref": "sucrase@3.35.0", + "author": "Alan Pierce", + "description": "Super-fast alternative to Babel for when you can target modern JS runtimes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sucrase@3.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/alangpierce/sucrase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alangpierce/sucrase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alangpierce/sucrase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sucrase/-/sucrase-3.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f046d50e2bbd88dfe7112c31792c4329ed1dba7b5ad463a51ee7e64925f1303db3dbfb4c6690cca6f5d01ac73e6a31a8f32dae6149a2c5a49151cfd03e843418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase" + } + ], + "components": [ + { + "type": "library", + "name": "commander", + "version": "4.1.1", + "bom-ref": "sucrase@3.35.0|commander@4.1.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e2a6f31864cc08f3171f01dafe4e0074febb9a5141cd9409ad95abd8d82ffdf5a36c22f66c4103b2c816cdec5795520b8f73ea91217db3142ef4a12a3dba58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "sucrase@3.35.0|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "sucrase@3.35.0|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "gen-mapping", + "group": "@jridgewell", + "version": "0.3.5", + "bom-ref": "@jridgewell/gen-mapping@0.3.5", + "author": "Justin Ridgewell", + "description": "Generate source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/gen-mapping@0.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/gen-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2332fc66810320145613394271184e682ba963237981d20af90e9f6c574f0e0e87a97ea3a6422d9fb0c52295bd2d0cd71ba0dff6c03bf8e2a7ab4aa5cff19a42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/gen-mapping" + } + ] + }, + { + "type": "library", + "name": "set-array", + "group": "@jridgewell", + "version": "1.2.1", + "bom-ref": "@jridgewell/set-array@1.2.1", + "author": "Justin Ridgewell", + "description": "Like a Set, but provides the index of the `key` in the backing array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/set-array@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/set-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/set-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/set-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47c80b45365eca9d37ca6ccfffa2e297fdbcb46786133871d6ada4ef4dca19644023555dbcf217746ef4549736a40330dcd03a24a2f986116ed6c257d0c9e7fc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/set-array" + } + ] + }, + { + "type": "library", + "name": "sourcemap-codec", + "group": "@jridgewell", + "version": "1.4.15", + "bom-ref": "@jridgewell/sourcemap-codec@1.4.15", + "author": "Rich Harris", + "description": "Encode/decode sourcemap mappings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/sourcemap-codec@1.4.15", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/sourcemap-codec.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "785dabc4246e9442971d34620eb0f2e9eacc616a8dc382cf750f14400e21baec5a42c55e44f165da833ca031b130584951665ff4c7292ed25ab030d96ff0697a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/sourcemap-codec" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.25", + "bom-ref": "@jridgewell/trace-mapping@0.3.25", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.25", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bcd93a684c326c6b5ac169b2fcfcf09c60ce8c290b5920f6c2abe3186020380c02196c926177d8a31b74d082644c5fbc2dbe7b0f039bdc06b4a3d080a5ea6261" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cc28352722d7ba6df6f99d6bfb57f71a235ebd38782fc236fb5785a4794bdb410763af9ad62aa1c588a59bfdf70ec01f82cc14fea9b5a3be3f8357046c92922" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child" + } + ], + "components": [ + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "foreground-child@3.1.1|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child/node_modules/signal-exit" + } + ] + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8910cf24a50f544343edd1cf3bcae46ce9cfa720f281c0c5b568e9796342832f163f6ad77315cbf13b2445e425e8eac1d86efe509ada82cd6ad7916e75cec6eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cross-spawn" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "377c824bf35e82c381a2473c18074cf147267ec2a2492f1c8a985e0ff9e2bf3afbd341fe9ec30ec498d09efc0e711615b8591d1f4c0652f5b659b5c69ab6466d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jackspeak" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc8dc8da6d76a578e1bd0d0d3e0115d66414df9cfe16340ab3ba224aee5978e009b118abff2763384cf8f18d8df39c109fbc15c5cee726d6dc1dc85c9b16a10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e72ce091def8dc63c6dea0d2ed723679fe7c67d9a7e6304ea586b0eb79ba24a8c6a9f976de5bc9fd4d7a4f0cea9d18ae6a708de84f418a4d6eb00bb10c895a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f5f03689b17494936fb8da9bfc98bb398c94f686a164144e23db5c0e9a06d4aac67684bef636c514efce60f515e0a37b3464d815978d93887a7766d3affd5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8aae9e55523ae274104d162ad8ab44836776b94ecb125853270b07e18cc81d9b21c658199acff021ce15a03413946fc8bd522b04a1b4e82ad99e9d2abfb86471" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f933ce797ca6f64ac7cc222145a15ac0047242f10b47c15c7e98758fdd0704a811d889e9e3e5d1d28236f1b42d161195d8b78c1c0faceb4049433e116e6607c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b22ed0588eb350cab9e9b11216f6a0b66ccc7463ada317d1f927b3d753286df73bb66f9591472493d6d6d9479f7d319551b3a4b31992c34000da0b3c83bd4d09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cdefdf2015f417faf8b0dd1ef2ac6591aa7acdda84641245238e5e09367e04f06c716e3b46dc56eb108218de5f3f86bc14c0878266f8b842e3933f8304ad5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-styles" + } + ] + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width-cjs" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3128d8cdc58d380d1ec001e9cf4331a5816fc20eb28f2d4d1b7c6d7a8ab3eb8e150a8fd13e09ebd7f186b7e89cde2253cd0f04bb74dd335e126b09d5526184e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf29a6e7ebbeb02b125b20fda8d69e8d5dc316f84229c94a762cd868952e1c0f3744b8dbee74ae1a775d0871afd2193e298ec130096c59e2b851e83a115e9742" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23cf1361959cf578981d1438ff7739ae38df8248e12f25b696e18885e18445b350e8e63bc93c9b6a74a90d765af32ed550ff589837186be7b2ab871aee22ea58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eastasianwidth" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aae2505e54d25062f62c7f52517a3c570b18e2ca1a9e1828e8b3529bce04d4b05c13cb373b4c29762473c91f73fd9649325316bf7eea38e6fda5d26531410a15" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdb07dac22404f5adb8e25436f686a2851cd60bc60b64f0d511c59dc86700f717a36dc5b5d94029e74a2d4b931f880e885d3e5169db6db05402c885e64941212" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb55648dd0f44012cfa1d1ab2547aa6ab1fc54022f40e0c86f087d5e93f94b28ac7fb628420b0928f345a2aa8b425bbe550fed552b21311ea5a0f327f14f9d3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@pkgjs/parseargs" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2aa5a1f957217f170c3510098e3dad9ec48974d6c7b1582790185336b5bb023568e8ebcbb71c3ccdf4fda0bc35252a21945cc9f230a84e06a85ef27e907b7a7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.10.2", + "bom-ref": "path-scurry@1.10.2", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef14dabcdcb94505e7b2300dbd5bcc9048ef9683a29e4023bff67a225773f6fd918a767848129358539545b685f29d2fa479f28d5fd4c0d0dd2ae52fe8ce6a70" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry" + } + ], + "components": [ + { + "type": "library", + "name": "lru-cache", + "version": "10.2.0", + "bom-ref": "path-scurry@1.10.2|lru-cache@10.2.0", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9b20cf31f9501fe894f86ca0258d2d6a51680cb2a6513c6252e8549a84830f56f72d70d872569ec026eeeabb1396f63c24af205178a658e6d639258bf69ffed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "path-scurry@1.10.2|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "lines-and-columns", + "version": "1.2.4", + "bom-ref": "lines-and-columns@1.2.4", + "author": "Brian Donovan", + "description": "Maps lines and columns to character offsets and back.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lines-and-columns@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/eventualbuddha/lines-and-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef297295eb1943f3d5dbd8e110397751f8e8e995fb802a89af917b3caaea73ddefedfcd2ca6b75069c0453c9c0517b3cab3cefaa16e384ae50660e8cb7f1e406" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lines-and-columns" + } + ] + }, + { + "type": "library", + "name": "mz", + "version": "2.7.0", + "bom-ref": "mz@2.7.0", + "author": "Jonathan Ong", + "description": "modernize node.js to current ECMAScript standards", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mz@2.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/normalize/mz.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/normalize/mz#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/normalize/mz/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfcd4634eee79d830486b1a1f4b7b29a8138f98af45a7e4c70721930ae5c7d00a5f8d0d7d3cb0266051cf7fe8c1e78bd216b852e6d59dc74c25eedb3f5f37ad9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mz" + } + ] + }, + { + "type": "library", + "name": "any-promise", + "version": "1.3.0", + "bom-ref": "any-promise@1.3.0", + "author": "Kevin Beaty", + "description": "Resolve any installed ES6 compatible promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/any-promise@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevinbeaty/any-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/kevinbeaty/any-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevinbeaty/any-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed4be629a95646dd708232f546b1b1a12256ff44191487a0a5e1af646f648e9f2fad1bb9e574c76f09eaab61a95e6f6e2db72e8719b722a5fd381e0c651d5bd8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/any-promise" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.1.1", + "bom-ref": "object-assign@4.1.1", + "author": "Sindre Sorhus", + "description": "ES2015 `Object.assign()` ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac98134279149c7d6c170f324fa552537cc3dec5a6bbab19848b1e63c557f8646edcfe85ec5bbe24d0e85df9251256cb2529dcdc55101d57b8714e618fe05c52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "thenify-all", + "version": "1.6.0", + "bom-ref": "thenify-all@1.6.0", + "author": "Jonathan Ong", + "description": "Promisifies all the selected functions in an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify-all@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify-all.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify-all#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify-all/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44dc501ffa88f3fb77b615c90f072cb543b8cdeaa8eb8f94cbffac355441c785e7d8e5fe399f683fe8899cd16aa6516b6b665455e28249ada85568b74f8b9598" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify-all" + } + ] + }, + { + "type": "library", + "name": "thenify", + "version": "3.3.1", + "bom-ref": "thenify@3.3.1", + "author": "Jonathan Ong", + "description": "Promisify a callback-based function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "455652215e481b5d079377a7a2dae1bf3d13f5e9ba7321c12e41ff60066e2aa77c85190a8527c218870fd8a518d043f19ddcc034198d965cd63f06a4f9b85e4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify" + } + ] + }, + { + "type": "library", + "name": "pirates", + "version": "4.0.6", + "bom-ref": "pirates@4.0.6", + "author": "Ari Porad", + "description": "Properly hijack require, i.e., properly define require hooks and customizations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pirates@4.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/danez/pirates.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/danez/pirates#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/danez/pirates/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1a2ec1fb59e6183e20f6e4b0ee2d1458fe2fba1da3d8afa1b539494ddfda2dce4493c4a9ee6d1f514f14b7fca939d2cd60d894e01705900d0ca9942e7f48766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pirates" + } + ] + }, + { + "type": "library", + "name": "ts-interface-checker", + "version": "0.1.13", + "bom-ref": "ts-interface-checker@0.1.13", + "author": "Dmitry S, Grist Labs", + "description": "Runtime library to validate data against TypeScript interfaces", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ts-interface-checker@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/gristlabs/ts-interface-checker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-interface-checker/-/ts-interface-checker-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63f6abbdb9feaebcf72422a5f42e2454d7d37d29b6fe6129e454b3e44b194803463d2950ae9448e4ce0f285fa6267139da338ef743e73d273752bddb4d0c3480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-interface-checker" + } + ] + }, + { + "type": "library", + "name": "tw-elements", + "version": "1.1.0", + "bom-ref": "tw-elements@1.1.0", + "author": "MDBootstrap", + "licenses": [ + { + "license": { + "name": "AGPL" + } + } + ], + "purl": "pkg:npm/tw-elements@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/Tailwind-Elements.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwind-elements.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/Tailwind-Elements/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tw-elements/-/tw-elements-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "214afd616da5f7da13559c6e563420eaba6e0a9a3a559a9b68a19899950d555b2849553f9633e9909018d8f9ff9a8ae55f028f84ff4c4cf3503255a8b2a1cbe3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements" + } + ], + "components": [ + { + "type": "library", + "name": "tailwindcss", + "version": "3.3.0", + "bom-ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e5e5171f98724949f245e20807e4fc5332af83e6f5c938efb1b49bfbacdb7e3856e8f7e79229a040c1e5498602c4a94c19abfb86618f35b4e09b855e46ff7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "14.1.0", + "bom-ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@14.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-14.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e5c08f95826e1212539b1553e94c84fb494ed1dea9362fb3f276e31ca2489a54ab96bfd77f53e1a6fd001df0d0cbbb291359391cae339e0f63e9d6b31e0531b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "3.1.4", + "bom-ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e8388ce04eefe1ca13138bb303c53ffd686d3f0ca18a29b77b28c43050a7529cdbae42bdc091e02834f6991f876ed4ab77f36e6d56984cea52a63525f0d41e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "tw-elements@1.1.0|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.0", + "bom-ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0391a9aaacf7269010ec2e7faf40322bb6449b364bf9003fccdf6db24a8f64a85902218925ca6db11265a4c28f98dffa99a37e2dcc43cd530e32ef230276fe7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-nested" + } + ] + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@popperjs", + "version": "2.11.8", + "bom-ref": "@popperjs/core@2.11.8", + "author": "Federico Zivolo", + "description": "Tooltip and Popover Positioning Engine", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40popperjs/core@2.11.8", + "externalReferences": [ + { + "url": "git+https://github.com/popperjs/popper-core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/popperjs/popper-core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/popperjs/popper-core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f5b2dd1a92c0ab9fdb06661a7c18c63006742c6ef016b19017e38a1734dbcb1c6a8039ca15c668d98a886cb7043b4aa2a76d1e3b6a474d8beba57960fcfa0e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@popperjs/core" + } + ] + }, + { + "type": "library", + "name": "chart.js", + "version": "3.9.1", + "bom-ref": "chart.js@3.9.1", + "description": "Simple HTML5 charts using the canvas element.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chart.js@3.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/Chart.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.chartjs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/Chart.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chart.js/-/chart.js-3.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "468d896cb9af83cde05c5e45e2c9e2690fa54db4afd7c13e4c87f670e7a21f522a7763c614eb5e9be0d4b9f319b02270144ef2c0f3a97d7141c114c6abb761eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chart.js" + } + ] + }, + { + "type": "library", + "name": "chartjs-plugin-datalabels", + "version": "2.2.0", + "bom-ref": "chartjs-plugin-datalabels@2.2.0", + "description": "Chart.js plugin to display labels on data elements", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chartjs-plugin-datalabels@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/chartjs-plugin-datalabels.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://chartjs-plugin-datalabels.netlify.app", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/chartjs-plugin-datalabels/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chartjs-plugin-datalabels/-/chartjs-plugin-datalabels-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d78654df4947ee7f3da2af80e1b59a24f9c01bc6bb65393b74a7f8f1803332f26342d8eb820e43a64f5ff8b6e3085e9ba71dd10064de2f5dc85e929063246f97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chartjs-plugin-datalabels" + } + ] + }, + { + "type": "library", + "name": "deepmerge", + "version": "4.3.1", + "bom-ref": "deepmerge@4.3.1", + "description": "A library for deep (recursive) merging of Javascript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deepmerge@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/TehShrike/deepmerge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dec52a6cc11cefb5eaa5d34eec547246883e796de987e19809b8feacafae63244cbb0b15cb4acc895b4f9fe40994a16f58fff53d8a5aa6a627d0c7b6927167f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deepmerge" + } + ] + }, + { + "type": "library", + "name": "detect-autofill", + "version": "1.1.4", + "bom-ref": "detect-autofill@1.1.4", + "author": "Matteo Badini", + "description": "Small javascript library to detect and even prevent browsers autofill of form elements. Usefull for implementing floating labels or applying custom logics/styles.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-autofill@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/matteobad/detect-autofill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-autofill/-/detect-autofill-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad081430091fdb7929c00d09810bb0b8b53b9e0419180a5e964a97c652460a3bff8cccfc6a6068fa1b832f1f370a987d600932be56e9d7daf69a82f9115cfbc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-autofill" + } + ] + }, + { + "type": "library", + "name": "custom-event-polyfill", + "version": "1.0.7", + "bom-ref": "custom-event-polyfill@1.0.7", + "author": "Evan Krambuhl", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/custom-event-polyfill@1.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumarharsh/custom-event-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/custom-event-polyfill/-/custom-event-polyfill-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c30e47790e4699c5914cf29fb5237c8096f337ad2af5c1bace9621b8c898b08a731937ccff8862fb05394392b25c6139a05126f8cb054273765a52d3ad0bbeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/custom-event-polyfill" + } + ] + }, + { + "type": "library", + "name": "perfect-scrollbar", + "version": "1.5.5", + "bom-ref": "perfect-scrollbar@1.5.5", + "author": "Hyunje Jun", + "description": "Minimalistic but perfect custom scrollbar plugin", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/perfect-scrollbar@1.5.5", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/perfect-scrollbar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://perfectscrollbar.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/perfect-scrollbar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/perfect-scrollbar/-/perfect-scrollbar-1.5.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7736a57eeb723f77bf14ea5d96156bc8de002795c355ab955b1c9b4a42d999a905136b12df2de97382674a9af0f2d1a61ef91a1b911daf94fb2c14d9f96594da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/perfect-scrollbar" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74ecbedc0b96ddadb035b64722e319a537208c6b8b53fb812ffb9b71917d3976c3a3c7dfe0ef32569e417f479f4bcb84a18a39ab8171edd63d3a04065e002c40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "version": "5.1.1", + "bom-ref": "quick-lru@5.1.1", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/quick-lru@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5aec802d18d63c31adb7fc3326269d3b901763ef2167cd215697ba3328af82b691116ef9d57dd26e146f1b778b28e60dfbc544bea2dc7f7c1d9ede386784b848" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/quick-lru" + } + ] + }, + { + "type": "library", + "name": "validator", + "version": "13.12.0", + "bom-ref": "validator@13.12.0", + "author": "Chris O'Hara", + "description": "String validation and sanitization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/validator@13.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/validatorjs/validator.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/validatorjs/validator.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/validatorjs/validator.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73543498288f960753555548248ac1bb136271813eb7fee829e23d3162e3ddf87fbaad8fc61ff779e59b559e0e7065b54d47f9dc0b749e31f0e5231d037b6632" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validator" + } + ] + }, + { + "type": "library", + "name": "winston", + "version": "3.13.0", + "bom-ref": "winston@3.13.0", + "author": "Charlie Robbins", + "description": "A logger for just about everything.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston@3.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/winston.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af089d980d70dd21388f413932e22e7c587224f0431bb36eef5464668af5a76faa1ef25267d1980c0f3503295e41c65b87ff95e878de05d7e74d9266f6b49e41" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston" + } + ] + }, + { + "type": "library", + "name": "xml-formatter", + "version": "3.6.2", + "bom-ref": "xml-formatter@3.6.2", + "author": "Chris Bottin", + "description": "Converts a XML string into a human readable format (pretty print) while respecting the xml:space attribute", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-formatter@3.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-formatter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-formatter/-/xml-formatter-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a75a17af64d3b07df645521ce5d5631c85af2514b654809ecdcc5b39520e193850a8361786617cf527d233fdef9c4e7f6b0a4b93d46c1369ccfe6259851ce1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-formatter" + } + ] + }, + { + "type": "library", + "name": "xml-parser-xo", + "version": "4.1.1", + "bom-ref": "xml-parser-xo@4.1.1", + "author": "Chris Bottin", + "description": "Parse a XML string into a proprietary syntax tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-parser-xo@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-parser-xo/-/xml-parser-xo-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a07f6cbdd3e63a7bd20ae61a0fb9e99b547274dcf84349d8657449a0cdb8a1ceef64d17068d2c7dc1716928b85b53e5512488d6893e309d09097527f94e0897" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-parser-xo" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "version": "0.6.2", + "bom-ref": "xml2js@0.6.2", + "author": "Marek Kubica", + "description": "Simple XML to JavaScript object converter.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml2js@0.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/Leonidas-from-XIV/node-xml2js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f8ae2787682d445dc112d0ac718f825681a5101c393eab01dc60e0851df8b02b3eed3953cbabb1e3abd74cd5608c87296a3047cfee131c3880a1be8b6265e80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml2js" + } + ] + }, + { + "type": "library", + "name": "heimdall-lite", + "group": "@mitre", + "version": "2.10.9", + "bom-ref": "@mitre/heimdall-lite@2.10.9", + "description": "Heimdall-Lite 2 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load locally or from S3 and other data sources.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/heimdall-lite@2.10.9", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/heimdall-lite/-/heimdall-lite-2.10.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2461c6dd654cc64d0fe72259a9ce9c523f6cc15b5f4dab68a0b6408109cca569420a5f72a47f4d15c350a49f04c5300a91b4c4aa9d260f00155d13e8d4cec663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/heimdall-lite" + } + ] + }, + { + "type": "library", + "name": "express", + "version": "4.19.2", + "bom-ref": "express@4.19.2", + "author": "TJ Holowaychuk", + "description": "Fast, unopinionated, minimalist web framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/express@4.19.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/express.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://expressjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/express/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e53ea7863b13f8438ccee724f098c11c04531df321b743cece503ad16576a4c0f78325f0d8b66767eb9e19d3711bed1c6a538971629ba4572eccb67dd585aaf5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "express@4.19.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "express@4.19.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "inspec-objects", + "group": "@mitre", + "version": "1.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1", + "author": "The MITRE Security Automation Framework", + "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/inspec-objects@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/ts-inspec-objects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/inspec-objects/-/inspec-objects-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a7136eb75cf5d4548971c289f5e7466f82a8cf013f3f797022b0b49b04307009b52f45647794525979c232788ae0db3f437334472066b39cea8733e4fcd8038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects" + } + ], + "components": [ + { + "type": "library", + "name": "fast-xml-parser", + "version": "3.21.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "author": "Amit Gupta", + "description": "Validate XML or Parse XML to JS/JSON very fast without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@3.21.1", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1531558d8a013994c97a4894b1ac06b12615f502f403ecc3602463ef2df820ee8983ed8831812d41af9b6e272da5da55f1d1f15f2c2a53b0b48110c4385b4116" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "7.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@7.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fb308980e0c4ba730ee76f2511b4b3ced539acec2e47eb4d8b4444eff79cf53313bfec23fbac355139e85461e60151810e37de0d5d70c43e666eabe857e2ca2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "4.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1abc28c5837eb969733bcba1517465d0ffa41c4e06b553df63354b714c4f2fb28d7472a3ebabef9618b07881ea6185d6970f93f222cca78d8b9baee0870e1631" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "2.8.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@2.8.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de828e87e9ef63392088698e0a1b06299811fa0f8f1d55c740525fd3f7d1605d656d9620a5344f505dd24cf678d67d8a48ca8076c4c8ac7c041e87d4bde1dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "1.4.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@1.4.1", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-renderer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "547c01dca7eb70e3a47a5106d9939fc6a2d975f92297c3ed262e0ff0dd8c317b9c66adb22e9ef90a5562525395c32a071038d8538df702afb9cd63fad7e4466a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer" + } + ], + "components": [ + { + "type": "library", + "name": "entities", + "version": "2.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@2.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7dda27f9373eb5f48d30f9a909acb647d0c5f43dbe435f7f573b0413b5749d41039a607d374b5b88429e2684e66d017af1ab85623baed84e22c1a36eb7f28f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer/node_modules/entities" + } + ] + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "3.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a2c81aa8a26af031d146d5ed24aaf01261f9e56f4969f0ce68e45c36385ab584d671c5c364f089345e6ecbc73061ba2767641fd4b41a950a0533de404e3f9d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@28.1.3#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "378193e689fc5246601f43b92d46af3115751031213532f42847d198321e647495ee9d9780ba18f6df550d480bea8fb27dd8181d5c6ecfcd46f2807d546e6ec8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@28.1.3#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "088281ae568a3b303b606d7d044a82c3748b22c1308d991e2737f96dda285675b86c7e5c92da9edc95fe1b6615d5a2b9bcff0df676b5206585cd8693a7a93a34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@28.1.3#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40f0243f913029d2bf6f122be82d48e15b34ae6da71e200dce3fd9e57d89424ad9a3a22abc2e25759f4af79b45d0776276103c068e9e8314b35053d829c1172f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@28.1.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4728e2c8c519acacff73ece53053b5a66ef40dc225493f007964e4a147597af7b0e38c1c359407b0454e88256d8159e51450fcd853da5f2732b39f1c7f69ae55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@28.1.3#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c5767f487b06ede7be7328f7f5dbce87b7d10fa099984fb3f4918f9189b7986765ed3abe77a432c41684d65db7758782621a25a94c10bce1f73cc4c5d031bee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@28.1.3#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dda9fa47c29712464a3f0b7e6e2d814cd9e991025b4820a66227d7809a18ec8f40aa64c6b4a7589bd11e5f588a86867d5ad74dc379b4dba6a21a3f5a8243ab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@28.1.3#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26e032ef093141954d53f57a83dc4acc2182e4b557c7d14370004ab125e9e4c88a3c4136d78e1afef5d3103a32ce352964a7d5c29d3c5aa83903859f4cc0338e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@28.1.3#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "919024c67484f85a84f188d6f2036ea159240bd23b4b5aa67a797cb0670338bae8a4048ff8191c18ac215e8caa42e18e19e618d32fe2c63addfe2111a445c736" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@28.1.3#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb9753e5d8bea0523a85f70b38719301f994c4546b8cafaf9da3f4924568c3d31dfcced5fccc6a40c3b3fd5576e5464ef29cde03d3e37d3a4ebba043bb048f40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@28.1.3#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aa440db6d1857fea30a8f155af02dd4a2b1e9e7a4d5520730f78b11ba5c7d27e411e5b204da69ca733fa3aabe5a6c3eb0e868b369a5df8c196d25f71b5dfffe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "1.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@1.9.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012141ba9d0ccf5bb28888c035a9f58f32d06a68bdcf53e86126428a2616d857333db7a75dce3915974164bcce4feafafa2722b8432876d982b62fa18da024d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@28.1.3#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd2f914160d771c5c32925a79076bf74fc2dfb6ab003c089cd1eb5c37168602be8a373e7f2dbc6732b26305d018f4117e5162f008d8422f0b9ece9a8b5f76d28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@28.0.2#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2cd08832348cb4cbd14af9c8e8558a316a64fb65ea3b321cea446c7b6036266909f5c2e718f6ba2d886901cf370c5d3b63ac200ffdfedff84d05efe7f13cd77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@28.1.3#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ac68e7d45895e4da77d9b7d48fc82f2003590d7dd28b9105b2cec325aaaf26b184a534a7e66717d18199f809de0c195505fbbbfa741b347794ce00a6bb88888" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@28.1.3#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "306dc836307227427802c3419bb4f786cbb1290a85222468fc052a6f5abd2d1288e5453a01aafd2476ebf48be7d535707d40fd2a2ad1a0cfd3eaef1795c40f1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@28.1.3#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34830f12aa9ae7d3169c38b592f5d7a586eab1f426489b086e777ce667551a48837d0f564104d738bb2f21251fa279a7053fb0f395848277828a01047470c5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@28.1.3#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a951a3ce116324ddc597d0cfec3ef0871c27bd7cc1406bff615c480a3fc9c57cd97f8e51a413db9cabd36a9191972c376e089612d14bd294f5300b44beac7e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@28.1.3#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "719f9e4b9cdcefd301c2df88850862129d0e78175da5cd67f0c068d67301f00ee83cc2843be4ab7bec0768b25ec50523f586bff0d3816344444948188c1e9fa3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@28.1.3#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5b7f8d1c3054c490ac847f9f3947d233d566b20e31e81eabedb345c5604ab228cddc1560e978ca2a28a4c017d2d261032874f52587c14aa6da0cd9870c5805c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@28.1.3#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97373c0a951b4a813876a4f453e835a8e0d08c14473e908f5e2b2c5c3e264bdfac5907669a9789f73487d6b4b51c492bb0c3747dbee72ab27d822011d5ddf007" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@28.1.3#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "784874c67f0796cb8e07116022cb3eda65fce55012e10cb739292357bae5056963b40e28587dfb825546c8e65266f12b0d3ff2072c1974f1b0097b93bd21bce6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@28.1.3#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e25ccc82d88d95cdc353ff2565f9aac4ddc0603e8618b6e5fbbdab741a57bdc57ec215fb983ad113390f769d919e67c8896060d586ee15291776e17625c69f26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "0.7.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "author": "Desmond Brand", + "description": "An ES6 string tag that strips indentation from multi-line strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@0.7.0", + "externalReferences": [ + { + "url": "git://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "43a7ca50faa7007032862520154ec15332e2bf491df2c687f5a97bb67bb943fa248fa767ba9c724e01480635732404dd7c8026f4d02cbd73738da29af9bc55c8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@28.1.3#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ab4f5cf8b20db2001539ba880e6d53ef4a548c4250c0e3ca30c74ec10cf0226ac5b4c98a581d83a8e071cbcfdab4055cc3554e2120b163cc9c344a8f5a08bfe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@28.0.2#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a88f6c3dfc3c526077ce9b994928275c0263c9cd05e66ccfd4ae5deb865821acfbd3dedb7eedaffea1773d6b390a98bbe88978ed57cddb116aa2fafb399e53c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@28.1.3#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2015bfd3a343a6c4747df994dbd780dfdaf371746097f20d71586513a94c394e266f7107f9b0728e6dde5470fc8b2f2a303700c03131775d6386d41ea6c65d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@28.1.3#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "910789eea1de98a7dbccaa068c71eb44a1fa6ad831324f049e493688f4375f03baa04fca603f253183b388291e481f46e1a74f3389d1d4313c4dfe497961fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@28.1.3#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354fbcf3549c05040b7352471b9789194ed48b790b2ab9b008f3ed62c26d072922c6b3363a15509693261562633320df7641a004c3635c2181fde6f3b2034643" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@28.1.3#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba03fa5ce844a6300484662fa795e3f7cf67b39701d4ae99763058b92df4ba64f80901044dac5288f719fc4d64164b57e0692b70ce2abb4ec82250d85f5829f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@28.1.3#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ffc0e90bd8f387bf9da1fa89393a3ff580e1bd1d2cb07683ed16c44252694220b5cd9f97885a67277770c88969499e91af42d99a8ea04ff79122d048a6c5f2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@28.1.3#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a372768ebe9d30c598547e0b87f34a9835dda2caec2608b802f892f285cbba3723a423016f514cb1b9439ce5ca64a7d28872f162e6f5792d081ee457b22a3d78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@28.1.3#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6755b7b538c4e9068d23dd2aa3f049a5f9efa71b5a153170e420e0c29c84fcacfc53fd3a3751e37f889af6ab94842877f6a206585d59bb1162062250c1211829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@28.1.3#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a4330e03ff451277ad8e54ed281208e7db74ccf9825ad94d96bb9cf3f71b1007533158a0ce96b9f290fc6732c374b6726595f2cf8a71d391aeb5bb44216b104" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@28.1.3#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4996ce181584b1a4f104608ea6c45695796f364bd3918d17c517e1ef3626bddf2e2f9433ca0d021c05e25ca44e7e587cd35aae03afbf0ec4f83830ed84e0bf38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@28.1.3#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9ad103b64345f342834fa2e31b09cec1bedb1e9bc7908153cd9309fd2e74be4769fc0da5433cbfd4d609e00b42d39754585c9534b896b604c0b60db4df16b1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "1.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "author": "Luke Edwards", + "description": "A tiny (813b), correct, general-purpose, and configurable \"exports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcdb691cd0cdee35a101a43d06f054619e984d7b110607ea58558fec16416a83093bf2371b9385cef4ee58d9590b768f8e29ecd45f9336b2cab066c7e2b7ec45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6884ea3b09cb6a7a472cd5d924435b3a08d405e1e8703fb1b1226636b8e8bca056e476d2a56dddd69125b3b18540f5165e2c06f7ed0fe06b477c4a82ff833423" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@28.1.1#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df06b2055362398c7473001b97daf09b990a14ff321c7dddfdf90468bd3634f4e40e88cfb6178607b1d9485638c335fe0f1cabbe15f3d0a482564b260a49c2b8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@28.1.3#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58554986742c88ab43128e651b698cd2fe344169c133eccc7471f226cf00599ec9d106494b9f4cb3229e2475a1a416411f7d92e3c14e56f1b23854f58740e5a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@28.1.3#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b78a9caa3f61cdefa3be214f50ddd802d0047859ebfdacc84d740430045fe5c330298d923014670904d72e2c53976d0e47a98b87d28b32b8152602484b29bed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "9.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@9.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04f4b8ca7256fe8f763d4478c20ae2cf651de60a524f9bf3e8641f322c440cad19f19094bf633b4a404bca41f9e93fbe5ecfbc967f734c66cebcd1887b4dbf8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "1.8.6", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@1.8.6", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2f9790092a3d94a6dcd2c17949e0efb101425ddc99e2612136861dd607f248d507e6ae9f74b85c146d8b6cedd7b9adb7498850388dc587a8266e9dad5bc125" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@28.1.3#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c55383f8a61cabc825eed696dca8c3b419241c61ed48b1a958083cd137285eb727b2c4c708c5ad75a8f343a5534b7ab7ad22d36a126618427d54633ff9c7534" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "28.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@28.1.2#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "715f0bc7705e4ad25bf22a4f1e7a95c3f20cd9508c58eddcad6673628752224c579d1717262a42771d4908ad0ae4cb09268b994131fbde6cdfe2f83145a1fdc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@28.1.3#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2f6e2f4b52b1c92e7dcd9435bac05da1bc832d77825497640d56b8eaf880521e2ae07eb477a3d46756dc7374418eda7f49c885b01e72df6f2e4acea04683660" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@28.1.3#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f11a8fd41fce5f38e34d692a317ebb8aa830055251802c8a0f72fd9eafba66a24c76f8c4f1180792da99ea336b91d313f9d26e60d237ae1429c5acfb76b2477f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@28.1.1#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "154d2215a1ff136ddaf9aef5f25f106bfd7d6c5f69d3a9201342a2a4c38c69dc1add28e768494accf6940b4be789bb3afc1ffd9e2f7bb3ad6671e8e4f16d5f43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@28.1.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe5fd55ac76dfda057823b212d6385c85b77215758ca9bb9cb65a7dab38ed6e9fa9e4a889fc48b5f38083185c5c98b11583c85e44b6198a24c21d26f934f20ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.24.51", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.24.51", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4fd4e44e9bfaddb9b3f96850d265020b534beb2c22787ef1ede84a2a1c433ed83fc6e4c2b76c86b299428b8adf09b3d81b9ece54c899e43ff4d944e2f0e2d50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@28.1.3#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae863792faefe7b0339f5c8f81d4de6cf017bdd476c5f7b368a298cd5c59e88b7fe4d0b1cc9ca6ead508e4fd7391d5a17d4624c4423db9959c41d6852e8f2625" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "28.0.8", + "bom-ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@28.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-28.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45686d255e644fcc0a62c7ca051bc44a8c0cf87a1b66f3230a393cb91d7ddf63a5bc926bceae6718d212831255b9d85268bfe7258546eb280aa87e78f89974e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@28.1.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fe7eea49be55801db41f9fbe1ca0d5f7cdfeb42d7309b1eccdbefc7c78887b88e47596e275a68c5881093517c3d8b4dabfe903830c70aab129d3152582e3dd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@28.1.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cded50a0267e79115293dda5af7c798ac04749d5fac4855196441ae43611b15dd72e1238bb43e500cd1c0abe6dbf5af9b6d7bd8402e1bf880ff4c720c714e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "4.9.5", + "bom-ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@4.9.5", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d455e4f44d879be433650ef3f8c7098872f8356d45d84cccbbd36af62df301a1aa89b69fa98c02554e96c9602ec90451cce971a2ef31652c972c437ca0a8f6e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yaml" + } + ] + } + ] + }, + { + "type": "library", + "name": "flat", + "group": "@types", + "version": "5.0.5", + "bom-ref": "@types/flat@5.0.5", + "description": "TypeScript definitions for flat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/flat@5.0.5#types/flat", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/flat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/flat/-/flat-5.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cf2e58d940a4a769ce77283503ceecdd45f188d130dbe6a3eb6fe4ab43237732d750ace9c6b0a9e21cdd62619b0910121542f7bde18ea0373db6b2021266af9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "group": "@types", + "version": "1.2.3", + "bom-ref": "@types/he@1.2.3", + "description": "TypeScript definitions for he", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/he@1.2.3#types/he", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/he", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/he/-/he-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abaeffab09716e50f3103bf31e1564c1cd60cd55b168dc5ec87501178c4496bbe32f5d4ef98b737bed5f1a904796bfc7f66ca20546945cd9cd3e6047c717c070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/he" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "group": "@types", + "version": "0.7.0", + "bom-ref": "@types/json-diff@0.7.0", + "description": "TypeScript definitions for json-diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-diff@0.7.0#types/json-diff", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-diff/-/json-diff-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db4209aaea461f2c2d21a13a7d2df48b2821ddd56a55dce6b27ad89ff545b916902b12f1fd1187e4af618427dcb55c6037b2b32659c3ee060500eacdc220a0b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-diff" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/jstoxml@2.0.4", + "description": "TypeScript definitions for jstoxml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jstoxml@2.0.4#types/jstoxml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jstoxml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jstoxml/-/jstoxml-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c750ca76b7c09f254b0ab7caa396ca595a59157af785836785fe4455f022a2350f8577798991f7b12035ed6449c6ff868965109534d9f8eb335d75254850dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jstoxml" + } + ] + }, + { + "type": "library", + "name": "lodash", + "group": "@types", + "version": "4.17.4", + "bom-ref": "@types/lodash@4.17.4", + "description": "TypeScript definitions for lodash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/lodash@4.17.4#types/lodash", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/lodash", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/lodash/-/lodash-4.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1808fdba64bc5a4f7477f6488ddbe1dc278913777535c1a23f718ee2bd662a14fea95b764da6f8ba59de8f1d9c7b4ffb7ccf4be5917320dd060b6bb0d9fc825" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/lodash" + } + ] + }, + { + "type": "library", + "name": "pretty", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/pretty@2.0.3", + "description": "TypeScript definitions for pretty", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pretty@2.0.3#types/pretty", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pretty", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pretty/-/pretty-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c51f7aa5284d96bc4b777819ab30a76da0266d88624588d6e750831637a4b597a6aa9059040024330c66e2006b6893ffc5280a72c4212d77655cec03356a3855" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pretty" + } + ] + }, + { + "type": "library", + "name": "flat", + "version": "5.0.2", + "bom-ref": "flat@5.0.2", + "author": "Hugh Kennedy", + "description": "Take a nested Javascript object and flatten it, or unflatten an object with delimited keys", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/flat@5.0.2", + "externalReferences": [ + { + "url": "git://github.com/hughsk/flat.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hughsk/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hughsk/flat/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fab2e103fb9ff7ad3a5405d1b582ea4897c30f14200c034417c269632e1bc250a714bdd138816932f73a6e1827171ceb33e09f703c6356aba38aa66233cf785" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "version": "1.2.0", + "bom-ref": "he@1.2.0", + "author": "Mathias Bynens", + "description": "A robust HTML entities encoder/decoder with full Unicode support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/he@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/he.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/he/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17fd439d418fa29391662d278be0afac28074391721001d12d2029b9858c9ab6d2c28376327ffb93e1a5dfc8099d1ef2c83664e962d7c221a877524e58d0ca1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/he" + } + ] + }, + { + "type": "library", + "name": "domelementtype", + "version": "2.3.0", + "bom-ref": "domelementtype@2.3.0", + "author": "Felix Boehm", + "description": "all the types of nodes in htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domelementtype@2.3.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domelementtype.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domelementtype#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domelementtype/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38b113063eb0d0eb1a801c1d5e73dd37472731f17da2937af5ca3eed9adb7cf1ab7693d5341523d36b298ba07537bc0284b4223e7e02487ff326f5f0e7a8261f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domelementtype" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "4.1.2", + "bom-ref": "chalk@4.1.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a9db845c91217a54b9ecfc881326c846b89db8f820e432ba173fc32f6463bfd654f73020ef5503aebc3eef1190eefed06efa48b44e7b2c3d0a9434eb58b898" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "chalk@4.1.2|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "3.0.0", + "bom-ref": "slash@3.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83d43585a79bcb7e8e492b706f89ed08618668ab1a5528d0ebc7c1c6841cbad9797d2d6fb98d7c1f7c12b778c5c85b6b931f8acf45751bce40e0cc80743322d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slash" + } + ] + }, + { + "type": "library", + "name": "v8-coverage", + "group": "@bcoe", + "version": "0.2.3", + "bom-ref": "@bcoe/v8-coverage@0.2.3", + "author": "Charles Samborski", + "description": "Helper functions for V8 coverage files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40bcoe/v8-coverage@0.2.3", + "externalReferences": [ + { + "url": "git://github.com/demurgos/v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://demurgos.github.io/v8-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/demurgos/v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21610f120780dbe73bd90786b174c1c6c046908e467316342237d2d562f2050769d25075bdb58a715ab88fad60c0488c626976b1f3744470bc6e49d9c63d9b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@bcoe/v8-coverage" + } + ] + }, + { + "type": "library", + "name": "collect-v8-coverage", + "version": "1.0.2", + "bom-ref": "collect-v8-coverage@1.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/collect-v8-coverage@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/SimenB/collect-v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "947978779fce3446cb949bda24db6c17f2f3f96bc1d3bbb6c9ca9361b76babb532a435da8a5112e2f6a561bd9e5a2245c599559a919e91faa8c50873c85753e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/collect-v8-coverage" + } + ] + }, + { + "type": "library", + "name": "exit", + "version": "0.1.2", + "bom-ref": "exit@0.1.2", + "author": "\"Cowboy\" Ben Alman", + "description": "A replacement for process.exit that ensures stdio are fully drained before exiting.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://github.com/cowboy/node-exit/blob/master/LICENSE-MIT" + } + } + ], + "purl": "pkg:npm/exit@0.1.2", + "externalReferences": [ + { + "url": "git://github.com/cowboy/node-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cowboy/node-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cowboy/node-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "664fde34a576cdb8e92b3aec43e9f51baa6855b12b4312742c13895da299d445622f31fe86b2eef5c757238cf0f5d05026c970044a5b4363f5a12ee70f1b3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exit" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "7.2.3", + "bom-ref": "glob@7.2.3", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@7.2.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c5474ccba54d9809a471c28089bcbe94bc21f6245c85548bf04cbb087f6d40b8794cb240358614dd93e2e5609b4e958b7dbfa76fb330f604646a04bfa240af5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "glob@7.2.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "glob@7.2.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45b279fe398570d342703579a3d7939c12c9fc7b33595d0fef76dcf857f89d2feb263f98692e881b288e2f45680585fe9755ab97793ade1fcaac7fa7849d17bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "version": "3.2.2", + "bom-ref": "istanbul-lib-coverage@3.2.2", + "author": "Krishnan Anantheswaran", + "description": "Data library for istanbul coverage objects", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-coverage@3.2.2#packages/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc769b05fabd1657ff0c35129f9e6aed09686e2a3c6bab6c3e8e9cc12f95192938b62de5569d63a6591c4595eb0938d99cfb02c01af29064439a9e4a342c54e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/core@7.24.4", + "author": "The Babel Team", + "description": "Babel compiler core.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/core@7.24.4#packages/babel-core", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20core%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3015653173fe924979dfde1104b4b1c64fe22d37951ae5d35777080d76af3e930caa74a7b7a6a92a06a7fd4f0edd44966425994ff4db81f12929ae2e3203780e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/core@7.24.4|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/parser@7.24.4", + "author": "The Babel Team", + "description": "A JavaScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/parser@7.24.4#packages/babel-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd3bc405c82199e0666bd4081ae9d67afbc1029e3f42ef4176afb69343ade1f54c0fabf776c0bd58e71148a93bb5147204cff9df228c264a3dc4e6ad1900304a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/parser" + } + ] + }, + { + "type": "library", + "name": "schema", + "group": "@istanbuljs", + "version": "0.1.3", + "bom-ref": "@istanbuljs/schema@0.1.3", + "author": "Corey Farrell", + "description": "Schemas describing various structures used by nyc and istanbuljs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/schema@0.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "657458e2336f56049543c0cbdcb4dc6a4680b57c13554c44f3586c96cc83d80b685d6ff05686f5d0790e2755ffa4095c23b0fed98a192a0e5da3c1bfc3a45880" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/schema" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "version": "3.0.1", + "bom-ref": "istanbul-lib-report@3.0.1", + "author": "Krishnan Anantheswaran", + "description": "Base reporting library for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-report@3.0.1#packages/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1827c4d66b6c1c63842c253c7bf67b616ce99b26ebc7ff9d4937cbaef63ca9199a63acd74ca5a7e964088da005c34ebd89c9ba19530d920bb437323888f65437" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-source-maps", + "version": "4.0.1", + "bom-ref": "istanbul-lib-source-maps@4.0.1", + "author": "Krishnan Anantheswaran", + "description": "Source maps support for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-source-maps@4.0.1#packages/istanbul-lib-source-maps", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-source-maps", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f7b3c13091d1482421b704f28162fb248171a8cbcf00473bde8248ad93ad0dc5177096d2ce4da1fb09488c457bf0628ae5d10ef5da212371607e7cafccad657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-source-maps" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "version": "3.1.7", + "bom-ref": "istanbul-reports@3.1.7", + "author": "Krishnan Anantheswaran", + "description": "istanbul reports", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-reports@3.1.7#packages/istanbul-reports", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05ec265172267ae464d986343d56f180a032b2f8513d4404d21e5044cfbe9d55b2b9b28657497ca90e68a7cf81d833a6c127badc98af8f406390f4157fc7cfe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "merge-stream", + "version": "2.0.0", + "bom-ref": "merge-stream@2.0.0", + "author": "Stephen Sugden", + "description": "Create a stream that emits events from multiple other streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-stream@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/grncdr/merge-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/grncdr/merge-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/grncdr/merge-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69bbffa8e72e3df9375113df0f39995352ca9aec3c913fb49c81ef2ab2a016bc227e897f76859c740e19aac590f0436b14a91debb31fa68fcba2f6c852c6eddf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-stream" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "8.1.1", + "bom-ref": "supports-color@8.1.1", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@8.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3295043763a876d533c6f29097bd9c505ed14391221ec1af4ac546d226bd73945b5862f6088e02ec4a4f4bc513048a659e5cd988db95e7ac3e16e371cb7b72d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "string-length", + "version": "4.0.2", + "bom-ref": "string-length@4.0.2", + "author": "Sindre Sorhus", + "description": "Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-length@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa5eab34de5f607361659cb8d515ec629b428c0d88826ab8106ee4640605408d44d554d76abafa64f5c183a7aaed8e9e2b8144858e80265cae1486ffbff4b455" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-length" + } + ] + }, + { + "type": "library", + "name": "terminal-link", + "version": "2.1.1", + "bom-ref": "terminal-link@2.1.1", + "author": "Sindre Sorhus", + "description": "Create clickable links in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/terminal-link@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/terminal-link.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d059a245440daf93c9ab2f643fb738d05e4139fa469584ebc689c30a111907ba7367144da7f6edfb29a2cbdfe7a705f26bd287f7d9c9fc65c522252460615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/terminal-link" + } + ] + }, + { + "type": "library", + "name": "ansi-escapes", + "version": "4.3.2", + "bom-ref": "ansi-escapes@4.3.2", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for manipulating the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-escapes@4.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ansi-escapes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80a5e3e402eb29640bb181bd8e54d1991ff12a5bb11d5f99f501303488027ccd7fbb03cc0aecd55678799b04ddf8eb8165cc1220c6eab2c356466d65139d5069" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-escapes" + } + ] + }, + { + "type": "library", + "name": "supports-hyperlinks", + "version": "2.3.0", + "bom-ref": "supports-hyperlinks@2.3.0", + "author": "James Talmage", + "description": "Detect if your terminal emulator supports hyperlinks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-hyperlinks@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/supports-hyperlinks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "469b00665a56703c0e3d0036d9a087e09d2decbf09980bec0b17ce484c26edc42cdcbb21377e9069393077bd039c13970d61acb30d9e52873c09a4564f45ee9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "v8-to-istanbul", + "version": "9.2.0", + "bom-ref": "v8-to-istanbul@9.2.0", + "author": "Ben Coe", + "description": "convert from v8 coverage format to istanbul's format", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/v8-to-istanbul@9.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/v8-to-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fc41ffb03831536786c5a8ca7702c20e6438156abe9298b7b829811a9c35c49b67031123943f23f0f122196a4220c22cddc88d0201f47774d3262524633c998c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-to-istanbul" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "group": "@types", + "version": "2.0.6", + "bom-ref": "@types/istanbul-lib-coverage@2.0.6", + "description": "TypeScript definitions for istanbul-lib-coverage", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6#types/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9017fb7f6ae5a6d25b32f17b4a54f1b5f6fdec48e42525efd81d981f8dbfca0411ce19257e276abf4baef5adcabdb9306b2c05e6669a8989a41b313fb3354d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-istanbul", + "version": "6.1.1", + "bom-ref": "babel-plugin-istanbul@6.1.1", + "author": "Thai Pangsakulyanont @dtinth", + "description": "A babel plugin that adds istanbul instrumentation to ES6 code", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/babel-plugin-istanbul@6.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/babel-plugin-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635210a24f7cdb5702f689c2c79a2d8057d19bb2e6f88fb0c313b1ef7f0cfd62cf67d438da6e081b95b414d5fc58b2f6818319a37264b97207d833a958cfaac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul" + } + ], + "components": [ + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "fast-json-stable-stringify", + "version": "2.1.0", + "bom-ref": "fast-json-stable-stringify@2.1.0", + "author": "James Halliday", + "description": "deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-json-stable-stringify@2.1.0", + "externalReferences": [ + { + "url": "git://github.com/epoberezkin/fast-json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96177fc05f8b93df076684c2b6556b687b5f8795d88a32236a55dc93bb1a52db9a9d20f22ccc671e149710326a1f10fb9ac47c0f4b829aa964c23095f31bf01f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-json-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "4.0.2", + "bom-ref": "write-file-atomic@4.0.2", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecac5ab947419927569e6a5a18583ea69363285f2e34baf2f0bcb38dab900ce54e35f14b34aacabd03b167f56e4c8712fe081efd835a85fe512084164d26ab96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/write-file-atomic" + } + ] + }, + { + "type": "library", + "name": "execa", + "version": "5.1.1", + "bom-ref": "execa@5.1.1", + "author": "Sindre Sorhus", + "description": "Process execution for humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/execa@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/execa.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/execa#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/execa/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e4a9659a1c01944100f20420d263dcba3d1f21a2b6595ccdcdbb121e586288e3305327f321cc0cc6941c4d89a9fab4e43ff0b9cc08e091944725edd6f721ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/execa" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "3.1.0", + "bom-ref": "p-limit@3.1.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d839a9ccdf01b0346b193767154d83c0af0e39e319d78f9aa6585d5b12801ce3e714fe897b19587ba1d7af8e9d4534776e1dcdca64c70576ec54e5773ab8945" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "co", + "version": "4.6.0", + "bom-ref": "co@4.6.0", + "description": "generator async control flow goodness", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/co@4.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/tj/co.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/co#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/co/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4156f474ce47bc6fae6b18ad9bcc0e365ee396dc7c76a85f537dc372ab4e65c2d25482920c32c38bbfb42db00a8b223c843f6ee369b66315d290c1964e169e71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/co" + } + ] + }, + { + "type": "library", + "name": "is-generator-fn", + "version": "2.1.0", + "bom-ref": "is-generator-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if something is a generator function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-generator-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-generator-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "713201e323d82ff1abc3411a4b3012ce0e9b072f60a82a1fbd637ca244e1018231289642fae7654409866ccd172de9e21094acf2e1201cf1ae1d27b55ec38b49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-generator-fn" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "version": "2.0.6", + "bom-ref": "stack-utils@2.0.6", + "author": "James Talmage", + "description": "Captures and cleans stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-utils@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/stack-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/stack-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/stack-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5916bdf226e919ac5ad349c7ebaab4a2d2f1ea856f1520d19ccb5ea63471a132f65ee1aee5fc2298839e3b0b6afa0182a08247bd53a963bc31a5d885e27745" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "2.0.0", + "bom-ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "529cdc2c25e895459c36ee47b5530761d5c98c0ae3b05f42d1a367aae658638b96fd5bb49a2cb96285af6d5df8e476ae56f700527a51ba130c72a4dc18e636fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils/node_modules/escape-string-regexp" + } + ] + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "5.2.0", + "bom-ref": "parse-json@5.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b208abe6fe98421b13a461148233cda20f072df3f1289d2120092c56c43eef7ba8c7820b059787d955004f44d810a0a8ae57fa1d845ac6cd05d9c1b89f0bc46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "strip-json-comments", + "version": "3.1.1", + "bom-ref": "strip-json-comments@3.1.1", + "author": "Sindre Sorhus", + "description": "Strip comments from JSON. Lets you use comments in your JSON files!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-json-comments@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-json-comments.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9f3dcf91e22870a8fe8dfda22fd9fd60307f25395b56407a2a0b8c8aea8483555a1cba602c7c2aa39179ea89832198cc12fe61072e9ed57a196ddea97a9448a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-json-comments" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "group": "@types", + "version": "4.1.9", + "bom-ref": "@types/graceful-fs@4.1.9", + "description": "TypeScript definitions for graceful-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/graceful-fs@4.1.9#types/graceful-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/graceful-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/graceful-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a253f7b1dd6a3847b97574d2685bd01bed3655d45771dcad58b019b00ab53de714f2ea9002192b9db962ec36a08ed5ca5bf065ed825b52c6bc30f72e73c2c711" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "anymatch", + "version": "3.1.3", + "bom-ref": "anymatch@3.1.3", + "author": "Elan Shanker", + "description": "Matches strings against configurable strings, globs, regular expressions, and/or functions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/anymatch@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/anymatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/anymatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/anymatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28c45e154af4078b7e0fe381923477298aafa1ca765da4b33b9e54701ea681031ddca6dc13e9964f2bd557b0ffcec7446cd9d5e9a71952eb64887417bd3af547" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/anymatch" + } + ] + }, + { + "type": "library", + "name": "fb-watchman", + "version": "2.0.2", + "bom-ref": "fb-watchman@2.0.2", + "author": "Wez Furlong", + "description": "Bindings for the Watchman file watching service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/fb-watchman@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79d7ad41a9bb826929c1f2321bcd01ce96982c3e62b9ac95437c328ef75031b39342d6ebb71d1426eb0b7d71df7ff86b504083b9dc97465d7a320e94c0b2060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fb-watchman" + } + ] + }, + { + "type": "library", + "name": "fsevents", + "version": "2.3.3", + "bom-ref": "fsevents@2.3.3", + "description": "Native Access to MacOS FSEvents", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fsevents@2.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/fsevents/fsevents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fsevents/fsevents", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fsevents/fsevents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e71a037d7f9f2fb7da0139da82658fa5b16dc21fd1efb5a630caaa1c64bae42defbc1d181eb805f81d58999df8e35b4c8f99fade4d36d765cda09c339617df43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fsevents" + } + ] + }, + { + "type": "library", + "name": "walker", + "version": "1.0.8", + "bom-ref": "walker@1.0.8", + "author": "Naitik Shah", + "description": "A simple directory tree walker.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/walker@1.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-walker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6cffc13c9796fb918d2f9562dec0e9035cc98f74b7155781a63902f2c6e4acc0826cc1e78566d02c305ee4d4db33cfe4d8050ae56119b33a7af7f7ccb525e99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/walker" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/code-frame@7.24.2", + "author": "The Babel Team", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.24.2#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-code-frame", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb9fad2d0c95f298377ec8a59faec154b0f53f5dc4838961e515bd985d3352ebcbaeff6e210e0c08bf82453f854ec0650637086a7e8f1ac2dc04dd26dc2954c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/code-frame" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/stack-utils@2.0.3", + "description": "TypeScript definitions for stack-utils", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/stack-utils@2.0.3#types/stack-utils", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/stack-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/stack-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5a11b619dd36d83339cf75c76bdd2988acb5f00bf00a65741e09ff4f81aa3908a6fc0b21ee117e63cd63d392fade82f85124772944ee81168196f7271a3a463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/stack-utils" + } + ] + }, + { + "type": "library", + "name": "jest-pnp-resolver", + "version": "1.2.3", + "bom-ref": "jest-pnp-resolver@1.2.3", + "description": "plug'n'play resolver for Webpack", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-pnp-resolver@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/arcanis/jest-pnp-resolver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb7369c10127468201b71e1fca16e54033e0248d07d48108917ed284b5233c603b4ed513bc8d6888a8b7491e28051d21421411f349785807b946b5c1c16300f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-pnp-resolver" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "3.1.0", + "bom-ref": "detect-newline@3.1.0", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cbcfec7fbc45e6fd8ecfef09f510914d2f1629503e1380ca2cc58e9f0152549c931bba91c13a7731c96506f4ea53687f44043eee148e4b7c482630e739e03b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-newline" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "version": "0.5.13", + "bom-ref": "source-map-support@0.5.13", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/source-map-support@0.5.13", + "externalReferences": [ + { + "url": "git+https://github.com/evanw/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "48748a14769d8d5039a11e0f3ea86d01575c056c1161577a83a7005e721b4622307361213eb4ee29405d48bbe510ac883f71827fcf5f96dbdc6623fd30c140d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-support" + } + ] + }, + { + "type": "library", + "name": "type-detect", + "version": "4.0.8", + "bom-ref": "type-detect@4.0.8", + "author": "Jake Luer", + "description": "Improved typeof detection for node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-detect@4.0.8", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/type-detect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/type-detect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/type-detect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1faff9881f57653bec7b4e570ccbe6c80ea28fb30ffbd2d5727875bbf3b828423866a9a65ed74bb02ee8ee6caf6af4b83a162868d4a50a0d8cf467b93b839fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-detect" + } + ] + }, + { + "type": "library", + "name": "callsites", + "version": "3.1.0", + "bom-ref": "callsites@3.1.0", + "author": "Sindre Sorhus", + "description": "Get callsites from the V8 stack trace API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/callsites@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/callsites.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/callsites#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/callsites/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fc06302c5ef652f95203508d7584709012fef8613ebb6148b924914d588a8bdb7e6c0668d7e3eab1f4cbaf96ce62bf234435cb71e3ac502d0dda4ee13bb2c69" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/callsites" + } + ] + }, + { + "type": "library", + "name": "cjs-module-lexer", + "version": "1.2.3", + "bom-ref": "cjs-module-lexer@1.2.3", + "author": "Guy Bedford", + "description": "Lexes CommonJS modules, returning their named exports metadata", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cjs-module-lexer@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/cjs-module-lexer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d133621acb5b426085c2de1a9238c1839a4b4534b28ff3e4590d59a0edb39ed9a0f722ea491c7011ae2209f40b1a3aa18aa05f3896bb5bf13cc1f1ab4c39a565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cjs-module-lexer" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "4.0.0", + "bom-ref": "strip-bom@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df1bab16fe6d1208a2df7662f09b69e79c042082d1f5e877e05016d343d97fe2674ac4e657f8a87b04a0425f7b247be08e8446c0f4a1b169be21daf1077e5dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "generator", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/generator@7.24.4", + "author": "The Babel Team", + "description": "Turns an AST into code.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/generator@7.24.4#packages/babel-generator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ddebebfa4a78d6571fe7bacfb2d25d6cc4c39338c064c8be3e04875b00bc9ab509c07bf49156300d7833d2098697fa2d62266b8648a7f767e13e57fbdad47bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator" + } + ], + "components": [ + { + "type": "library", + "name": "jsesc", + "version": "2.5.2", + "bom-ref": "@babel/generator@7.24.4|jsesc@2.5.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "398bbb5c4ce39024370b93ecdd0219b107cda6aa09c99640f7dc1df5a59dd39342b42e6958e91284ada690be875d047afc2cb695b35d3e5641a6e4075c4eb780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator/node_modules/jsesc" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-typescript", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-typescript@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of TypeScript syntax", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-typescript@7.24.1#packages/babel-plugin-syntax-typescript", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-typescript", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6219e6bf2e476449c752dcba8befa071f1f5fe5ebc0079c8b451e7682bfa867f5d361d2142fbd026cc698b804c0453790cb78706eb9c4ffd038335e27ff3b247" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-typescript" + } + ] + }, + { + "type": "library", + "name": "traverse", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/traverse@7.24.1", + "author": "The Babel Team", + "description": "The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/traverse@7.24.1#packages/babel-traverse", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20traverse%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6e53aa3d9baf0a7aa65b42e0edd9370a4b1530fe6aecbdabe512a43595e67f07e0bdb64e84e2c456cbded669782fab913e9d4ddc5ccc6fdd628e09a9d530299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse" + } + ], + "components": [ + { + "type": "library", + "name": "globals", + "version": "11.12.0", + "bom-ref": "@babel/traverse@7.24.1|globals@11.12.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@11.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e069fc410652222c252a7bc1cbffcba30efa557d5289dc5aac6e15f9bc781c3358d8327c177a1b3f8878a43d8c29b28681fdf60d793374fe41a5471638b354" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse/node_modules/globals" + } + ] + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/types@7.24.0", + "author": "The Babel Team", + "description": "Babel Types is a Lodash-esque utility library for AST nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/types@7.24.0#packages/babel-types", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20types%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa3edae5cdb9dd17ca87c880041872c1cf0d49f3f92d445eed4878aa9b21ea373e68b260baf98850176349d10c42fd9b10dac247931f45d8c6a3bbf34bfa1bef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/types" + } + ] + }, + { + "type": "library", + "name": "babel__traverse", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__traverse@7.20.5", + "description": "TypeScript definitions for @babel/traverse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__traverse@7.20.5#types/babel__traverse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5970b239c46d1f7ec70149295e151db9ac5d9bcd9be064a5c93a9a8d7be237811f8ae3e0358475d3dc4c08abe997accf229b9ad031a53040c2abe83c11da2179" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__traverse" + } + ] + }, + { + "type": "library", + "name": "prettier", + "group": "@types", + "version": "2.7.3", + "bom-ref": "@types/prettier@2.7.3", + "description": "TypeScript definitions for prettier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prettier@2.7.3#types/prettier", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prettier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prettier", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbaf243fdcb3b382cca7b54d87c81dccc48f6452f8e0c2c6aa21d6bedb5825efbaaa7b95af8124f70481428bdea98febf8bc2309c536f643559227708a6fa460" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prettier" + } + ] + }, + { + "type": "library", + "name": "babel-preset-current-node-syntax", + "version": "1.0.1", + "bom-ref": "babel-preset-current-node-syntax@1.0.1", + "author": "Nicolò Ribaudo", + "description": "A Babel preset that enables parsing of proposals supported by the current Node.js version.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-current-node-syntax@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "33b2d0d1bc5aae4c50a0dfafcf96893ec2c19fbee7f10813166a3c58ad3fe386ae2b6c65097ad8714c47171814eea5b9633c3f0a398b44adae27368277b2efa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-current-node-syntax" + } + ] + }, + { + "type": "library", + "name": "natural-compare", + "version": "1.4.0", + "bom-ref": "natural-compare@1.4.0", + "author": "Lauri Rooden", + "description": "Compare strings containing a mix of letters and numbers in the way a human being would in sort order.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-compare@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/litejs/natural-compare-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "396343f1e8b756d342f61ed5eb4a9f7f7495a1b1ebf7de824f0831b9b832418129836f7487d2746eec8408d3497b19059b9b0e6a38791b5d7a45803573c64c4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-compare" + } + ] + }, + { + "type": "library", + "name": "leven", + "version": "3.1.0", + "bom-ref": "leven@3.1.0", + "author": "Sindre Sorhus", + "description": "Measure the difference between two strings using the fastest JS implementation of the Levenshtein distance algorithm", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/leven@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/leven.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/leven#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/leven/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aac75af87f234da51a37fc79bf35b6af373ef11c384c043fe0a8c1e3a2302b9547f8895579e7a37bf128651a625ef22a8c580af3841f7ea3f3b462375412c6d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/leven" + } + ] + }, + { + "type": "library", + "name": "react-is", + "version": "18.2.0", + "bom-ref": "react-is@18.2.0", + "description": "Brand checking of React Elements.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/react-is@18.2.0#packages/react-is", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/react.git#packages/react-is", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://reactjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/react/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c56183216eb1f76d71b733e486250bb6d8491e826f05b177ab6e9fce5a0f08ad21b2fc6d3d57a5bdfb70df38db1d64a4476926f59fb8bb16c30caffa670f41f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/react-is" + } + ] + }, + { + "type": "library", + "name": "rimraf", + "version": "3.0.2", + "bom-ref": "rimraf@3.0.2", + "author": "Isaac Z. Schlueter", + "description": "A deep deletion module for node (like `rm -rf`)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/rimraf@3.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/rimraf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/rimraf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/rimraf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "25990931990018514f3f662a5d95cf6cc94c060b31cc4f082ece253085ffda8d0bf54070f4efd8de8eb0170fe2f582daa5c5095b0a9b8b791dc483dd0bad9320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rimraf" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "group": "@types", + "version": "3.0.4", + "bom-ref": "@types/istanbul-reports@3.0.4", + "description": "TypeScript definitions for istanbul-reports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-reports@3.0.4#types/istanbul-reports", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-reports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a64d81d4d59a945f6da0246eea08c1cd1ebdb321633f839df164405fed2699ff6502309189c2ce59cf99af1647c7fd17463a2d82417db7a89a309f9a5dc39d65" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "yargs", + "group": "@types", + "version": "17.0.32", + "bom-ref": "@types/yargs@17.0.32", + "description": "TypeScript definitions for yargs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs@17.0.32#types/yargs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.32.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c50ebb61cfe568e1b9b8c7d7ff4f77311946182201cd931aad56be81f34a271580220ca462954690175ba84cc60c37c2ad5523e8789f7f8993679040e93980a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs" + } + ] + }, + { + "type": "library", + "name": "import-local", + "version": "3.1.0", + "bom-ref": "import-local@3.1.0", + "author": "Sindre Sorhus", + "description": "Let a globally installed package use a locally installed version of itself if available", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-local@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-local.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-local#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-local/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012074eee2ed9c3b35a3a1078caa57df804a6034aa9c57ab7d33892f61ef32a17bd0b9f1a639330c1f09e38a13f69bb800c3e44307fc8e5eacce0bcd776b5122" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-local" + } + ] + }, + { + "type": "library", + "name": "prompts", + "version": "2.4.2", + "bom-ref": "prompts@2.4.2", + "author": "Terkel Gjervig", + "description": "Lightweight, beautiful and user-friendly prompts", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompts@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/prompts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/prompts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/prompts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37136ffe42e0b8203ba778c4f282f668406cac95a001a901a609a02ba9693d657e5ae3a663aaf6ff36c05673fe4fc6d0940d27cc75d2252256d07abbca5683d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompts" + } + ] + }, + { + "type": "library", + "name": "kleur", + "version": "3.0.3", + "bom-ref": "kleur@3.0.3", + "author": "Luke Edwards", + "description": "The fastest Node.js library for formatting terminal text with ANSI colors~!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kleur@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/kleur.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/kleur#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/kleur/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "793233955392511f89c5d0c57a911870132d67d42a75e7feae7cd675166e31b3b2c2ee6d3b6c3637baea8e800d67993dbf2c212fa06bd55463508813431e04f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kleur" + } + ] + }, + { + "type": "library", + "name": "sisteransi", + "version": "1.0.5", + "bom-ref": "sisteransi@1.0.5", + "author": "Terkel Gjervig", + "description": "ANSI escape codes for some terminal swag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sisteransi@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/sisteransi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/sisteransi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/sisteransi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cb186951d50c417329e7d9de589835f83068e566fcb631104344d1cb27c548ea5ebef45522c9314d27422f78e48fd1b7178150cf45c7c6a80d298daa94a5f56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sisteransi" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "17.7.2", + "bom-ref": "yargs@17.7.2", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@17.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd4b3cd143ef822a7348fe4aca9d8455ec928a3d45cc121eb5b286872a0f66ad6121cc55a1167c4fc4697eebd703d4ebbadc2d773543c29e621caefa82b8ceb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs" + } + ], + "components": [ + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "yargs@17.7.2|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs/node_modules/yargs-parser" + } + ] + } + ] + }, + { + "type": "library", + "name": "json-diff", + "version": "0.9.1", + "bom-ref": "json-diff@0.9.1", + "author": "Andrey Tarantsov", + "description": "JSON diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-diff@0.9.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/andreyvit/json-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/json-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-diff/-/json-diff-0.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67778c83a91b55306bde0fc8a6617acf6f322f6b2a8b89242252560d04add1ab905b6cb4405bb746648a8b3be3f3cd04fc453235a9ef598de88bf4f967b640d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-diff" + } + ] + }, + { + "type": "library", + "name": "cli-color", + "version": "2.0.4", + "bom-ref": "cli-color@2.0.4", + "author": "Mariusz Nowak", + "description": "Colors, formatting and other tools for the console", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-color@2.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/cli-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/cli-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/cli-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-color/-/cli-color-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce59e98348cd7226cdaceec61bd21e1c7ee669615e0b3f896b5c31ffbb59354e4049249267efea65c88cd3f2c7098c5276abf9876b1d6d0fcf5d874eb9eb57bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-color" + } + ] + }, + { + "type": "library", + "name": "d", + "version": "1.0.2", + "bom-ref": "d@1.0.2", + "author": "Mariusz Nowak", + "description": "Property descriptor factory", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/d@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/d.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/d#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/d/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/d/-/d-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30ea87bcc585f7ff4c5fa9f36b42a0bc51f81e9314d04179b940d7a97fc1b71b54f0d7c1d10cd1b49f0e7bfe92b92e246e1cb3549c2377dec40383caaf327c6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/d" + } + ] + }, + { + "type": "library", + "name": "es5-ext", + "version": "0.10.64", + "bom-ref": "es5-ext@0.10.64", + "author": "Mariusz Nowak", + "description": "ECMAScript extensions and shims", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es5-ext@0.10.64", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.64.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a76b270e188b6977ba75a86cb352dd771a849be4a4b83bd5f1d9c8406d0c5a3c87a5c30d7d728f13efc2734cbe3e1c495f7038c4635e1428f9a1cd01521e9d7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es5-ext" + } + ] + }, + { + "type": "library", + "name": "type", + "version": "2.7.2", + "bom-ref": "type@2.7.2", + "author": "Mariusz Nowak", + "description": "Runtime validation and processing of JavaScript types", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/type@2.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type/-/type-2.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77396f94d96de805d4ec40527e902c732750ee05c1fa93c6b0f9df26766988d2410e3ec8689cd094165819d122e11f4798f741bf65e6589e9852da136bb9660b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type" + } + ] + }, + { + "type": "library", + "name": "es6-iterator", + "version": "2.0.3", + "bom-ref": "es6-iterator@2.0.3", + "author": "Mariusz Nowak", + "description": "Iterator abstraction based on ES6 specification", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es6-iterator@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-iterator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf0e12473a1491df9c97e668135e40f68d6841df76d016f488e24c4244219778cd734dd8a958c0846eec71ff42e4a59153f475dceadfe7cf2e082eb9db9a34da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-iterator" + } + ] + }, + { + "type": "library", + "name": "es6-symbol", + "version": "3.1.4", + "bom-ref": "es6-symbol@3.1.4", + "author": "Mariusz Nowak", + "description": "ECMAScript 6 Symbol polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-symbol@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es6-symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d6c51635fcb458804e0b64275ce0db9f8abe2217a6046f4474bcb1abb719f855cd385142b39e92c3de4f40565b630d66cd4e1162750cf5ce40c9f428a464be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-symbol" + } + ] + }, + { + "type": "library", + "name": "ext", + "version": "1.7.0", + "bom-ref": "ext@1.7.0", + "author": "Mariusz Nowak", + "description": "JavaScript utilities with respect to emerging standard", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ext@1.7.0#ext", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git#ext", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/tree/ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ea1c5e25868bd75d1af5be531094a3d20a23c87400980d9c8793acfb2482880d5019d4baf7b5d6635a73b2b4a3a80f4b0c4120741fcaca9225479f5170bb8763" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ext" + } + ] + }, + { + "type": "library", + "name": "esniff", + "version": "2.0.1", + "bom-ref": "esniff@2.0.1", + "author": "Mariusz Nowak", + "description": "Low footprint ECMAScript source code parser", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/esniff@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/esniff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/esniff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/esniff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esniff/-/esniff-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91350818a43f9833c5a09d2855f726c899f88810d1a6d8cd548cf020547bb6a59775523dc5f03644cc18fe06d2a491b79647563448cb6a9fcda951d9889b1d7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esniff" + } + ] + }, + { + "type": "library", + "name": "event-emitter", + "version": "0.3.5", + "bom-ref": "event-emitter@0.3.5", + "author": "Mariusz Nowak", + "description": "Environment agnostic event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/event-emitter@0.3.5", + "externalReferences": [ + { + "url": "git://github.com/medikoo/event-emitter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/event-emitter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/event-emitter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fdad19fdcbb90b3e727e84cabb4bf9e1be82b0c2f5496a1062d813e6c776ef6ec11d2b75bd8a2f1c0521a33feef6fcb9cce27e9fa37f9d9025f915e4d0aee5c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/event-emitter" + } + ] + }, + { + "type": "library", + "name": "next-tick", + "version": "1.1.0", + "bom-ref": "next-tick@1.1.0", + "author": "Mariusz Nowak", + "description": "Environment agnostic nextTick polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/next-tick@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/next-tick.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/next-tick#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/next-tick/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977548897a66ec363b93a10bf16b23d917d56a86dee17b0b2fcb6b0e59a7cbbe2d9ac1f963f66382e9b1c8839d28ad7f0826f58a63dc1843fcc1da4a203ec95" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/next-tick" + } + ] + }, + { + "type": "library", + "name": "memoizee", + "version": "0.4.15", + "bom-ref": "memoizee@0.4.15", + "author": "Mariusz Nowak", + "description": "Memoize/cache function results", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/memoizee@0.4.15", + "externalReferences": [ + { + "url": "git://github.com/medikoo/memoizee.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/memoizee#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/memoizee/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5015a62692d97794933e6ecf31494ec3f4d2cbdef633ecfc81cc90e6f78e9d20d1444cffd1b9a9c937cab77ff9d4384406a099427d6e74cff97e57123d886475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/memoizee" + } + ] + }, + { + "type": "library", + "name": "es6-weak-map", + "version": "2.0.3", + "bom-ref": "es6-weak-map@2.0.3", + "author": "Mariusz Nowak", + "description": "ECMAScript6 WeakMap polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-weak-map@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-weak-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79ba6df61ce4ced643fec3b3d19c1fb9950e3767a9aeb8cb8831f7ef0cdf1907819c9e32c157acc64ada5b01220c9380c202f11a6a685edb387209bfd05d7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-weak-map" + } + ] + }, + { + "type": "library", + "name": "is-promise", + "version": "2.2.2", + "bom-ref": "is-promise@2.2.2", + "author": "ForbesLindesay", + "description": "Test whether an object looks like a promises-a+ promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-promise@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/then/is-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/then/is-promise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/then/is-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa53f8ffa94a5017d08d9da97714e166f2d401a7e665bf0e03115bf175ed890992df920d82bf3985d386a04b35db87b3d450a7649b7a8dabbf4fe6a5879f1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-promise" + } + ] + }, + { + "type": "library", + "name": "lru-queue", + "version": "0.1.0", + "bom-ref": "lru-queue@0.1.0", + "author": "Mariusz Nowak", + "description": "LRU Queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lru-queue@0.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/lru-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/lru-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/lru-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06975892df44bc697c39f5870d03c8495a5c979c59b616fe5cfb1b10b8f90105f1202f08ae20d92106230493c49b9ad2e36d2c8d9d132c4cd172ae4a741858ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-queue" + } + ] + }, + { + "type": "library", + "name": "timers-ext", + "version": "0.1.7", + "bom-ref": "timers-ext@0.1.7", + "author": "Mariusz Nowak", + "description": "Timers extensions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/timers-ext@0.1.7", + "externalReferences": [ + { + "url": "git://github.com/medikoo/timers-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/timers-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/timers-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fce4d50dcd349da1d4a14c86e4cba645d367bc493b5555f0fe7eee1a5d74a11042e9a331fe6c2a492d830f65bb0004ddb00c7edf269a88a17c49a736dfd0da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/timers-ext" + } + ] + }, + { + "type": "library", + "name": "difflib", + "version": "0.2.4", + "bom-ref": "difflib@0.2.4", + "author": "Xueqiao Xu", + "description": "text diff library ported from Python's difflib module", + "licenses": [ + { + "license": { + "name": "PSF", + "url": "http://docs.python.org/license.html" + } + } + ], + "purl": "pkg:npm/difflib@0.2.4", + "externalReferences": [ + { + "url": "git://github.com/qiao/difflib.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/difflib.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/difflib.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/difflib/-/difflib-0.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5857098c6f4c101d036be49f66e814a3e9f938a5f1884c640e3acf83f4597e20d38358539fbe1214d6136fe86811d510680bff4d25cc2eefbcd2871574913ef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/difflib" + } + ] + }, + { + "type": "library", + "name": "heap", + "version": "0.2.7", + "bom-ref": "heap@0.2.7", + "author": "Xueqiao Xu", + "description": "binary heap (priority queue) algorithms (ported from Python's heapq module)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/heap@0.2.7", + "externalReferences": [ + { + "url": "git://github.com/qiao/heap.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/heap.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/heap.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/heap/-/heap-0.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9bb1e8189241cefa1ffd3066e7e8a59c138e5c1d980f00da392d717b12f59d4f4c93d8482e4953b59c3814e5cf3e64e3f0a76bcc35aed816c26155c0d1f5276" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/heap" + } + ] + }, + { + "type": "library", + "name": "dreamopt", + "version": "0.8.0", + "bom-ref": "dreamopt@0.8.0", + "author": "Andrey Tarantsov", + "description": "Command-line parser with readable syntax from your sweetest dreams", + "purl": "pkg:npm/dreamopt@0.8.0", + "externalReferences": [ + { + "url": "git://github.com/andreyvit/dreamopt.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dreamopt/-/dreamopt-0.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf2253a7cfa60be1bee5d7e0b18fabddc931973f90317e345633d0b19739831540c4b9a2eb84c1a1590fe7803fa51017317b1bbb618c301ad93f136fdb7c1a32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dreamopt" + } + ] + }, + { + "type": "library", + "name": "wordwrap", + "version": "1.0.0", + "bom-ref": "wordwrap@1.0.0", + "author": "James Halliday", + "description": "Wrap those words. Show them at what columns to start and stop.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wordwrap@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/substack/node-wordwrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-wordwrap#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-wordwrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "82f57324594fc9c29ce5d64de323e43fcc3b0dcdfb06d3f5c9ccc49de39be2eab7e295d972faed45399657c5be5267be5c2c4a81b8ccfa77af93214f3326dde1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wordwrap" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "version": "3.2.10", + "bom-ref": "jstoxml@3.2.10", + "author": "David Calhoun", + "description": "Converts JavaScript/JSON to XML (for RSS, Podcasts, AMP, etc.)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jstoxml@3.2.10", + "externalReferences": [ + { + "url": "git://github.com/davidcalhoun/jstoxml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/davidcalhoun/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davidcalhoun/jstoxml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jstoxml/-/jstoxml-3.2.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "735bf6085c4aae120f5abf9c3ab04e2569029646b945f5161b5d98d60ab2143e1dcca4e5c646ab9e2925c0e4ffeb047565f97ec76655223448411f431621b5ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jstoxml" + } + ] + }, + { + "type": "library", + "name": "pretty", + "version": "2.0.0", + "bom-ref": "pretty@2.0.0", + "author": "Jon Schlinkert", + "description": "Some tweaks for beautifying HTML with js-beautify according to my preferences.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/pretty.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty/-/pretty-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bdc54721813122369a2b99d60197e3e16b9d20394a2f4f5f08bc07bb118319d7f7fd5bf59630f467fb123af325cd3149374171c3c28ff5c15ff835e8d535ed7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty" + } + ] + }, + { + "type": "library", + "name": "condense-newlines", + "version": "0.2.1", + "bom-ref": "condense-newlines@0.2.1", + "author": "Jon Schlinkert", + "description": "Replace extraneous newlines with a single newline, or pass a specified number of newlines to use.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/condense-newlines@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/condense-newlines.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/condense-newlines/-/condense-newlines-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fb5fe40bf476fd07f73c1c8e411452a68e006ed97a50b85f7c599f5790ef9d046824e57830890cfba354a6a6094d588777e7cd54712d1214059fa0884c1cf7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/condense-newlines" + } + ] + }, + { + "type": "library", + "name": "extend-shallow", + "version": "2.0.1", + "bom-ref": "extend-shallow@2.0.1", + "author": "Jon Schlinkert", + "description": "Extend an object with the properties of additional objects. node.js/javascript util.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/extend-shallow@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/extend-shallow.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc29d3b65c4da0088373782a636698016171ed759689ab2e1762bc31ee566cdf28b4729350a0708cfb4da51b3fadb5199bb2b158068d8fb3f56bfa79d866d5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/extend-shallow" + } + ] + }, + { + "type": "library", + "name": "is-whitespace", + "version": "0.3.0", + "bom-ref": "is-whitespace@0.3.0", + "author": "Jon Schlinkert", + "description": "Returns true if the value passed is all whitespace.", + "purl": "pkg:npm/is-whitespace@0.3.0", + "externalReferences": [ + { + "url": "git://github.com/jonschlinkert/is-whitespace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-whitespace/-/is-whitespace-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47274f865e12e89c00ca3d09263b215891051ba84dc9ede964505165a4d47d9170187c73a6935a34e56042e4bf13f4a586b029b8c5eba672b51042177dda370e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-whitespace" + } + ] + }, + { + "type": "library", + "name": "kind-of", + "version": "3.2.2", + "bom-ref": "kind-of@3.2.2", + "author": "Jon Schlinkert", + "description": "Get the native type of a value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kind-of@3.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/kind-of.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e5bd4105cca191a0fe8aa754da0d4d320510889dd7adbb5827df50124474cc58029abb98d13b0a9cee7083dcf99420db93e17a3ec8252997de13bea1b94eb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kind-of" + } + ] + }, + { + "type": "library", + "name": "is-buffer", + "version": "1.1.6", + "bom-ref": "is-buffer@1.1.6", + "author": "Feross Aboukhadijeh", + "description": "Determine if an object is a Buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-buffer@1.1.6", + "externalReferences": [ + { + "url": "git://github.com/feross/is-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/is-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/is-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35c7402f0a579139b966fbdb93ba303944af56f04a0e028fe7f7b07d71339e64057ece194666a739e2814e34558e46b7405a0de9727ef45dd44aa7c7a93694e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-buffer" + } + ] + }, + { + "type": "library", + "name": "is-extendable", + "version": "0.1.1", + "bom-ref": "is-extendable@0.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a value is any of the object types: array, regexp, plain object, function or date. This is useful for determining if a value can be extended, e.g. \"can the value have keys?\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extendable@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extendable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e413142cda1bd6f8055fa123430e62cd60f1ade7162bd00cef6aee80daf44c595d30e8b47e3e8993ecde288b74c468f87047d0209b61e30dce296389e1ff8017" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extendable" + } + ] + }, + { + "type": "library", + "name": "js-beautify", + "version": "1.15.1", + "bom-ref": "js-beautify@1.15.1", + "author": "Einar Lielmanis", + "description": "beautifier.io for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-beautify@1.15.1", + "externalReferences": [ + { + "url": "git://github.com/beautifier/js-beautify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://beautifier.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beautifier/js-beautify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.15.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1128cdcd296dfec584f2c722647f24045f013e5c173f0851ea958a030f1bc380708fe899727296e8e35652eb49ede39bb81650a6221bf12ece62ca56acab7bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify" + } + ], + "components": [ + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "js-beautify@1.15.1|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "js-beautify@1.15.1|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "config-chain", + "version": "1.1.13", + "bom-ref": "config-chain@1.1.13", + "author": "Dominic Tarr", + "description": "HANDLE CONFIGURATION ONCE AND FOR ALL", + "purl": "pkg:npm/config-chain@1.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/config-chain.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/dominictarr/config-chain", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/config-chain/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa3f9ff003c04571eb33486b6aa5d86f6fdb395495e0fbc9425359fc3563d10ae634cdaad9eba2ce47ae55c910e7b27e5b49911fa1ef8be939d0ce09ba5d9545" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/config-chain" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "1.3.8", + "bom-ref": "ini@1.3.8", + "author": "Isaac Z. Schlueter", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@1.3.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "255ff2ba0576bb35b988c4528990320ed41dfa7c6d5278de2edd1a70d770f7c90a2ebbee455c81f34b6c444384ef2bc65606a5859e913570a61079142812b17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ini" + } + ] + }, + { + "type": "library", + "name": "proto-list", + "version": "1.2.4", + "bom-ref": "proto-list@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "A utility for managing a prototype chain", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proto-list@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/proto-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/proto-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/proto-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bed2bff786a4c6c4cc85ed3f71b7e947eb323eeb3372ec21a958c9ab6e82b8d0e01468faf36a1105738fe4c269bf6afb26d13c32c89ea4622abef3930709f6bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proto-list" + } + ] + }, + { + "type": "library", + "name": "editorconfig", + "version": "1.0.4", + "bom-ref": "editorconfig@1.0.4", + "author": "EditorConfig Team", + "description": "EditorConfig File Locator and Interpreter for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/editorconfig@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/editorconfig/editorconfig-core-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fd41ed3c2964e5a98315bcc71322f300765d5c0d4b9bcd13582fe59f0386cb0cc1dee277a62a4a666339339c4d45c0b2aed04126cbaa1b8102b3309ae0e31f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "9.0.1", + "bom-ref": "editorconfig@1.0.4|minimatch@9.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d235a12690ff31d84f5f03ee8919026df61f48aa76aa79f678e736efda88edffa8b25fe5fa9aca4abbe1835e7bcd262fc7fd679a09f636a753ea4d99ef3487f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig/node_modules/minimatch" + } + ] + } + ] + }, + { + "type": "library", + "name": "wasm", + "group": "@one-ini", + "version": "0.1.1", + "bom-ref": "@one-ini/wasm@0.1.1", + "description": "Parse EditorConfig-INI file contents into AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40one-ini/wasm@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/one-ini/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/one-ini/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/one-ini/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@one-ini/wasm/-/wasm-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eec921b5137f1849c489a0c96aa2f2ebbb829350d4a38154c88f287ba8c5fa68d3791d8e42b792e14497713bbf49b53cca7f357f6e75a9cfeceab98ac84acbf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@one-ini/wasm" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "10.0.1", + "bom-ref": "commander@10.0.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@10.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb8320dad5ec8699446d21b3c7b6a6ccfc0a28e086ba84913ff0a311dc3093414e1a551baba94aba8c83653359926c47749b69e7885d7d8fc952b74bed77ddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7008bd0f1e33e902e9a50bc7ac2e422c15b27cec8bd7775b1cd5dc5a564c6035f45eb6d64c1d6ec01c14a5e02941d95accbe998ea22f5b074f1584142cad0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "js-cookie", + "version": "3.0.5", + "bom-ref": "js-cookie@3.0.5", + "author": "Klaus Hartl", + "description": "A simple, lightweight JavaScript API for handling cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-cookie@3.0.5", + "externalReferences": [ + { + "url": "git://github.com/js-cookie/js-cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70488910012821b59f09960a5a157016ebcf5f58044d160fc3a2e56932a8c43decd80917ce40a39e9ea1d15efba33caa8f48da92d789e18a83253f37d3e9551b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-cookie" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.0", + "bom-ref": "nopt@7.2.0", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nopt/-/nopt-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0950edc02761608be703316827a349e9d5f7a206bdfc7c9c8900e71b5bd00e348b31e28b27803ddd9a98283ae0612af5141639fe13180bed950a2db8a60a6418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nopt" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/abbrev/-/abbrev-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ebf9a1d44daed98804b021dd634631e685beeb581953ed6f5daa221c7ae929eb9134d805bd2fbf8ebc07890841e5aa407f9a01ed407b135f689764762ca1fc85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/abbrev" + } + ] + }, + { + "type": "library", + "name": "babel__core", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__core@7.20.5", + "description": "TypeScript definitions for @babel/core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__core@7.20.5#types/babel__core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa8429ad9bf3e70405270303a9eb1e4575afdeba8cbe18296d715f5725a16f1f57e3b3ce200ea2ffe75779f12664aa0080e69375a22035232a30853ad72472cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__core" + } + ] + }, + { + "type": "library", + "name": "template", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/template@7.24.0", + "author": "The Babel Team", + "description": "Generate an AST from a string template.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/template@7.24.0#packages/babel-template", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20template%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0647f6abc94c074005a57d0d144a926f1d4e9131dfd1ffb48fcda6930f99a73067924edef50974f3dd6f95f822fa41f03a4f2d4238901e9aa1e0b6926b47ca10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/template" + } + ] + }, + { + "type": "library", + "name": "bs-logger", + "version": "0.2.6", + "bom-ref": "bs-logger@0.2.6", + "author": "Huafu Gandon", + "description": "Bare simple logger for NodeJS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bs-logger@0.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/huafu/bs-logger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/huafu/bs-logger#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/huafu/bs-logger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5df030a8c666e073b8723ca3afc6da8d7236283ac0013d075c0948c6a77778d95476097d4e46193603cee8aaabb9475924fbbea7b3166ea649b277e315b42a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bs-logger" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "2.2.3", + "bom-ref": "json5@2.2.3", + "author": "Aseem Kishore", + "description": "JSON for Humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@2.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e63967bb7b21d81f5e1c2dd54fa3283e18e1f7ad85fef8aa73af2949c125bdf2ddcd93e53c5ce97c15628e830b7375bf255c67facd8c035337873167f16acca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json5" + } + ] + }, + { + "type": "library", + "name": "lodash.memoize", + "version": "4.1.2", + "bom-ref": "lodash.memoize@4.1.2", + "author": "John-David Dalton", + "description": "The lodash method `_.memoize` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.memoize@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b8fe3739a09d0cd30185dcb0760b8229a5b4e5753171ed94e59fe868cbf4a8fc18ae45227c39268b71bdb3acf88bd5d7f0f3a34e3f7c219f2d5b3b6976f802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.memoize" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "3.26.9", + "bom-ref": "@oclif/core@3.26.9", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@3.26.9", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-3.26.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81e58c5deb60ec1eaa822bfeb42fc2221a94d1214e09f9fcc2a9f6cf462218139f9a81f37ade4a6968cf936eac8c05db27b7f3d03a7603f0186cd6ab94afa7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/core@3.26.9|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/core@3.26.9|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@oclif/core@3.26.9|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@oclif/core@3.26.9|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/sprintf-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "group": "@types", + "version": "3.11.5", + "bom-ref": "@types/cli-progress@3.11.5", + "description": "TypeScript definitions for cli-progress", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/cli-progress@3.11.5#types/cli-progress", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/cli-progress", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/cli-progress/-/cli-progress-3.11.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f83db3516ef88aca9a52e62bc11b214edbd3ce97248b980d87c94144e29e5019acc030cdc2c2429672f4e5f20bc4952bb1461e853ca2fc5e689d5fcef7a2ee2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/cli-progress" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.21.3", + "bom-ref": "type-fest@0.21.3", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.21.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b74af306af3b9b77d571db870d41612a6cb25fef5ea3a5908d9bdfe7511afccd10efe4f7ef8269d5a522c9497418ac69f0cfce113547483be69323e0bd7f97db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-fest" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4511023ec8fb8aeff16f9a0a61cb051d2a6914d9ec8ffe763954d129be333f9a275f0545df3566993a0d70e7c60be0910e97cafd4e7ce1f320dfc64709a12529" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "cardinal", + "version": "2.1.1", + "bom-ref": "cardinal@2.1.1", + "author": "Thorsten Lorenz", + "description": "Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cardinal@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/cardinal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/cardinal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/cardinal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cardinal/-/cardinal-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "252af978e8281329ad607063356ca3acca9eb7d026da68898657ca35da8ba7ace878087428de5d44073195e723e66009ae64289a088e063df9c472eb163a81a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cardinal" + } + ] + }, + { + "type": "library", + "name": "ansicolors", + "version": "0.3.2", + "bom-ref": "ansicolors@0.3.2", + "author": "Thorsten Lorenz", + "description": "Functions that surround a string with ansicolor codes so it prints in color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansicolors@0.3.2", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/ansicolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansicolors/-/ansicolors-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "417bbb04facfdbd565951c47f06c01ef1e625f9a9628000c2ea2901964de2d656534734ea55309f7576cc50008597a63b96e70aafc6edc977f9d18eb27ed29aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansicolors" + } + ] + }, + { + "type": "library", + "name": "redeyed", + "version": "2.1.1", + "bom-ref": "redeyed@2.1.1", + "author": "Thorsten Lorenz", + "description": "Takes JavaScript code, along with a config and returns the original code with tokens wrapped as configured.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/redeyed@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/redeyed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/redeyed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/redeyed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/redeyed/-/redeyed-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14da461a8d43c9c600767aca17108c98a620a3f9882c0aad4586e47500fc129fc79363d0e7e684004c7e214ef5dd14c39ae05a1f473c3f9668ceeacdbb939b45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/redeyed" + } + ] + }, + { + "type": "library", + "name": "esprima", + "version": "4.0.1", + "bom-ref": "esprima@4.0.1", + "author": "Ariya Hidayat", + "description": "ECMAScript parsing infrastructure for multipurpose analysis", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esprima@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jquery/esprima.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://esprima.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jquery/esprima/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "786b85170ed4a5d6be838a7e407be75b44724d7fd255e2410ccfe00ad30044ed1c2ee4f61dc10a9d33ef86357a6867aaac207fb1b368a742acce6d23b1a594e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esprima" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "4.0.0", + "bom-ref": "has-flag@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1329094ff4352a34d672da698080207d23b4b4a56e6548e180caf5ee4a93ba6325e807efdc421295e53ba99533a170c54c01d30c2e0d3a81bf67153712f94c3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "3.0.1", + "bom-ref": "clean-stack@3.0.1", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-stack/-/clean-stack-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "951f70362311715423481ddaef15c62eecf872be3026eb9795a0046d1bad1a8c104e6969ed1ef6fc33a0376d5ef237706e531697d50e24c2576ab5fde29cca76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-stack" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "4.0.0", + "bom-ref": "escape-string-regexp@4.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4eda5c349dd7033c771aaf2c591cc96956a346cd2e57103660091d6f58e6d9890fcf81ba7a05050320379f9bed10865e7cf93959ae145db2ae4b97ca90959d80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "version": "3.12.0", + "bom-ref": "cli-progress@3.12.0", + "author": "Andi Dittrich", + "description": "easy to use progress-bar for command-line/terminal applications", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-progress@3.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/npkgz/cli-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npkgz/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npkgz/cli-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-progress/-/cli-progress-3.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b51915dc7275012c26d7d4c78a22c85cb3bb226ef0953b8a9ef918693932a003de7ea8cd83b5bb0c7294946471cbdbf10ef6f2098424428cefa6db8c9060a0f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-progress" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "4.2.3", + "bom-ref": "color@4.2.3", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6b5deb94522186af2921f8278176ee487bb389c229c28106346dcec6091c72e71547cbe9a86aa9292ff8ea42ad0cb5039e61caea133e1a6dce5fd0ab54ed6e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-string", + "version": "1.9.1", + "bom-ref": "color-string@1.9.1", + "author": "Heather Arthur", + "description": "Parser and generator for CSS color strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-string@1.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-string/-/color-string-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21ad56b0405a239d9bfac4ce346a7c780a4a033fe7d9b30fd97ab10cb16fe9cb3b116c4969b0bfc30555bbab7131c70bac74d5c8de55e9ba1119933b3ca7912" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-string" + } + ] + }, + { + "type": "library", + "name": "simple-swizzle", + "version": "0.2.2", + "bom-ref": "simple-swizzle@0.2.2", + "author": "Qix", + "description": "Simply swizzle your arguments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/simple-swizzle@0.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-simple-swizzle.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "240fff910819b5bb98f379bec53fad5c9926267706313153f82fa0da1d91f6ec64608ac4db2cbdb2099c2e10a7c39eff5920fe121dc9f7b14f1031676d79c352" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle" + } + ], + "components": [ + { + "type": "library", + "name": "is-arrayish", + "version": "0.3.2", + "bom-ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "79546a0af56565bbb0dc6acceb7a2f352340780d4ad7a91a47f2d163ff76c34cf1439ff5633c1b9545fae768b85ecf51c001a35bd77dcba5fcf2df0e68025f59" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle/node_modules/is-arrayish" + } + ] + } + ] + }, + { + "type": "library", + "name": "ejs", + "version": "3.1.10", + "bom-ref": "ejs@3.1.10", + "author": "Matthew Eernisse", + "description": "Embedded JavaScript templates", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ejs@3.1.10", + "externalReferences": [ + { + "url": "git://github.com/mde/ejs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/ejs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/ejs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51e26615f3ab0104bc38958f678aad807c961316b4f3cfccb4ae54132a091851faedc0c45e4652be23a2291099e178a3d33c48dc9102818b37a0ac7e022cd004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ejs" + } + ] + }, + { + "type": "library", + "name": "jake", + "version": "10.8.7", + "bom-ref": "jake@10.8.7", + "author": "Matthew Eernisse", + "description": "JavaScript build tool, similar to Make or Rake", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/jake@10.8.7", + "externalReferences": [ + { + "url": "git://github.com/jakejs/jake.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jakejs/jake#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jakejs/jake/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6438b768ff9f1bf2dc87207350cf34e158dd767c1f49fb1d798930b7c35c6ca46fa38ac592386ce39ea22c59f79366545af35ee22e3c5800836f36bc7e1ab6fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "jake@10.8.7|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "jake@10.8.7|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "async", + "version": "3.2.5", + "bom-ref": "async@3.2.5", + "author": "Caolan McMahon", + "description": "Higher-order functions and common patterns for asynchronous code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async@3.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/caolan/async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://caolan.github.io/async/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caolan/async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da359caa69a2e1c8b54a9bf0e5bdd5b4e7531280ee9bf1e55f21ece5f44e4fa96c458332e6ff0427b445b8ccecad55bbab0c4af426500b12974e170bc4acbb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async" + } + ] + }, + { + "type": "library", + "name": "filelist", + "version": "1.0.4", + "bom-ref": "filelist@1.0.4", + "author": "Matthew Eernisse", + "description": "Lazy-evaluating list of files, based on globs or regex patterns", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/filelist@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/mde/filelist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/filelist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/filelist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c35704b9fdd2f83acb0902fb113ea4cfe82694975babd27bc970928cafce6423c0faa10dd56c85e1901fd186096b8fec84726b6b6b7f77fafc495e098bec7ef1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "5.1.6", + "bom-ref": "filelist@1.0.4|minimatch@5.1.6", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.1.6", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94ac15ff56eba46ea6054147b5becd526b400426f65996669b6c0d88e0398406fc55d092e01dddb4c5b2bdca1589c730016fc23844635cbb74ccfd735d4376ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist/node_modules/minimatch" + } + ] + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de849e50ed13315ebb84dd4099b5ec2b8c9aa94eed8e21e56f144364ea47d0a5bdf82797e1b440697d009f1b74b71d8cae94695b041a3f02252121098585393f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/balanced-match" + } + ] + }, + { + "type": "library", + "name": "concat-map", + "version": "0.0.1", + "bom-ref": "concat-map@0.0.1", + "author": "James Halliday", + "description": "concatenative mapdashery", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/concat-map@0.0.1", + "externalReferences": [ + { + "url": "git://github.com/substack/node-concat-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-concat-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-concat-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd2aefe1db30c903417e8846a73f68e986f71b3dd2ad40ea047e6b4ee84647b6a1b656d82a7571c366c214c4658da03b1171da5d9f30b07768745bdb9212a6aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/concat-map" + } + ] + }, + { + "type": "library", + "name": "get-package-type", + "version": "0.1.0", + "bom-ref": "get-package-type@0.1.0", + "author": "Corey Farrell", + "description": "Determine the `package.json#type` which applies to a location", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-package-type@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/cfware/get-package-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cfware/get-package-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cfware/get-package-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cee2ad63ae0661f5a2ccd009d1fafd56ab6d6643622b6892e37d0bb481f38c112be9b5fc026db39b8b16e11a39c23596e5c02544bd6a00c4dc5db8cd00ed9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-package-type" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "11.1.0", + "bom-ref": "globby@11.1.0", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e121768ecf2d6c6fc232a1c6abb964a7d538e69c156cf00ca1732f37ae6c4d27cab6b96282023dc29c963e2a91925c2b9e00f7348b4e6456f54ab4fd6df52de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globby" + } + ] + }, + { + "type": "library", + "name": "array-union", + "version": "2.1.0", + "bom-ref": "array-union@2.1.0", + "author": "Sindre Sorhus", + "description": "Create an array of unique values, in order, from the input arrays", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-union@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/array-union.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/array-union#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/array-union/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1c6cb1a0e4d853208ceacb547ba1098277781287b0008ef331d7ea3be9068e79599810f3fdc479a5ff2bfdc4785aaeb4b0bfe9d0891c8d41043f04b7185ac8cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-union" + } + ] + }, + { + "type": "library", + "name": "dir-glob", + "version": "3.0.1", + "bom-ref": "dir-glob@3.0.1", + "author": "Kevin Mårtensson", + "description": "Convert directories to glob compatible strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dir-glob@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/dir-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/dir-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/dir-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a4ad6a7d191e0a5df28663338b993b86562d545857f0b37efb9fd71ce79fed6fa0eeab217aa5c43901b88712c85a0e963dbfaa1a4abd9708389d1a633077320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dir-glob" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "4.0.0", + "bom-ref": "path-type@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80329bf1a64c0de0ffb595acf4febeab427d33091d97ac4c57c4e39c63f7a89549d3a6dd32091b0652d4f0875f3ac22c173d815b5acd553dd7b8d125f333c0bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.3.1", + "bom-ref": "ignore@5.3.1", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45cadcff22b68c8eaa707dddf891edbc3d354c8d98c91b630f9f9b7b384e1e50250d7fc0406bb6f95944bdfd0bebea6c0e412ecc93abddb0c9e8e617be4fc5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + }, + { + "type": "library", + "name": "hyperlinker", + "version": "1.0.0", + "bom-ref": "hyperlinker@1.0.0", + "author": "James Talmage", + "description": "Write hyperlinks in the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hyperlinker@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/hyperlinker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hyperlinker/-/hyperlinker-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f2f146e545614471f4ae21a6a3337e0b74f5c885bb356a3117fc104fbf6e09f9e9d255a11563adf143a9533bd551612e4b028821206d080c9fa9f883f329441" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hyperlinker" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11d0c366ee00d8ec882bb2ebff6cc6fb0e6399bba4d435419c4c11110bc1ceca412640846d16bc1b153596085871a1890a745689b8c35e5abbefd5f5ff2e71c2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/indent-string" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "2.2.0", + "bom-ref": "is-wsl@2.2.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cacc0adad2b18951407018180d90766e4e865c9fe4ed5c7a5e0a09a430930c631d6c40361a092ca32414826b69c7d431a6eecde7d68067a21a154c168decbc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "2.2.1", + "bom-ref": "is-docker@2.2.1", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17e8b604ab05ac7eba89a505734c280fcb0bcbc81eb64c13c2d3818efb39e82c780a024378a41ea9fcfcc0062249bf093a9ad68471f9a7becf6e6602bef52e5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "natural-orderby", + "version": "2.0.3", + "bom-ref": "natural-orderby@2.0.3", + "author": "Olaf Ennen", + "description": "Lightweight and performant natural sorting of arrays and collections by differentiating between unicode characters, numbers, dates, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-orderby@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/yobacca/natural-orderby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yobacca.github.io/natural-orderby", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yobacca/natural-orderby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-orderby/-/natural-orderby-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7b2931f1534094adc3977bad997eb6f9675de72ef3e149647fb28de416e954414d2c814965d99d0bc29b0b377e7578e383fa1446bbf17583eeb10df3de0fef9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-orderby" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "1.1.33", + "bom-ref": "object-treeify@1.1.33", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@1.1.33", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-1.1.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1055630187f35aa5ac04c4473cc0172c20c8267a4c85d580a91ef11ba33a6b672ce8f305a65ffe676d30f730d6e2f9313857dd75e8012aaf517a17746f1584ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "password-prompt", + "version": "1.1.3", + "bom-ref": "password-prompt@1.1.3", + "author": "Jeff Dickey @jdxcode", + "description": "cross-platform masked or hidden prompt", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/password-prompt@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/password-prompt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/password-prompt/-/password-prompt-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e4ae31b668996f174b7604c1f47b62c1fc41dfdcb72addf34ccf2e066077106e502f3a5f904238b52f1ed644132aa552bca7e291edb0a0ee8a80317b5d82acb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/password-prompt" + } + ] + }, + { + "type": "library", + "name": "slice-ansi", + "version": "4.0.0", + "bom-ref": "slice-ansi@4.0.0", + "description": "Slice a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slice-ansi@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/slice-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/slice-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/slice-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8c08c7e1634e347151d3e372bd045ca0a986d43c564a1ce83b2bbde6b5358945bf29c8fddfcdfe08c5de52cdd10943a311520fd606738bc60859b4a2aeac435" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slice-ansi" + } + ] + }, + { + "type": "library", + "name": "astral-regex", + "version": "2.0.0", + "bom-ref": "astral-regex@2.0.0", + "author": "Kevin Mårtensson", + "description": "Regular expression for matching astral symbols", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/astral-regex@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/astral-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/astral-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/astral-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67bb4cc35cad4d7b798ea31c38ff8e42d794d55b8d2bd634daeb89b4a4354afebd8d740a2a0e5c89b2f0189a30f32cd93fe780735f0498b18f6a5d1ba77eabbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/astral-regex" + } + ] + }, + { + "type": "library", + "name": "widest-line", + "version": "3.1.0", + "bom-ref": "widest-line@3.1.0", + "author": "Sindre Sorhus", + "description": "Get the visual width of the widest line in a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/widest-line@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/widest-line.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36c9a85da96c5950cc1aea71679474f246bd7e56638e22ef1d501660e2ad88a33cba3b595abf5c45f7da93eb92138f3e39bf0e6da957a70c9e522c830fa40582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/widest-line" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "plugin-help", + "group": "@oclif", + "version": "6.1.0", + "bom-ref": "@oclif/plugin-help@6.1.0", + "author": "Salesforce", + "description": "Standard help for oclif.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-help@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-help.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-help", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-help/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-help/-/plugin-help-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53e2cd28a69906ba07aa848622961b42691397c696d0d25c3bdb6bd3dd4b24e67be22a840e2ba97c14c232e9255bdb9365d585600a6a4e6b210ee07f238d63c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.13", + "bom-ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.13", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba0f02654089a6181eb5265581de07420c9ec256151861b52c87855c6c63818b2367f7f92379d20a3ef1a403040ea8d50ff970992ba3b55c1aeedbc480b1880b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-9.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54bfa536b128217c30d5ca0b3ce9a21262bfd2c1a2824a3908ec48d3d2b31dcd9525726c437ed4690fbcaaebb18c3780efe2a72c64d647239748b2d1d966f88f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "ansis", + "version": "3.2.0", + "bom-ref": "ansis@3.2.0", + "author": "webdiscus", + "description": "Colorize terminal with ANSI colors & styles", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ansis@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/webdiscus/ansis.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/webdiscus/ansis", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/webdiscus/ansis/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansis/-/ansis-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "624dc19071fd53ba0fc8237780be5373b0a96a11bff9416fffa506d370b7d75572f65cd1980e6ea310d3a54f423b7ac61cbe8acc9cffa5d0de5d9099e4cbbf4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansis" + } + ] + }, + { + "type": "library", + "name": "cli-spinners", + "version": "2.9.2", + "bom-ref": "cli-spinners@2.9.2", + "author": "Sindre Sorhus", + "description": "Spinners for use in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-spinners@2.9.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-spinners.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-spinners/-/cli-spinners-2.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb0a95fb9326c8be04ef26d780acace03ba065b5f4142e8b9f0ae18eeca42239caf64f0e41a710edac462a78c35d63619ecd31a2dddb648e61e791fcca8f5c26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-spinners" + } + ] + }, + { + "type": "library", + "name": "cosmiconfig", + "version": "9.0.0", + "bom-ref": "cosmiconfig@9.0.0", + "author": "Daniel Fischer", + "description": "Find and load configuration from a package.json property, rc file, TypeScript module, and more!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cosmiconfig@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/cosmiconfig/cosmiconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8adbcbe61f1111300298e4c573851f23207645f1078bbd40c7a13f3e2bd5c6af4db1e29b396a5ec8710e21b980c35aecf0093456eaec40dc30ee57fb62d530ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cosmiconfig" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa1d6590b2a164c4d88e8835544a49346ecd64959cb9cd830e4feab2a49345108e5e22e3790d5dd7fb9dad41a1a8cc5480097028d67471fdaea9a9f918bb92d8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/env-paths" + } + ] + }, + { + "type": "library", + "name": "import-fresh", + "version": "3.3.0", + "bom-ref": "import-fresh@3.3.0", + "author": "Sindre Sorhus", + "description": "Import a module while bypassing the cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-fresh@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bde6188506be0f54012b39ef8541f16fc7dac65af0527c6c78301b029e39ec4d302cd8a8d9b3922a78d80e1323f98880abad71acc1a1424f625d593917381033" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-fresh" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "4.1.0", + "bom-ref": "js-yaml@4.1.0", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c29c59b3d368c596891122462194f20c4698a65d0529203e141f5a262c9e98a84cc24c5083ade1e13d4a2605061e94ea3c33517269982ee82b46326506d5af44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.2", + "bom-ref": "error-ex@1.3.2", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd147366a9e15212dd9906c0ab8a8aca9e7dd9da98fe7ddf64988e90a16c38fff0cbfa270405f73453ba890a2b2aad3b0a4e3c387cd172da95bd3aa4ad0fce2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "2.3.1", + "bom-ref": "json-parse-even-better-errors@2.3.1", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c72170ca1ae8fc91287fa1a17b68b3d8d717a23dac96836c5abfd7b044432bfa223c27da36197938d7e9fa341d01945043420958dcc7f7321917b962f75921db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-parse-even-better-errors" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "5.1.6", + "bom-ref": "typescript@5.1.6", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@5.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cda582a33459e832c4580585ad50f3d47e85557cd449f4f2e4550c5ac42553c626e493fd78ee31913211385090be141feb5cfa3bf1baba0c374a0027bef9be1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d15851ee494dde0ed4093ef9cd63b25c91eb758f4b793ae3ac1733cfcec7a40f9d9997ca947c520f122b305ea22f1d61951ce817fbb1bfbc234d85e870c5f91" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-plugins", + "group": "@oclif", + "version": "5.2.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2", + "author": "Salesforce", + "description": "plugins plugin for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-plugins@5.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-plugins.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-plugins/-/plugin-plugins-5.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "054027977f9f374f1c7fb2ea9cb851bf991cf8758e2f3dd32eadedf407f6e5af100a9c5804a6339f283152ba08e744ccd34dbe8b49af8e4b518e0d9b1fd791ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "206374200c26843270cb5dd673c93ee0f11b4cf86926732d7d1e7765b3b28e4be611c2d2e270b0a7a9af3168d2e6c5237a25b79a9c7a7079ae84a12ef5799c43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-package-arg" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83cf8e9d4fcbdaffb0ca254af83e5f037e09ec41fc8d9f030e5bf085108cc66323ed4081bf188ed6619e37edfa25720a178cdebd4e2444177c955806f6f2de94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/proc-log" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a69c13b62259ab43bf6a2d33ef27ee76d069588a3133cc84ea71e2d57e3b785476116391a9f6eee829cf94db2378debcdde4f4a86e87fcfc9ff5f09cbe39e79d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path" + } + ], + "components": [ + { + "type": "library", + "name": "path-key", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85a444ca9abbc6433b12b7e0232034cfe063e0018a94c49d9501368ef268ea1b960f511d90a615f86fd3e27ab4604176be04d3f24a8c14aa35b879fde74af849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path/node_modules/path-key" + } + ] + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63ab60e6b1dfb1e7d291f2ae8efd92c07ba522744ecbfac22f9178c3440e5b1badf009f16317f46263614e1f7965fcb1a6cb9da3aeaeaa4bb1d000859f231281" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5698c846f4ec33f16022a12b3a65096049b6fc5971932b2fee1492b4d22471cfc99538998613bf7a9a39eefb1fb10e0cb492a2901414073a5bc538caabec72" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2e907fe7807eff627986a43b8a66477dd537d4e96042ac7b6627159649bd93383dff0f0628b11c15f265fedec30840ee78ec81003eb3082c133ba173b3436811" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "yarn", + "version": "1.22.22", + "bom-ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22", + "description": "📦🐈 Fast, reliable, and secure dependency management.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/yarn@1.22.22", + "externalReferences": [ + { + "url": "git+https://github.com/yarnpkg/yarn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yarnpkg/yarn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yarnpkg/yarn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yarn/-/yarn-1.22.22.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/yarn" + } + ] + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6e519014293e66f19cefb3bd975b2dc7b6f55b4d6963444eba70feb46f127302a7f60e0202a3b9584d8d881d498b9cda6362fc396ef9a81ef3dcd103b66badb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info" + } + ], + "components": [ + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "hosted-git-info@7.0.2|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f61a77569dbf845414888c0aa3c5c2785567ae0f0f9374d834f211eed2400ca8b961f705eef11a2bb6af1474e54b2de438a61a25069a95f128e98b9775c78139" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info/node_modules/lru-cache" + } + ] + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3a58cbad0f5241d394a93690c6a2f97447d95ab5c4c72c96b28cd89405856b03d536e0fcde2825eee243d914e434c6e7888620b7c97cd5e08918875017b6af2d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-name" + } + ] + }, + { + "type": "library", + "name": "npm", + "version": "10.8.0", + "bom-ref": "npm@10.8.0", + "author": "GitHub Inc.", + "description": "a package manager for JavaScript", + "licenses": [ + { + "license": { + "id": "Artistic-2.0" + } + } + ], + "purl": "pkg:npm/npm@10.8.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://docs.npmjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm/-/npm-10.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c21f77b91733829ec70e73cc88b5dc0a4bf685a81d252d3327d293ff7d5dd05a173f4dbeaa037600ec29696f397f14569229e5dab10b7cfc3e0a30575b8f3f8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm" + } + ], + "components": [ + { + "type": "library", + "name": "string-locale-compare", + "group": "@isaacs", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "author": "Isaac Z. Schlueter", + "description": "Compare strings with Intl.Collator if available, falling back to String.localeCompare otherwise", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/string-locale-compare@1.1.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/string-locale-compare.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/string-locale-compare.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/string-locale-compare" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arborist", + "group": "@npmcli", + "version": "7.5.2", + "bom-ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "author": "GitHub Inc.", + "description": "Manage node_modules trees", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/arborist@7.5.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/arborist", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/arborist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/arborist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs", + "group": "@npmcli", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "author": "GitHub Inc.", + "description": "filesystem utilities for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/fs@3.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "installed-package-contents", + "group": "@npmcli", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "author": "GitHub Inc.", + "description": "Get the list of files installed in a package in node_modules, including bundled dependencies", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/installed-package-contents@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/installed-package-contents.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/installed-package-contents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/installed-package-contents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/installed-package-contents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/installed-package-contents" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-bundled", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-bundled@3.0.1", + "author": "GitHub Inc.", + "description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-bundled@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-bundled.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-bundled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-bundled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-bundled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-bundled" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-normalize-package-bin", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "author": "GitHub Inc.", + "description": "Turn any flavor of allowable package.json bin into a normalized object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-normalize-package-bin@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-normalize-package-bin.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-normalize-package-bin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-normalize-package-bin" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "map-workspaces", + "group": "@npmcli", + "version": "3.0.6", + "bom-ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "author": "GitHub Inc.", + "description": "Retrieves a name:pathname Map for a given workspaces config", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/map-workspaces@3.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/map-workspaces.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/map-workspaces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/map-workspaces#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/map-workspaces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/map-workspaces" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "metavuln-calculator", + "group": "@npmcli", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "author": "GitHub Inc.", + "description": "Calculate meta-vulnerabilities from package security advisories", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/metavuln-calculator@7.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/metavuln-calculator.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/metavuln-calculator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/metavuln-calculator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacache", + "version": "18.0.3", + "bom-ref": "npm@10.8.0|cacache@18.0.3", + "author": "GitHub Inc.", + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cacache@18.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cacache.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cacache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cacache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cacache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cacache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "author": "GitHub Inc.", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/json-parse-even-better-errors.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-parse-even-better-errors" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pacote", + "version": "18.0.6", + "bom-ref": "npm@10.8.0|pacote@18.0.6", + "author": "GitHub Inc.", + "description": "JavaScript package downloader", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/pacote@18.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/pacote.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/pacote.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/pacote#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/pacote/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/pacote" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "npm@10.8.0|semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/semver" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "name-from-folder", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "author": "GitHub Inc.", + "description": "Get the package name from a folder path", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/name-from-folder@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/name-from-folder.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/name-from-folder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/name-from-folder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/name-from-folder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/name-from-folder" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "group": "@npmcli", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "author": "GitHub Inc.", + "description": "Tools for dealing with node-gyp packages", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/node-gyp@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-gyp.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "package-json", + "group": "@npmcli", + "version": "5.1.0", + "bom-ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "author": "GitHub Inc.", + "description": "Programmatic API to update package.json", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/package-json@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "query", + "group": "@npmcli", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|@npmcli/query@3.1.0", + "author": "GitHub Inc.", + "description": "npm query parser and tools", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/query@3.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/query.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/query.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/query#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/query/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/query" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16?vcs_url=git%2Bhttps%3A//github.com/postcss/postcss-selector-parser.git", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/postcss-selector-parser" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/cssesc.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cssesc" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2?vcs_url=git%3A//github.com/TooTallNate/util-deprecate.git", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/util-deprecate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "redact", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/redact@2.0.0", + "author": "GitHub Inc.", + "description": "Redact sensitive npm information from output", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/redact@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/redact.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/redact.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/redact#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/redact/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/redact" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "run-script", + "group": "@npmcli", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "author": "GitHub Inc.", + "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/run-script@8.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/run-script.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/run-script.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/run-script#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/run-script/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/run-script" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bin-links", + "version": "4.0.4", + "bom-ref": "npm@10.8.0|bin-links@4.0.4", + "author": "GitHub Inc.", + "description": "JavaScript package binary linker", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/bin-links@4.0.4?vcs_url=git%2Bhttps%3A//github.com/npm/bin-links.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/bin-links.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/bin-links#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/bin-links/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/bin-links" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cmd-shim", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|cmd-shim@6.0.3", + "author": "GitHub Inc.", + "description": "Used in npm for command line application support", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cmd-shim@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-cmd-shim", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|read-cmd-shim@4.0.0", + "author": "GitHub Inc.", + "description": "Figure out what a cmd-shim is pointing at. This acts as the equivalent of fs.readlink.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-cmd-shim@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/read-cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|write-file-atomic@5.0.1", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/write-file-atomic.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/write-file-atomic" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "common-ancestor-path", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|common-ancestor-path@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Find the common ancestor of 2 or more paths on Windows or Unix", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/common-ancestor-path@1.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/common-ancestor-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/common-ancestor-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/common-ancestor-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-nice", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|json-stringify-nice@1.1.4", + "author": "Isaac Z. Schlueter", + "description": "Stringify an object sorting scalars before objects, and defaulting to 2-space indent", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-nice@1.1.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/json-stringify-nice.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/json-stringify-nice.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-stringify-nice" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "npm@10.8.0|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2?vcs_url=git%3A//github.com/isaacs/node-lru-cache.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/lru-cache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "npm@10.8.0|minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4?vcs_url=git%3A//github.com/isaacs/minimatch.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.1", + "bom-ref": "npm@10.8.0|nopt@7.2.1", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.1?vcs_url=git%2Bhttps%3A//github.com/npm/nopt.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/nopt" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-install-checks", + "version": "6.3.0", + "bom-ref": "npm@10.8.0|npm-install-checks@6.3.0", + "author": "GitHub Inc.", + "description": "Check the engines and platform fields in package.json", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-install-checks@6.3.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-install-checks.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-install-checks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-install-checks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-install-checks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-install-checks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "npm@10.8.0|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-package-arg.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-package-arg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-pick-manifest", + "version": "9.0.1", + "bom-ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "author": "GitHub Inc.", + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-pick-manifest@9.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-pick-manifest.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-pick-manifest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-pick-manifest" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-registry-fetch", + "version": "17.0.1", + "bom-ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "author": "GitHub Inc.", + "description": "Fetch-based http client for use with npm registry APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-registry-fetch@17.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-registry-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-registry-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-registry-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-conflict-json", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "author": "GitHub Inc.", + "description": "Parse a JSON string that has git merge conflicts, resolving if possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/parse-conflict-json@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/parse-conflict-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/parse-conflict-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/parse-conflict-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proggy", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|proggy@2.0.0", + "author": "GitHub Inc.", + "description": "Progress bar updates at a distance", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proggy@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proggy.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proggy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proggy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proggy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proggy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-all-reject-late", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-all-reject-late@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like Promise.all, but save rejections until all promises are resolved", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-all-reject-late@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-all-reject-late" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-call-limit", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|promise-call-limit@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Call an array of promise-returning functions, restricting concurrency to a specified limit.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-call-limit@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/promise-call-limit.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/promise-call-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-call-limit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-package-json-fast", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "author": "GitHub Inc.", + "description": "Like read-package-json, but faster", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-package-json-fast@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/read-package-json-fast.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-package-json-fast.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-package-json-fast" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ssri", + "version": "10.0.6", + "bom-ref": "npm@10.8.0|ssri@10.0.6", + "author": "GitHub Inc.", + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ssri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ssri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ssri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ssri" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "treeverse", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|treeverse@3.0.0", + "author": "GitHub Inc.", + "description": "Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/treeverse@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/treeverse.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/treeverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/treeverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/treeverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/treeverse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "walk-up-path", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|walk-up-path@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Given a path string, return a generator that walks up the path, emitting each dirname.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/walk-up-path@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/walk-up-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/walk-up-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/walk-up-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config", + "group": "@npmcli", + "version": "8.3.2", + "bom-ref": "npm@10.8.0|@npmcli/config@8.3.2", + "author": "GitHub Inc.", + "description": "Configuration management for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/config@8.3.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/config", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/config" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0?vcs_url=git%2Bhttps%3A//github.com/watson/ci-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "4.1.2", + "bom-ref": "npm@10.8.0|ini@4.1.2", + "author": "GitHub Inc.", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@4.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/ini.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ini" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.15", + "bom-ref": "npm@10.8.0|glob@10.3.15", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.15?vcs_url=git%3A//github.com/isaacs/node-glob.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/glob" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git", + "group": "@npmcli", + "version": "5.0.7", + "bom-ref": "npm@10.8.0|@npmcli/git@5.0.7", + "author": "GitHub Inc.", + "description": "a util for spawning git from npm CLI contexts", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/git@5.0.7?vcs_url=git%2Bhttps%3A//github.com/npm/git.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/git.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/git#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/git/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/git" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-spawn", + "group": "@npmcli", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "author": "GitHub Inc.", + "description": "spawn processes the way the npm cli likes to do", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/promise-spawn@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promise-spawn.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promise-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promise-spawn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promise-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/promise-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-inflight", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-inflight@1.0.1", + "author": "Rebecca Turner", + "description": "One promise for multiple requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-inflight@1.0.1?vcs_url=git%2Bhttps%3A//github.com/iarna/promise-inflight.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/promise-inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/promise-inflight#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/promise-inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-inflight" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-retry", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|promise-retry@2.0.1", + "author": "IndigoUnited", + "description": "Retries a function that returns a promise, leveraging the power of the retry module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/promise-retry@2.0.1?vcs_url=git%3A//github.com/IndigoUnited/node-promise-retry.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/node-promise-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-which.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/normalize-package-data.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "version": "10.1.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0", + "author": "Nathan Rajlich", + "description": "Node.js native addon build tool", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-gyp@10.1.0?vcs_url=git%3A//github.com/nodejs/node-gyp.git", + "externalReferences": [ + { + "url": "git://github.com/nodejs/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "proc-log", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "tuf", + "group": "@sigstore", + "version": "2.3.3", + "bom-ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "author": "bdehamer@github.com", + "description": "Client for the Sigstore TUF repository", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/tuf@2.3.3?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/tuf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/tuf" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "protobuf-specs", + "group": "@sigstore", + "version": "0.3.2", + "bom-ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/protobuf-specs@0.3.2?vcs_url=git%2Bhttps%3A//github.com/sigstore/protobuf-specs.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/protobuf-specs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/protobuf-specs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf-js", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|tuf-js@2.2.1", + "author": "bdehamer@github.com", + "description": "JavaScript implementation of The Update Framework (TUF)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tuf-js@2.2.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tuf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "models", + "group": "@tufjs", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|@tufjs/models@2.0.1", + "author": "bdehamer@github.com", + "description": "TUF metadata models", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/models@2.0.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/models#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/models" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "canonical-json", + "group": "@tufjs", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "author": "bdehamer@github.com", + "description": "OLPC JSON canonicalization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/canonical-json@2.0.0?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/canonical-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/canonical-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "npm@10.8.0|debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4?vcs_url=git%3A//github.com/debug-js/debug.git", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2?vcs_url=git%2Bhttps%3A//github.com/zeit/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "make-fetch-happen", + "version": "13.0.1", + "bom-ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "author": "GitHub Inc.", + "description": "Opinionated, caching, retrying fetch client", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-fetch-happen@13.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/make-fetch-happen.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/make-fetch-happen.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/make-fetch-happen" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/abbrev-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/abbrev" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "archy", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|archy@1.0.0", + "author": "James Halliday", + "description": "render nested hierarchies `npm ls` style with unicode pipes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/archy@1.0.0?vcs_url=git%2Bssh%3A//git%40github.com/substack/node-archy.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/substack/node-archy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-archy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-archy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/archy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "3.0.3", + "bom-ref": "npm@10.8.0|fs-minipass@3.0.3", + "author": "GitHub Inc.", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@3.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-collect", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|minipass-collect@2.0.1", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that collects all the data into a single chunk", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-collect@2.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-collect.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-collect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-collect" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|minipass@7.1.1", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-flush", + "version": "1.0.5", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that calls a flush function before emitting 'end'", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-flush.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|yallist@4.0.0", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/yallist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-pipeline", + "version": "1.2.4", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "create a pipeline of streams using Minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-pipeline@1.2.4", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "p-map", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|p-map@4.0.0", + "author": "Sindre Sorhus", + "description": "Map over promises concurrently", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-map@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/p-map.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/p-map" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tar", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|tar@6.2.1", + "author": "GitHub Inc.", + "description": "tar for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-tar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-tar#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-tar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fs-minipass", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "author": "Isaac Z. Schlueter", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@5.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "unique-filename", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|unique-filename@3.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique filename for use in temporary directories or caches.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-filename@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-filename.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/unique-filename", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/unique-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-filename" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-slug", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|unique-slug@4.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique character string suitible for use in files and URLs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-slug@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-slug.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-slug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/unique-slug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/unique-slug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-slug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "npm@10.8.0|imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4?vcs_url=git%2Bhttps%3A//github.com/jensyt/imurmurhash-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/imurmurhash" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "5.3.0", + "bom-ref": "npm@10.8.0|chalk@5.3.0", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@5.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/chalk.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chalk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-columns", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|cli-columns@4.0.0", + "author": "Shannon Moeller", + "description": "Columnated lists for the CLI.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-columns@4.0.0?vcs_url=git%2Bhttps%3A//github.com/shannonmoeller/cli-columns.git", + "externalReferences": [ + { + "url": "git+https://github.com/shannonmoeller/cli-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cli-columns" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "npm@10.8.0|string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "npm@10.8.0|emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-fullwidth-code-point" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "npm@10.8.0|fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16?vcs_url=git%2Bhttps%3A//github.com/ka-weihe/fastest-levenshtein.git", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1?vcs_url=git%2Bhttps%3A//github.com/tapjs/foreground-child.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/foreground-child" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3?vcs_url=git%2Bssh%3A//git%40github.com/moxystudio/node-cross-spawn.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2?vcs_url=git%3A//github.com/isaacs/node-which.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-key.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-key" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0?vcs_url=git%2Bhttps%3A//github.com/kevva/shebang-command.git", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-command" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/shebang-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "npm@10.8.0|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0?vcs_url=git%2Bhttps%3A//github.com/tapjs/signal-exit.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "npm@10.8.0|jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/jackspeak.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jackspeak" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2?vcs_url=git%2Bhttps%3A//github.com/yargs/cliui.git", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0?vcs_url=git%3A//github.com/komagata/eastasianwidth.git", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/eastasianwidth" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1?vcs_url=git%2Bhttps%3A//github.com/Qix-/color-convert.git", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-convert" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4?vcs_url=git%2Bssh%3A//git%40github.com/colorjs/color-name.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0?vcs_url=git%2Bssh%3A//git%40github.com/pkgjs/parseargs.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@pkgjs/parseargs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.11.1", + "bom-ref": "npm@10.8.0|path-scurry@1.11.1", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.11.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/path-scurry.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-scurry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "npm@10.8.0|graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/graceful-fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "init-package-json", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|init-package-json@6.0.3", + "author": "GitHub Inc.", + "description": "A node module to get your node module started", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/init-package-json@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/init-package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/init-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/init-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/init-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/init-package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promzard", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|promzard@1.0.2", + "author": "GitHub Inc.", + "description": "prompting wizardly", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promzard@1.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promzard.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promzard.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promzard#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promzard/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promzard" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|read@3.0.1", + "author": "GitHub Inc.", + "description": "read(1) for node programs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/read.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-correct.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "npm@10.8.0|spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "npm@10.8.0|spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-license-ids.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/validate-npm-package-name.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-cidr", + "version": "5.0.5", + "bom-ref": "npm@10.8.0|is-cidr@5.0.5", + "author": "silverwind", + "description": "Check if a string is an IP address in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/is-cidr@5.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/is-cidr.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/is-cidr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/is-cidr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/is-cidr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-cidr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cidr-regex", + "version": "4.0.5", + "bom-ref": "npm@10.8.0|cidr-regex@4.0.5", + "author": "silverwind", + "description": "Regular expression for matching IP addresses in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/cidr-regex@4.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/cidr-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/cidr-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cidr-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-regex", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|ip-regex@5.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching IP addresses (IPv4 & IPv6)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-regex@5.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ip-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ip-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmaccess", + "version": "8.0.6", + "bom-ref": "npm@10.8.0|libnpmaccess@8.0.6", + "author": "GitHub Inc.", + "description": "programmatic library for `npm access` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmaccess@8.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmaccess", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmaccess", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmaccess", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmaccess/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmaccess" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmdiff", + "version": "6.1.2", + "bom-ref": "npm@10.8.0|libnpmdiff@6.1.2", + "author": "GitHub Inc.", + "description": "The registry diff", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmdiff@6.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmdiff", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmdiff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmdiff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/binary-extensions.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/binary-extensions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "npm@10.8.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0?vcs_url=git%3A//github.com/kpdecker/jsdiff.git", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmexec", + "version": "8.1.1", + "bom-ref": "npm@10.8.0|libnpmexec@8.1.1", + "author": "GitHub Inc.", + "description": "npm exec (npx) programmatic API", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmexec@8.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmexec", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmexec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmexec" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmfund", + "version": "5.0.10", + "bom-ref": "npm@10.8.0|libnpmfund@5.0.10", + "author": "GitHub Inc.", + "description": "Programmatic API for npm fund", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmfund@5.0.10?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmfund", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmfund", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmfund" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmhook", + "version": "10.0.5", + "bom-ref": "npm@10.8.0|libnpmhook@10.0.5", + "author": "GitHub Inc.", + "description": "programmatic API for managing npm registry hooks", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmhook@10.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmhook", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmhook", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmhook" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aproba", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|aproba@2.0.0", + "author": "Rebecca Turner", + "description": "A ridiculously light-weight argument validator (now browser friendly)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/aproba@2.0.0?vcs_url=git%2Bhttps%3A//github.com/iarna/aproba.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/aproba.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/aproba", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/aproba/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aproba" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmorg", + "version": "6.0.6", + "bom-ref": "npm@10.8.0|libnpmorg@6.0.6", + "author": "GitHub Inc.", + "description": "Programmatic api for `npm org` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmorg@6.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmorg", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmorg", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmorg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmorg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmorg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpack", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|libnpmpack@7.0.2", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm pack", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpack@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpack", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmpack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpublish", + "version": "9.0.8", + "bom-ref": "npm@10.8.0|libnpmpublish@9.0.8", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm publish and unpublish", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpublish@9.0.8?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpublish", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpublish", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpublish", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpublish" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sigstore", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|sigstore@2.3.0", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/sigstore@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sigstore" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bundle", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore bundle type", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/bundle@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/bundle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/bundle" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@sigstore", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@sigstore/core@1.1.0", + "author": "bdehamer@github.com", + "description": "Base library for Sigstore", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/core@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/core" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sign", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore signing library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/sign@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/sign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/sign" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "verify", + "group": "@sigstore", + "version": "1.2.0", + "bom-ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "author": "bdehamer@github.com", + "description": "Verification of Sigstore signatures", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/verify@1.2.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/verify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/verify" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmsearch", + "version": "7.0.5", + "bom-ref": "npm@10.8.0|libnpmsearch@7.0.5", + "author": "GitHub Inc.", + "description": "Programmatic API for searching in npm and compatible registries.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmsearch@7.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmsearch", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmsearch", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmsearch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmsearch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmsearch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmteam", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|libnpmteam@6.0.5", + "author": "GitHub Inc.", + "description": "npm Team management APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmteam@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmteam", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmteam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmteam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmteam" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmversion", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|libnpmversion@6.0.2", + "author": "GitHub Inc.", + "description": "library to do the things that 'npm version' does", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmversion@6.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmversion", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmversion", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmversion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent", + "group": "@npmcli", + "version": "2.2.2", + "bom-ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "author": "GitHub Inc.", + "description": "the http/https agent used by the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/agent@2.2.2?vcs_url=git%2Bhttps%3A//github.com/npm/agent.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent-base", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|agent-base@7.1.1", + "author": "Nathan Rajlich", + "description": "Turn a function into an `http.Agent` instance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/agent-base@7.1.1?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/agent-base" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-proxy-agent", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTP", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-proxy-agent@7.0.2?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "https-proxy-agent", + "version": "7.0.4", + "bom-ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/https-proxy-agent@7.0.4?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/https-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks-proxy-agent", + "version": "8.0.3", + "bom-ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "author": "Nathan Rajlich", + "description": "A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks-proxy-agent@8.0.3?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks", + "version": "2.8.3", + "bom-ref": "npm@10.8.0|socks@2.8.3", + "author": "Josh Glazebrook", + "description": "Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks@2.8.3?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/socks.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/socks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-address", + "version": "9.0.5", + "bom-ref": "npm@10.8.0|ip-address@9.0.5", + "author": "Beau Gunderson", + "description": "A library for parsing IPv4 and IPv6 IP addresses in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-address@9.0.5?vcs_url=git%3A//github.com/beaugunderson/ip-address.git", + "externalReferences": [ + { + "url": "git://github.com/beaugunderson/ip-address.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-address" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsbn", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|jsbn@1.1.0", + "author": "Tom Wu", + "description": "The jsbn library is a fast, portable implementation of large-number math in pure JavaScript, enabling public-key crypto and other applications on desktop and mobile browsers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsbn@1.1.0?vcs_url=git%2Bhttps%3A//github.com/andyperlitch/jsbn.git", + "externalReferences": [ + { + "url": "git+https://github.com/andyperlitch/jsbn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsbn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.1.3", + "bom-ref": "npm@10.8.0|sprintf-js@1.1.3", + "author": "Alexandru Mărășteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.1.3?vcs_url=git%2Bhttps%3A//github.com/alexei/sprintf.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "smart-buffer", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|smart-buffer@4.2.0", + "author": "Josh Glazebrook", + "description": "smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/smart-buffer@4.2.0?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/smart-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/smart-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/smart-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "npm@10.8.0|http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1?vcs_url=git%2Bhttps%3A//github.com/kornelski/http-cache-semantics.git", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-lambda", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|is-lambda@1.0.1", + "author": "Thomas Watson Steen", + "description": "Detect if your code is running on an AWS Lambda server", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-lambda@1.0.1?vcs_url=git%2Bhttps%3A//github.com/watson/is-lambda.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/is-lambda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/is-lambda", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/is-lambda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-lambda" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-fetch", + "version": "3.0.5", + "bom-ref": "npm@10.8.0|minipass-fetch@3.0.5", + "author": "GitHub Inc.", + "description": "An implementation of window.fetch in Node.js using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-fetch@3.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "encoding", + "version": "0.1.13", + "bom-ref": "npm@10.8.0|encoding@0.1.13", + "author": "Andris Reinman", + "description": "Convert encodings, uses iconv-lite", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encoding@0.1.13?vcs_url=git%2Bhttps%3A//github.com/andris9/encoding.git", + "externalReferences": [ + { + "url": "git+https://github.com/andris9/encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andris9/encoding#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andris9/encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/encoding" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|iconv-lite@0.6.3", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.6.3?vcs_url=git%3A//github.com/ashtuchkin/iconv-lite.git", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/iconv-lite" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2?vcs_url=git%2Bhttps%3A//github.com/ChALkeR/safer-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/safer-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-sized", + "version": "1.0.3", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that raises an error if you get a different number of bytes than expected", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-sized@1.0.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-sized.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-sized.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "minizlib", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|minizlib@2.1.2", + "author": "Isaac Z. Schlueter", + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minizlib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minizlib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minizlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3?vcs_url=git%2Bhttps%3A//github.com/jshttp/negotiator.git", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/negotiator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "err-code", + "version": "2.0.3", + "bom-ref": "npm@10.8.0|err-code@2.0.3", + "author": "IndigoUnited", + "description": "Create an error with a code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/err-code@2.0.3?vcs_url=git%3A//github.com/IndigoUnited/js-err-code.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/js-err-code.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/err-code" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|retry@0.12.0", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.12.0?vcs_url=git%3A//github.com/tim-kos/node-retry.git", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1?vcs_url=git%3A//github.com/juliangruber/brace-expansion.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2?vcs_url=git%3A//github.com/juliangruber/balanced-match.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/balanced-match" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "npm@10.8.0|ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3?vcs_url=git%2Bhttps%3A//github.com/vercel/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/env-paths.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/env-paths" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "exponential-backoff", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|exponential-backoff@3.1.1", + "author": "Sami Sayegh", + "description": "A utility that allows retrying a function with an exponential delay between attempts.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/exponential-backoff@3.1.1?vcs_url=git%2Bhttps%3A//github.com/coveo/exponential-backoff.git", + "externalReferences": [ + { + "url": "git+https://github.com/coveo/exponential-backoff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/exponential-backoff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "npm@10.8.0|is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1?vcs_url=git%2Bhttps%3A//github.com/inspect-js/is-core-module.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-core-module" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2?vcs_url=git%2Bhttps%3A//github.com/inspect-js/hasOwn.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hasown" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "npm@10.8.0|function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2?vcs_url=git%2Bhttps%3A//github.com/Raynos/function-bind.git", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/function-bind" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-audit-report", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|npm-audit-report@5.0.0", + "author": "GitHub Inc.", + "description": "Given a response from the npm security api, render it into a variety of security reports", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-audit-report@5.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-audit-report.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-audit-report.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-audit-report#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-audit-report/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-audit-report" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-profile", + "version": "10.0.0", + "bom-ref": "npm@10.8.0|npm-profile@10.0.0", + "author": "GitHub Inc.", + "description": "Library for updating an npmjs.com profile", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-profile@10.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-profile.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-profile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-profile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-profile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-profile" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-json-stream", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSONStream, but using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-json-stream@1.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-json-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-json-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "jsonparse", + "version": "1.3.1", + "bom-ref": "npm@10.8.0|jsonparse@1.3.1", + "author": "Tim Caswell", + "description": "This is a pure-js JSON streaming parser for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonparse@1.3.1?vcs_url=git%2Bssh%3A//git%40github.com/creationix/jsonparse.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/creationix/jsonparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/creationix/jsonparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/creationix/jsonparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsonparse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-user-validate", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|npm-user-validate@2.0.1", + "author": "GitHub Inc.", + "description": "User validations for npm", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-user-validate@2.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-user-validate.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-user-validate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-user-validate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-user-validate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-user-validate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aggregate-error", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|aggregate-error@3.1.0", + "author": "Sindre Sorhus", + "description": "Create an error from multiple errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/aggregate-error@3.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/aggregate-error.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/aggregate-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aggregate-error" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "2.2.0", + "bom-ref": "npm@10.8.0|clean-stack@2.2.0", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/clean-stack.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/clean-stack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/indent-string.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/indent-string" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-packlist", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|npm-packlist@8.0.2", + "author": "GitHub Inc.", + "description": "Get a list of the files to add from a folder into an npm package", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-packlist@8.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-packlist.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-packlist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-packlist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-packlist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-packlist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore-walk", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|ignore-walk@6.0.5", + "author": "GitHub Inc.", + "description": "Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ignore-walk@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/ignore-walk.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ignore-walk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ignore-walk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ignore-walk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ignore-walk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff-apply", + "version": "5.5.0", + "bom-ref": "npm@10.8.0|just-diff-apply@5.5.0", + "author": "Angus Croll", + "description": "Apply a diff to an object. Optionally supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff-apply@5.5.0?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff-apply" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|just-diff@6.0.2", + "author": "Angus Croll", + "description": "Return an object representing the diffs between two objects. Supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff@6.0.2?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "qrcode-terminal", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|qrcode-terminal@0.12.0", + "description": "QRCodes, in the terminal", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/qrcode-terminal@0.12.0?vcs_url=git%2Bhttps%3A//github.com/gtanner/qrcode-terminal.git", + "externalReferences": [ + { + "url": "git+https://github.com/gtanner/qrcode-terminal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/qrcode-terminal" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/mute-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@4.0.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "npm@10.8.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0?vcs_url=git%2Bhttps%3A//github.com/chalk/supports-color.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chownr", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|chownr@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "like `chown -R`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/chownr@2.0.0?vcs_url=git%3A//github.com/isaacs/chownr.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/chownr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/chownr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/chownr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chownr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "1.0.4", + "bom-ref": "npm@10.8.0|mkdirp@1.0.4", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@1.0.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-mkdirp.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0?vcs_url=git%3A//github.com/substack/text-table.git", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/text-table" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-relative-date", + "version": "1.3.0", + "bom-ref": "npm@10.8.0|tiny-relative-date@1.3.0", + "author": "Joseph Wynn", + "description": "Tiny function that provides relative, human-readable dates.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tiny-relative-date@1.3.0?vcs_url=git%2Bhttps%3A//github.com/wildlyinaccurate/relative-date.git", + "externalReferences": [ + { + "url": "git+https://github.com/wildlyinaccurate/relative-date.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tiny-relative-date" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-version", + "group": "@oclif", + "version": "2.2.2", + "bom-ref": "@oclif/plugin-version@2.2.2", + "author": "Salesforce", + "description": "A command that shows the CLI version", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-version@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-version.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-version", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-version/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-version/-/plugin-version-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1f8b742bb15567ea42c0b01cd3679965b18c816f58717f0b58c976317ccac5019f3eb98164b4e113621e6d1f4fbd10248c3af30a66d979625c0b1f7bb4767a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-version@2.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-warn-if-update-available", + "group": "@oclif", + "version": "3.1.4", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "author": "Salesforce", + "description": "warns if there is a newer version of CLI released", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-warn-if-update-available@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-warn-if-update-available.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c63eb3830bee105994ac76055c7a2a993a6f394b0482a5e2ca87fd3aa8e0955dd77813cdb109dbb96ff4f391c549606f2885500addb6b954556890b3de8ece0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "http-call", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "author": "Jeff Dickey @jdxcode", + "description": "make http requests", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/http-call@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/heroku/http-call.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heroku/http-call", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heroku/http-call/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-call/-/http-call-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a1c229ac0b6dc8084e243e5f714c18ca0788a76d169e2f265e46e9c2ff5272fd9e97f2dbf6d8c1008caf8a04e31254b6aa5cf4d399df3adfcc1a54828b1b1db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call" + } + ], + "components": [ + { + "type": "library", + "name": "parse-json", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "be35f5425be1f7f6c747184f98a788cb99477ee0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call/node_modules/parse-json" + } + ] + } + ] + }, + { + "type": "library", + "name": "is-retry-allowed", + "version": "1.1.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "author": "Vsevolod Strukchinsky", + "description": "My prime module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-retry-allowed@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/is-retry-allowed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "11a060568b67339444033d0125a61a20d564fb34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/is-retry-allowed" + } + ] + }, + { + "type": "library", + "name": "json-parse-better-errors", + "version": "1.0.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-better-errors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/zkat/json-parse-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9abab264a7d7e4484bee1bea715e961b5c988e78deb980f30e185c00052babc3e8f3934140124ff990d44fbe6a650f7c22452806a76413192e90e53b4ecdb0af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/json-parse-better-errors" + } + ] + }, + { + "type": "library", + "name": "tunnel-agent", + "version": "0.6.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "author": "Mikeal Rogers", + "description": "HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/tunnel-agent@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/mikeal/tunnel-agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "27a5dea06b36b04a0a9966774b290868f0fc40fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/tunnel-agent" + } + ] + } + ] + }, + { + "type": "library", + "name": "content-type", + "version": "1.0.5", + "bom-ref": "content-type@1.0.5", + "author": "Douglas Christopher Wilson", + "description": "Create and parse HTTP Content-Type header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-type@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d38ea7dc045122a4a7570afe180d05827e670b64a9bcd65745d29028a53bf2ac51956dc47a3ff54001de46ecdfb4b53afc42a894d2d15a743e852b836d27038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-type" + } + ] + }, + { + "type": "library", + "name": "is-stream", + "version": "2.0.1", + "bom-ref": "is-stream@2.0.1", + "author": "Sindre Sorhus", + "description": "Check if something is a Node.js stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-stream@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "845a222624e5eb79e7fa4b2d1c606d7b05922a740ba726f5e7928785e035977f6ebed3bd9d6228a75a77b9da8f71477fc5b17554b30ee27ece23aa7b45b9e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-stream" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf3d3a4bcb74a33a035cc1beb9b7b6eb37824cd5dc2883c96498bc841ac5e227422e6b38086f50b4aeea065d5ba22e4e0f31698ecc1be493e61c26cca63698ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.2.1", + "bom-ref": "safe-buffer@5.2.1", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.2.1", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae9dd2a34eca71d9a629b1af81a37141226bedb1954959394bd12ad45fa9a5b468ef4f9879a0f1930e4377c34f37e183e9b8e7626d95b8fb825e6a6e62f9825d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "test", + "group": "@oclif", + "version": "3.2.15", + "bom-ref": "@oclif/test@3.2.15", + "author": "Salesforce", + "description": "test helpers for oclif components", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/test@3.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/test/-/test-3.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea1b7468b28ccdab24a4c525c89d4d765de736b0f48e92a6072437dd1598961b76bc0b1bb87673e2010be6b3e049b0e94b4267c4425487aa2c9550a38c1e15c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "version": "4.4.1", + "bom-ref": "chai@4.4.1", + "author": "Jake Luer", + "description": "BDD/TDD assertion library for node.js and the browser. Test framework agnostic.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chai@4.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/chai.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://chaijs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/chai/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chai/-/chai-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d77b0e7ccbf6f8359db8453eff16ee9f72d270ba2a375ee705e4cb52c9837ca768882d5faf49fd3d4e20baee0085170e54593fb16f0bc99587ba15ad419885fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chai" + } + ] + }, + { + "type": "library", + "name": "fancy-test", + "version": "3.0.15", + "bom-ref": "fancy-test@3.0.15", + "author": "Salesforce", + "description": "extendable utilities for testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fancy-test@3.0.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/fancy-test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/fancy-test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/fancy-test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fancy-test/-/fancy-test-3.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91964574fcd55ad2b106498b2d47f1862cec78697565946e0a69ae0a4a35a2202cfd7fccbc4e000a6fef973bf17eee0e79bffb309f2154ff2b522566dd1ef6f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fancy-test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "group": "@types", + "version": "4.3.14", + "bom-ref": "@types/chai@4.3.14", + "description": "TypeScript definitions for chai", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/chai@4.3.14#types/chai", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/chai", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/chai", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/chai/-/chai-4.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a3ef5b1713843802419d1bd4efab5bbf7eab8dcfd11d1b82c824cc1554823b6ac8630fff1c7fc7f221f2408d1afa61cb179d213c70e1903ead60a9e47ccfedf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/chai" + } + ] + }, + { + "type": "library", + "name": "sinon", + "group": "@types", + "version": "17.0.3", + "bom-ref": "@types/sinon@17.0.3", + "description": "TypeScript definitions for sinon", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinon@17.0.3#types/sinon", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinon", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinon/-/sinon-17.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f7ba8bdd9fc7b0932f644411b5f5b3b06996dec49bbf5e3b641f28ef520b78c5f3c5cf5f1d70e44832a9d887ae85c773e8c2172bf39353e7e7abdfea1589aa7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinonjs__fake-timers", + "group": "@types", + "version": "8.1.5", + "bom-ref": "@types/sinonjs__fake-timers@8.1.5", + "description": "TypeScript definitions for @sinonjs/fake-timers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinonjs__fake-timers@8.1.5#types/sinonjs__fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinonjs__fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinonjs__fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinonjs__fake-timers/-/sinonjs__fake-timers-8.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "990914da363c8c9105ed81e31efb103bcfb7ba08532f599c9e7f7a8a07e138d991f9f50f48a22479f418a527bc6ec972d84a7ba106e7ffa546e7ff7fd2a700ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinonjs__fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-stdin", + "version": "1.0.0", + "bom-ref": "mock-stdin@1.0.0", + "author": "Caitlin Potter", + "description": "Mock STDIN file descriptor in Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-stdin@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/caitp/node-mock-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-stdin/-/mock-stdin-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6e91175bf417aedbbb7a74df97ced4911eaf49d01fc2a003b2486cc77e7f144df9aa8a9039c8d4ffb03504c987405771e991ae96c7a90e331b8e6dd39ec7ad1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nock", + "version": "13.5.4", + "bom-ref": "nock@13.5.4", + "author": "Pedro Teixeira", + "description": "HTTP server mocking and expectations library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nock@13.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/nock/nock.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nock/nock#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nock/nock/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nock/-/nock-13.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c80c937dd78d24618117159dcd2282058c6ce45c4b6c28395f94387adb3def885c4331b5faa0b1bc8c8ea388f6472e8c52585654c5f83a860379f008230ba98f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nock" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-safe", + "version": "5.0.1", + "bom-ref": "json-stringify-safe@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSON.stringify, but doesn't blow up on circular refs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-safe@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/json-stringify-safe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642960e80698bda9af60413cd9ddc8c9ddef49222343ea1d823693cd1b8edeceeda0274529cce86f68b4cc287b244f245a7d7bcaf016854571bea1b051a96c44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stringify-safe" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "propagate", + "version": "2.0.1", + "bom-ref": "propagate@2.0.1", + "author": "Pedro Teixeira", + "description": "Propagate events from one event emitter into another", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/propagate@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nock/propagate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/nock/propagate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/nock/propagate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/propagate/-/propagate-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bc6ae139abcf493cf841536e04d75c35778f35d34c68ed718fdc81787d527103e393fae183db129425cf84c905b9a34d5bfb324ef62ab276c82713017d16db6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/propagate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinon", + "version": "16.1.3", + "bom-ref": "sinon@16.1.3", + "author": "Christian Johansen", + "description": "JavaScript test spies, stubs and mocks.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sinon@16.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/sinon.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sinonjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/sinonjs/sinon/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sinon/-/sinon-16.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a39d659ecb17007fd9c2d1b5dc3e6883badfa813c1d8ae275337305b17df006152e65b0191a76212129ca161f946d627c82d3f9e367dc198a5093f18d750f94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "sinon@16.1.3|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "sinon@16.1.3|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "3.0.1", + "bom-ref": "@sinonjs/commons@3.0.1", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b79821ca43db1587ca350bd731930c5a3a65e800c943c42d666321eb8ea39611c06362befab7deb32f6ce58f9754199dc74b0db8d17d6a807dcc8dfd72256a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "10.3.0", + "bom-ref": "@sinonjs/fake-timers@10.3.0", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@10.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578046d3b92e6125244c24811c6f06f1336133e175f635c55a742dce3fb07bc0eb92948109e7bd67732cf328867abfdd96685edf9fd7760ca8dffd2b40a83b60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "samsam", + "group": "@sinonjs", + "version": "8.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0", + "author": "Christian Johansen", + "description": "Value identification and comparison functions", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/samsam@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/samsam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sinonjs.github.io/samsam/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/samsam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "069f0a51594ba7c89b259ae7bead9fa1584fd08557d82229acc24f2b4bea1aa82b0dad0e1d529e67207292ab2492b77157ac8a04f9866ac3bc2d58c0291dc67b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "2.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b8b6b48fce7d98cae0dac97041874efc092b39f987f97e8b4d598d4d2f42a9ec6e13622f54e448912a492ea78f01b127289efb68c982c2bd4d519e7bd76d1772" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam/node_modules/@sinonjs/commons" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "lodash.get", + "version": "4.4.2", + "bom-ref": "lodash.get@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.get` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.get@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfe530fef2eecba8107bc71f685583ee9d3056ff1f265de66f35e1df7452fb4a16db0bd4aa2457890ebd80b5922e9801e7feac53eafa065411d0c0482da76a4d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.get" + } + ] + }, + { + "type": "library", + "name": "nise", + "version": "5.1.9", + "bom-ref": "nise@5.1.9", + "description": "Fake XHR and server", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/nise@5.1.9", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/nise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/nise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/nise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nise/-/nise-5.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e9e8ba35b8495e9ee34758c4939bdeebeea0f1ed98bcc89384c5a3e8f48cf2680bee59f718dae6a1f9259a1b10fb1af3e618a6132b392c27aec844846daac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "11.2.2", + "bom-ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@11.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-11.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b6a62092c50ee858ec701920321477cf22cc9e2465d8b5cea615b9c503e9115e48849d397c73ff23ba5d92df6f621419c323d1c6a1e596019beebce91971c83" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/@sinonjs/fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "6.2.2", + "bom-ref": "nise@5.1.9|path-to-regexp@6.2.2", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@6.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1905f749232892781bdfafb085da515c4fb77fd57c533c80a2b958bce1b1f3bb9f1877a13539f9942c6b2ad2f2678625ff010a9cd9ebf7c6733b0c03655e6883" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/path-to-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "text-encoding", + "group": "@sinonjs", + "version": "0.7.2", + "bom-ref": "@sinonjs/text-encoding@0.7.2", + "author": "Joshua Bell", + "description": "Polyfill for the Encoding Living Standard's API.", + "licenses": [ + { + "expression": "(Unlicense OR Apache-2.0)" + } + ], + "purl": "pkg:npm/%40sinonjs/text-encoding@0.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/text-encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/text-encoding/-/text-encoding-0.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b175ca1beb8bf48acaa95893b5aa365ace9dcb4ce7bbdb0e68fd5d8bf8ca196d4ce95b2c3bcbe5a5709072967e8e2b10d6d4c5002e49a3f10ecc56e08016a015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/text-encoding" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-extend", + "version": "6.2.0", + "bom-ref": "just-extend@6.2.0", + "author": "Angus Croll", + "description": "extend an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-extend@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/just-extend/-/just-extend-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "718a1f42ed97a689bcd92eaa0fbefc8c10e9c2fbf2dfdb3597f86b6228f6bbd00c750706469681bba918e26561ba7a39909562d43033e1a8a9840d96235fce03" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/just-extend" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "stdout-stderr", + "version": "0.1.13", + "bom-ref": "stdout-stderr@0.1.13", + "author": "Jeff Dickey @jdxcode", + "description": "mock stdout and stderr", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stdout-stderr@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/stdout-stderr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stdout-stderr/-/stdout-stderr-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7b7dfc71c761f8d9ecd7902efb900f22f52e76ec6dd760305282b9a40ac0609d266f0b9ecb59217a29fae398dfa511d545d7a075df31b0b52a555d55dd892c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stdout-stderr" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abort-controller", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/abort-controller@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A simple abort controller library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/abort-controller@3.0.0#packages/abort-controller", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/abort-controller", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/abort-controller", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7a1a514606df4ae0c60bbbbd98b89e76dcd551e00f281e50b933624ee8e990a8df2401cfee87526a2c4f858b34e892b4891a0d024af0be06bb261b32adb1928" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/abort-controller" + } + ] + }, + { + "type": "library", + "name": "express", + "group": "@types", + "version": "4.17.21", + "bom-ref": "@types/express@4.17.21", + "description": "TypeScript definitions for express", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express@4.17.21#types/express", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a394f337d79ab02e96909500d38cf76c50549ce99b0fe0037a0255a7a203e343b0958bb3d8177615cfe098de3136a7061fec4ffb1e50c0374ad5d86c531b41d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "group": "@types", + "version": "1.19.5", + "bom-ref": "@types/body-parser@1.19.5", + "description": "TypeScript definitions for body-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/body-parser@1.19.5#types/body-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/body-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/body-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c1dd9bbddae71abb4890d0930215013b6ff76ff0eb74ecd23729a64890850d5eaf3693878102a51a9de5df95e198f495ac91e4bdcbebb49d7332b2972e42b0a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/body-parser" + } + ] + }, + { + "type": "library", + "name": "connect", + "group": "@types", + "version": "3.4.38", + "bom-ref": "@types/connect@3.4.38", + "description": "TypeScript definitions for connect", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/connect@3.4.38#types/connect", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/connect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/connect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bab9139fd4b0fcf2e0d0a890a4b40e32ccbd586002ba3607ec234bff9938323ca5ac5f50a72745cf48385589e8ebbb519c4642d66fc465cc560946a1946daba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/connect" + } + ] + }, + { + "type": "library", + "name": "express-serve-static-core", + "group": "@types", + "version": "4.19.0", + "bom-ref": "@types/express-serve-static-core@4.19.0", + "description": "TypeScript definitions for express-serve-static-core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express-serve-static-core@4.19.0#types/express-serve-static-core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express-serve-static-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express-serve-static-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.19.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c6c9ea7726a3c246bcb5c2af8ee67ee88818065a67882573e35d70a8f042b4bbc76e6464986abedc1aa77730bd8952c2c6781edf99cd3a298a3d7cb196a8fbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express-serve-static-core" + } + ] + }, + { + "type": "library", + "name": "qs", + "group": "@types", + "version": "6.9.15", + "bom-ref": "@types/qs@6.9.15", + "description": "TypeScript definitions for qs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/qs@6.9.15#types/qs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/qs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/qs/-/qs-6.9.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b971d02844ba0d028a08b878e355effddc313aad53552dc93d432512aa04825be5851e8cc6795ec3f5eafcb4551e92f293b88adf33837b5a981c8325b4eed71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/qs" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "group": "@types", + "version": "1.2.7", + "bom-ref": "@types/range-parser@1.2.7", + "description": "TypeScript definitions for range-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/range-parser@1.2.7#types/range-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/range-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/range-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84aa2b9896e426acd01a1ce26b1e4f22d0d44cc00cf6e1365d7426337eddc9de2154cfb969597ba15c4c554895427da809014dfcb28265dbd2334a4546a6d299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "group": "@types", + "version": "0.17.4", + "bom-ref": "@types/send@0.17.4", + "description": "TypeScript definitions for send", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/send@0.17.4#types/send", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/send", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c7610ce9324ec9b79cedce76057d19b293e874cb1051de4be8f4703ae9d5c955215e205229fdc07b30cbf0382f82de68d147ca35fb80d1e30baf6c0b4f802204" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/mime@1.3.5", + "description": "TypeScript definitions for mime", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mime@1.3.5#types/mime", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mime", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe9c8165648b0f69f475c1c4de1abcb3c66f7044c7b44b85fb713b5d5b74220da7bec5505dd8211d57049085a3cbd034c0a7d39fdedafcf48362884a2259cfff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "group": "@types", + "version": "1.15.7", + "bom-ref": "@types/serve-static@1.15.7", + "description": "TypeScript definitions for serve-static", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/serve-static@1.15.7#types/serve-static", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/serve-static", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/serve-static", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5bc626fa1f2786e47068a3da0f0df8414930b068ba45ce3262abca168e6b9b61541210856f3556af15d4c6e28af130128d6b32b096349ec98d086842388b2b3b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/serve-static" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/http-errors@2.0.4", + "description": "TypeScript definitions for http-errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-errors@2.0.4#types/http-errors", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-errors", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-errors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f408530cb7275b2407a0ccec878ed88a3cb96f9e6de24d9c994526682eada64610dd98b7c858e0983df409e1cbb67ab2a0854fbe42f8dc523a7fe61ee1112a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-errors" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "group": "@types", + "version": "11.0.4", + "bom-ref": "@types/fs-extra@11.0.4", + "description": "TypeScript definitions for fs-extra", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/fs-extra@11.0.4#types/fs-extra", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/fs-extra", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-11.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c936c8b4236b791a28103df7aa3ba73ed8517128c444fd6be0ca8265cef0bf4bb6b149334c5a78e6d8147d2e7eafb16b64f76608235f94b85548ffe8f927a6b1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "group": "@types", + "version": "6.1.4", + "bom-ref": "@types/jsonfile@6.1.4", + "description": "TypeScript definitions for jsonfile", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jsonfile@6.1.4#types/jsonfile", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jsonfile", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jsonfile", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jsonfile/-/jsonfile-6.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f9a86518c23be734d7b1b5d539f7ff9f23eb299f0b53166c903f487e3df20e4a435fa54e803880943a49b88b43a74a4f8dca374f26bc420eba34b09b16951a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jsonfile" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "group": "@types", + "version": "4.0.3", + "bom-ref": "@types/get-installed-path@4.0.3", + "description": "TypeScript definitions for get-installed-path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/get-installed-path@4.0.3#types/get-installed-path", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/get-installed-path", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/get-installed-path/-/get-installed-path-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5deea74eebca3b776e98cb29b267f57b092b7bce5f866426335c88bf67e4c99458a9753538d6001fd6f61cc0e2ca43ef76315485eb9de298b3044a48eede8e53" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "jest", + "group": "@types", + "version": "29.5.12", + "bom-ref": "@types/jest@29.5.12", + "description": "TypeScript definitions for jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jest@29.5.12#types/jest", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jest/-/jest-29.5.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7830bc6d3bd3fd0858771240ba542292e7a2818e40b1d0511f6c83296df2bde5bbb2f637f83ccdf38ff6354824c35d114e225b5aa66b4eda0655d625bc525d2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jest" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "29.7.0", + "bom-ref": "expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@29.7.0#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9992cd217f554b15823591b8742398cfdca1c7c821e991fc87073b125d116097f060f665987cc5bca03f8f74c3e5130cb91cdb11f49bad632ea931e3a1eb59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect-utils@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@29.7.0#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5b0d0568854050958bd4154b1edfe4080c78bc5ef58082b393ee3f63b62dd8c3000f0987d797ee503526aff1757c3759bde1caf94535f6487dc45eb52cd870" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "29.6.3", + "bom-ref": "jest-get-type@29.6.3", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@29.6.3#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cebb5e5e7a98c5f421ee5e451f22f7f232f7f5d8bc1fcac7a1e70b1f724dc47dc1c0eac1b0d79a6dd6a9e5ed08db7943e071c8f16e5514166a1b811aab92cd73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "29.7.0", + "bom-ref": "jest-matcher-utils@29.7.0", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@29.7.0#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b01903f978bd0ed70286c2372f7bb4f8dd28a603d89c244fb4671062b817991fa19adfdf61f5802f4c515d853c79639d7ee2e005ed18096dc016d9d12da82afe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "29.7.0", + "bom-ref": "jest-diff@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@29.7.0#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cc220888ae18a098faecd37247a71521db22122b7bcb14f900a1d3dea34f81b85ef003616841b904835bbc8016014e19dcbbb7b5a040d47c85d5b93a8b4548f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "29.6.3", + "bom-ref": "diff-sequences@29.6.3", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@29.6.3#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12378f2b5b2b0f73f4f28da3e1fd04c67ca5a91b3907db498dca7db7592b1f6a918bc08276c61fc1ef498122eeac5056c2ae2e3a58a9cdf9397c736fc052abf1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "29.7.0", + "bom-ref": "pretty-format@29.7.0", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@29.7.0#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3dd970fe83f137e69776633d474d09542f56545a022d3289bc354b82627ea807df04cc6c57ce65fcbbbbb0dc78cd2ccfca82f67ae226b84c0784e5dd12034565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "pretty-format@29.7.0|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format/node_modules/ansi-styles" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "29.7.0", + "bom-ref": "jest-message-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@29.7.0#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "181115e064400de3feaad076fbabbad6cb5e6bc98670e4f8982b6b608499c1fbbdfc8487149ff9cce31761ba4113d46c4b9f866fadc35b81609a7289efd29feb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/types@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@29.6.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb750fb088a558a38cdc5f425edac6f0b10998dc70a02402fd7563e082985efbe9c7b4088bf2a0d4b239b83983a4a95a73ad8d52d5fb78b8d187e8d565c2cecf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "29.7.0", + "bom-ref": "jest-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@29.7.0#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfa11b29a8c8a6a18a539eb2e4a054832d5db758a18502605b352564702b03ff97d9a77b09be6217e00ad445952ff068ed1cfdbaeae9ab0e9288109e7d46c218" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-util@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/schemas@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@29.6.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a8e63e57fa321998942f78129e4bf72502e7a2a55eca8225f5bcc802c5a9b544d622a84d70eb69f4fed2499c7b635bc647710728e6063ce630379a2d0bfa748" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.27.8", + "bom-ref": "@sinclair/typebox@0.27.8", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.27.8", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f858f8de948cc09b38291ac7ffddfc51ffae0042c881506643383fab5606d74763c9f0374e7ad4f0df17cea0a1fe891976ccea0504d97fdea274c7c4e659f04c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "group": "@types", + "version": "4.0.9", + "bom-ref": "@types/js-yaml@4.0.9", + "description": "TypeScript definitions for js-yaml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/js-yaml@4.0.9#types/js-yaml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/js-yaml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9383066909794c6a3f8a2a6a6f65031b65308d7ce2496921d2ecac41e953949a57d6a1a5a546589bc3e73b80f11b5a81a26b4951d609eaa47ac5d21a875d092e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mocha", + "group": "@types", + "version": "10.0.6", + "bom-ref": "@types/mocha@10.0.6", + "description": "TypeScript definitions for mocha", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mocha@10.0.6#types/mocha", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mocha", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "749beb616c4ffd47179b7e909f7e9fc6150abbc03fc4c457553d9c962145d59ed403d9621b93ec8f77b3352670fb9a6e1f67330d744b7174317fc25b26dd1e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mocha" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "group": "@types", + "version": "4.13.4", + "bom-ref": "@types/mock-fs@4.13.4", + "description": "TypeScript definitions for mock-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mock-fs@4.13.4#types/mock-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mock-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "99798cd28ea550b3c8f33dd7367402a4bd011b13f0c75525d705d810f04697879f4a1cb15b64659f424e3c4586c9969864c33a3955ccff5e7352e14c639da58e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "group": "@types", + "version": "1.3.3", + "bom-ref": "@types/objects-to-csv@1.3.3", + "description": "TypeScript definitions for objects-to-csv", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/objects-to-csv@1.3.3#types/objects-to-csv", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/objects-to-csv", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/objects-to-csv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/objects-to-csv/-/objects-to-csv-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0be7cc752da02beacd51ce620231ff778cfea0d6b272d06ba45e46f433b84a9a81efcc06fd3929d917c8f3fe9a29ffd1f8b39a0117106b14371bfe9498083c19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "group": "@types", + "version": "4.2.3", + "bom-ref": "@types/prompt-sync@4.2.3", + "description": "TypeScript definitions for prompt-sync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prompt-sync@4.2.3#types/prompt-sync", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prompt-sync", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prompt-sync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prompt-sync/-/prompt-sync-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b1efb8024b1d18c9e6a41adfea7ce6544853524a2fac877001a063a20b088ed8a383c78f760499d49bda085d2f801c9b6aa75da233845db98eaf89327d6d8c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "tmp", + "group": "@types", + "version": "0.2.6", + "bom-ref": "@types/tmp@0.2.6", + "description": "TypeScript definitions for tmp", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/tmp@0.2.6#types/tmp", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/tmp", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/tmp/-/tmp-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72185a35fda82879519031adfad88a136679689eaa6a59bb67dae52dd07098e88001fd3d610befa0b5e358ae0758f175c54fdfaaf3207cd7e956806c700fed28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/tmp" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "9.0.8", + "bom-ref": "@types/uuid@9.0.8", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@9.0.8#types/uuid", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0fbdec4188718f4018724945a68f5607ad283b2b4e06d18d0e4cb208e1fc340a1059740edc91aff5423b20f54f647530d7963cafeeec9a068650d99ca0407c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@7.12.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/eslint-plugin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5f757dc6ee0dffdddd2f28db5fabdd99dc18891effe7969341293b6d4b5e10df2da86b89917d0868f87db01eb448e56817637529bd6ba55e5dba5b4fa678d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "regexpp", + "group": "@eslint-community", + "version": "4.10.0", + "bom-ref": "@eslint-community/regexpp@4.10.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/regexpp@4.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aef7a49dd81cbd982353c768b228e9aad74bf6da351542fd25427946372d7aa04f79f3dc84f900033dbacc182900e7570a6528373eefda4c955319f2ffaa350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/parser@7.7.1", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@7.7.1#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be63f304e3adcf8f05e89006552fe46589381245daa3a886ac3f37f2ca75c37350402d16f2bcbfabae35294e0fac6ec028d01fe7a34e711f063a91fc97d14f0b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/scope-manager@7.7.1", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.7.1#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f2b4189fd9217ef52a4450aca7627e60d511c575d254732ca71a9ced5f797f8a4eca99912fd7d5823215019075cf53d7acfd55860f7ff3837c20f74f83876ac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/types@7.7.1", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.7.1#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0263e69c65b564b4e959afbfda898facf7d1ec171b514e2885ae5521b49b4b56b54eff7ae9b925bcb357c69de6adb73e3f68f830d3937c37df36c938a3473aff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/visitor-keys@7.7.1", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.7.1#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8012f712adb9b800f0d4b43d915a5fde144cf835b3b34b999271d82b786ae237133ea5420a51c60e707a514515d9215e05e0382961d66db2ea99b19c6781586f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/typescript-estree@7.7.1", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.7.1#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977b4247097aeef056b7e9db5e5ea987d98c6780a2639102e3c73a23e8b630cd9eea66f82c2d273e7aa22d0aba88a29f1597650aa008b44ad556bbdec541921" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-api-utils", + "version": "1.3.0", + "bom-ref": "ts-api-utils@1.3.0", + "author": "JoshuaKGoldberg", + "description": "Utility functions for working with TypeScript's API. Successor to the wonderful tsutils. 🛠️️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-api-utils@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/JoshuaKGoldberg/ts-api-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "510308a3ba5bf1646898a475ffe30554b4eba08bc356d317dcae8e522afcca72f2cc1f097ab8a89edd9b4c0b6634f6b57a402037b60f0f27fa57eca0add53e79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-api-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "3.4.3", + "bom-ref": "eslint-visitor-keys@3.4.3", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2973e2d77a2ca28acc4f944914cd4eacbf24b57eb20edcc8318f57ddcbb3e6f1883382e6b1d8ddc56bf0ff6a0d56a9b3a9add23eb98eb031497cfdad86fa26a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "8.57.0", + "bom-ref": "eslint@8.57.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@8.57.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "759ebe99ec6769321b481656828bb9d54e8e9b322160cd9570d76d893b48eea3cd666df9024a6bd1feafb70df0d4a9a7e4f628fad6557e1d775ab8694baa0ba9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint@8.57.0|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint@8.57.0|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint@8.57.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint@8.57.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "type-utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0", + "description": "Type utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/type-utils@7.12.0#packages/type-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/type-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9626fdeadc91b4c84bc706ae0d6529fee5b714c84b03a0f4ac9f13ec7987ef1db71a4d46c30bbc519f7834c5c1bce10b9fa7e548f881ac22a57a19225f26aac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0", + "description": "Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/utils@7.12.0#packages/utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63a861c31c03c78d473698ee62cc18a7a8036e4899f078a7f417f9689427d5ba53b3769f618e065fe30f63199af23b68215d864704ccfd4266ff6b86095bfe0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "group": "@eslint-community", + "version": "4.4.0", + "bom-ref": "@eslint-community/eslint-utils@4.4.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/eslint-utils@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d7fb00e1dc2bcc1032794a10ea8c5a8472a6ad9bec9cb0a0e117f15b76451869909123503c534b57d09410540fd71f446171d3a39a7ac5d85933535ef69fc07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graphemer", + "version": "1.4.0", + "bom-ref": "graphemer@1.4.0", + "author": "Matt Davies", + "description": "A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/graphemer@1.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/flmnt/graphemer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flmnt/graphemer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flmnt/graphemer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12d2b0a0eea4c422fd58ee718a98874d9952cc19bb58b4fadbb4ea0bfb9545dd072a6abc357c9e6e7358c43a018bbc2df1e4d6ad4aca5c2395685abdc759206a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graphemer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accurate-search", + "version": "1.2.15", + "bom-ref": "accurate-search@1.2.15", + "author": "Florin Mirel Dumitrescu", + "description": "The fastest and most accurate javascript full-text search library. Accurate search uses match distance algorithm to return the accurate order of the matching items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/accurate-search@1.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/florind9/accurate-search.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://accuratesearch.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/florind9/accurate-search/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accurate-search/-/accurate-search-1.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2356977547875158d69468d26c177c35a304fc2414f78d87dad1cc12e6797adff16f9da60e18a421e6c08bdb9f12801ef25c331eb6c29784797ae099f0aff07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accurate-search" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "8.16.0", + "bom-ref": "ajv@8.16.0", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@8.16.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ajv.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-8.16.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "174b7047c535654ebb24812d7a451c2e45e4a0ee6630c9a0183f2c2bfc5417327cd398f11d097dda1226140aaa5ccc8c62348f3b250f0301d8841ef6839b135f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ajv" + } + ] + }, + { + "type": "library", + "name": "fast-deep-equal", + "version": "3.1.3", + "bom-ref": "fast-deep-equal@3.1.3", + "author": "Evgeny Poberezkin", + "description": "Fast deep equal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-deep-equal@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/fast-deep-equal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f7a90f68432f63d808417bf1fd542f75c0b98a042094fe00ce9ca340606e61b303bb04b2a3d3d1dce4760dcfd70623efb19690c22200da8ad56cd3701347ce1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-deep-equal" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "1.0.0", + "bom-ref": "json-schema-traverse@1.0.0", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34cf3f3fd9f75e35e12199f594b86415a0024ce5114178d6855e0103f4673aff31be0aadaa9017f483b89914314b1d51968e2dab37aa6f4b0e96bb9a3b2dddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-schema-traverse" + } + ] + }, + { + "type": "library", + "name": "require-from-string", + "version": "2.0.2", + "bom-ref": "require-from-string@2.0.2", + "author": "Vsevolod Strukchinsky", + "description": "Require module from string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-from-string@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/require-from-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dfd2759ee91b1ece214cbbe029f5b8a251b9a996ae92f7fa7eef0ed85cffc904786b5030d48706bebc0372b9bbaa7d9593bde53ffc36151ac0c6ed128bfef13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-from-string" + } + ] + }, + { + "type": "library", + "name": "uri-js", + "version": "4.4.1", + "bom-ref": "uri-js@4.4.1", + "author": "Gary Court", + "description": "An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/uri-js@4.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/garycourt/uri-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/garycourt/uri-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/garycourt/uri-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eeb294cb2df7435c9cf7ca50d430262edc17d74f45ed321f5a55b561da3c5a5d628b549e1e279e8741c77cf78bd9f3172bacf4b3c79c2acf5fac2b8b26f9dd06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uri-js" + } + ] + }, + { + "type": "library", + "name": "punycode", + "version": "2.3.1", + "bom-ref": "punycode@2.3.1", + "author": "Mathias Bynens", + "description": "A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/punycode@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/punycode.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/punycode", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/punycode.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8b7b503d54f5683ad77f2c84bb4b3af740bbef03b02fe2945b44547707fb0c9d712a4d136d007d239db9fe8c91115a84be4563b5f5a14ee7295645b5fabc16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/punycode" + } + ] + }, + { + "type": "library", + "name": "form-data", + "version": "4.0.0", + "bom-ref": "form-data@4.0.0", + "author": "Felix Geisendörfer", + "description": "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data@4.0.0", + "externalReferences": [ + { + "url": "git://github.com/form-data/form-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/form-data/form-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/form-data/form-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1131249521a2e6dd10319ba25e803f43abdc9f170b40fe6f76e812a6e0328ba4951a2d9c94f3e9fb180486e31a1c2fb31a09f7d4a776df95b7e5fec7ca491ac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data" + } + ] + }, + { + "type": "library", + "name": "proxy-from-env", + "version": "1.1.0", + "bom-ref": "proxy-from-env@1.1.0", + "author": "Rob Wu", + "description": "Offers getProxyForUrl to get the proxy URL for a URL, respecting the *_PROXY (e.g. HTTP_PROXY) and NO_PROXY environment variables.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-from-env@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/Rob--W/proxy-from-env.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fece439109b03d7f5b5d5912b445a091dc63efe7470cc5caf3e17f24e4b4d2503d43930e3b98a24465036e9c8b514e45b082d6944a8d515454481bd65788562" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-from-env" + } + ] + }, + { + "type": "library", + "name": "assertion-error", + "version": "1.1.0", + "bom-ref": "assertion-error@1.1.0", + "author": "Jake Luer", + "description": "Error constructor for test and validation frameworks that implements standardized AssertionError specification.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/assertion-error@1.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/assertion-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/assertion-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/assertion-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0b1a35dbb3fa776f1b216ddee4ae5aabf2e250a72098a8beda2e40de4964738a092d90ba111d6dc407161564b33d8dd94f615c9a3ca1d1bb113c969447ae0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/assertion-error" + } + ] + }, + { + "type": "library", + "name": "check-error", + "version": "1.0.3", + "bom-ref": "check-error@1.0.3", + "author": "Jake Luer", + "description": "Error comparison and information related utility for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/check-error@1.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/check-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/check-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/check-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88a1280d869199dd66c4cf746b63847d6863b233e960fb90fa5318b28c41d76ebeb7c7f0ef24843b8f2798383908e4e3c4323ae7f636396a5e10793764e7bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/check-error" + } + ] + }, + { + "type": "library", + "name": "get-func-name", + "version": "2.0.2", + "bom-ref": "get-func-name@2.0.2", + "author": "Jake Luer", + "description": "Utility for getting a function's name for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-func-name@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/get-func-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/get-func-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/get-func-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2f5cebee135ebb0ad21cdcec88b5ca3b37f76946d05b60eb0fb170b3ed7fcf3279468d88d21ae64980cd58ee699ec3b04a7fd06abcb5f6b67395cb504152cc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-func-name" + } + ] + }, + { + "type": "library", + "name": "deep-eql", + "version": "4.1.3", + "bom-ref": "deep-eql@4.1.3", + "author": "Jake Luer", + "description": "Improved deep equality testing for Node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-eql@4.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/deep-eql.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/deep-eql#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/deep-eql/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "59a12d00ea51035310d1ea21a998e9183f33748d0ebec9bc9a616168337c76f0d9cf2a1431c6039dfe58ea2bbb1d35f17fc2434b6dea59ae1afa12820f238fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-eql" + } + ] + }, + { + "type": "library", + "name": "loupe", + "version": "2.3.7", + "bom-ref": "loupe@2.3.7", + "author": "Veselin Todorov", + "description": "Inspect utility for Node.js and browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/loupe@2.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/loupe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/loupe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/loupe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/loupe/-/loupe-2.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd230834655891da5848e0662e2d03d54a3b254f6755d40aac7c42f1e62557ef5828af5678fa8094bee54a5a2b1bf536170d70d214c199a6bf8eb43751b3c7b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/loupe" + } + ] + }, + { + "type": "library", + "name": "pathval", + "version": "1.1.1", + "bom-ref": "pathval@1.1.1", + "author": "Veselin Todorov", + "description": "Object value retrieval given a string path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pathval@1.1.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/pathval.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/pathval", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/pathval/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e9eb31aaa537444dd47ade57a12583de20eaa988d04db5cec1a5648bace8deed4688b04e5a63ddabfc0ba7400eebb17bdeb7796b277267657dbd50f4ca5f229" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pathval" + } + ] + }, + { + "type": "library", + "name": "colors", + "version": "1.4.0", + "bom-ref": "colors@1.4.0", + "author": "Marak Squires", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colors@1.4.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/Marak/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Marak/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Marak/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6be52a4e1e2481983f4a51af7dbcc31e9811bbb00040e9a6a911c99f185164808a1544fdd5bad584d36de7c08c594f4fb016efdcf0c26541db571b83887da6b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colors" + } + ] + }, + { + "type": "library", + "name": "csv-parse", + "version": "4.16.3", + "bom-ref": "csv-parse@4.16.3", + "author": "David Worms", + "description": "CSV parsing implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parse@4.16.3", + "externalReferences": [ + { + "url": "git+https://github.com/wdavidw/node-csv-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/parse/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wdavidw/node-csv-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70ed48ff39b3e30d9d70a1d5be90abec9551bbcfc5ca61b9384a66bec65895c718a253c12e85462941e03687386469057859561840e633204cf934ea45d5bfc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parse" + } + ] + }, + { + "type": "library", + "name": "dotenv", + "version": "16.4.5", + "bom-ref": "dotenv@16.4.5", + "description": "Loads environment variables from .env file", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/dotenv@16.4.5", + "externalReferences": [ + { + "url": "git://github.com/motdotla/dotenv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/motdotla/dotenv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/motdotla/dotenv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66674bdabba2f9e07663086c5b38c89d1f0b95db591c60e8435ba01fce69a472b0a541cbee3eeb3744e2f4d0a71a241b85a675d45a51fbb6a8d5d36c99db8d52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dotenv" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif-typescript", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3", + "author": "oclif", + "description": "eslint config for Typscript'd oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif-typescript@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif-typescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif-typescript/-/eslint-config-oclif-typescript-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4de24a5d6050dee28cb73833fbe505356a5ed560b1f267ea46ecd9cb52e2ad112046556feb9e929151b880d65ab79ad13484207c39934be61e6f12b4da47f294" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@4.33.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68836203119574e975789c958da5a7fd871502ae068bf628df9a871829ea6d6573eb5837f43d21db7bde63f300d2b14519fc4aed3c92836bb00de36ff89815a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@4.33.0#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66885db1b5da76318148ad3fafe77ced7d120662b33aae3f4b99f32ba481809b29168f7f0940c9ee18dacaecdef892bb09940b0ccae8ab2b69ee939c14a4f164" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "7.32.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@7.32.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54767c817f840dfcfef7b8c6720c860b24626bf74f39de9787dc8fbfc065d7e4a8688c03f9afef96b3a6191532398bbb33052173b0b1a9e683654d774b8f84a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.12.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "author": "Sebastian McKenzie", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.12.11#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babeljs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66dd72a1d071d5473289e3cc4a45a753884faa1c2aee11a2da714bd4b780dc4525faad8b431d7a3084a0274fb3edd9e682f3fd42d2257ae11318e88e1f545c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@babel/code-frame" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "0.4.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@0.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27a285173e50098509ab7a5fd268c47022551116f3bfbd4f5080dccee87d264c0613371e77a08ee400cb1c1d6b6dfffea0f06da0f7cc60d3a9183cc200d95b5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "7.3.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@7.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/eslint/espree.git", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf724234213ae2e9a41699a4146ab354ab0e4f4b4dd59afeb9ea8b65fa55d4e6fc7be08480f59af8ec42a061f7b6786298c2886819b89bfbda46927f92b473da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.5.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15a82d285cfbe17ad397bcba1c2cd0a700df5cfd328717bd9472c3d546718ef64871bc91cfccd3145ff260d7d27f3538d78783c19d52aced10bedc9ffb014c42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "1.2.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66740c9cb5787bb843954bf0f07f94f0048bd36492d869fafbd01cdf01862c87bbfa37b601e00ec4f63e8b320f2437c50dbede0e37afd14b3c30ed6215137c84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "7.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@7.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d0ca9d28d7f98d75b4ced4f3ba9079304ab9a0674313fe3082a4d8b06d48c6a11378765061a89b6842e0a710e2b3813570834656882a10cba4b131e6d0561f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/acorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/glob-parent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/argparse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.29.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.29.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.29.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a65195478e6ce5dc8d5a3b633fda0129a9afc61d74e5ecb17fbd07805f85be990214fb6932a98f7b16432749cd89f0eb28abebc2497098fc78c552614817f02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.38.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.38.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.38.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b68cbf95c9f91c656f06a139aa2ec131beb5acb0179d4a8690435d6fca17e50de4f772c31d055a743a7f805628eb46ebe09a459e0f0c142f9463d2a0d11caea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "experimental-utils", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0", + "description": "(Experimental) Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/experimental-utils@4.33.0#packages/experimental-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/experimental-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cde4233a8112e491634e7021239418ed9be27333330e9b65b35e4616c23a8f250eab490e7fdf96a27921b652218744601d19ea8f981d3715b98f512f032620e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "json-schema", + "group": "@types", + "version": "7.0.15", + "bom-ref": "@types/json-schema@7.0.15", + "description": "TypeScript definitions for json-schema", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-schema@7.0.15#types/json-schema", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-schema", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-schema", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7e7cff0ff0c14d0be0326420f1ac1da991914f1b3a90594ce949ebae54bbe6f1531ca2b3586af06aa057312bc6d0cf842c6e7e2850411e9b8c032df732b061c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tsutils", + "version": "3.21.0", + "bom-ref": "tsutils@3.21.0", + "author": "Klaus Meinhardt", + "description": "utilities for working with typescript's AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsutils@3.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajafff/tsutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajafff/tsutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajafff/tsutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsutils/-/tsutils-3.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "98728ade25172fedd417ac4be64d0f12129150128f042bfff919043a98d15b1c71dbb28a4419a603ad00f6980e52f322f062a144c3c49a30513f3b365bb3b538" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "tsutils@3.21.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "esrecurse", + "version": "4.3.0", + "bom-ref": "esrecurse@4.3.0", + "description": "ECMAScript AST recursive visitor", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esrecurse@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esrecurse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esrecurse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esrecurse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a67ca2f76fa1be457bcff0dd6faf74ead642ffa021609f63585c4b6a3fcfcbde929aa540381bc70555aa05dd2537db7083e17ca947f7df8a81e692d8bafd36a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esrecurse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "3.0.0", + "bom-ref": "eslint-utils@3.0.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae402e3720672dc3af29240d5181b412f3f34feeb721e82c1de23dd906d828e3ff05963e1e184ed96126513778aae69554bfa18f756e59d511657a8f38b8b0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "highlight", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/highlight@7.24.2", + "author": "The Babel Team", + "description": "Syntax highlight JavaScript strings for output in terminals.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/highlight@7.24.2#packages/babel-highlight", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-highlight", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-highlight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61a7356a8e1f9644f14ed7820d92c4bddc60d9f65fcf5bfc338429686ca9abf58f0ea8378a31d86c37ecf8b1b986fcd2a2a69267dfd9f652923f70a3663bfea4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "@babel/highlight@7.24.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "@babel/highlight@7.24.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/has-flag" + } + ] + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "13.24.0", + "bom-ref": "globals@13.24.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@13.24.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0213b9414723f2596b6c6d3d89684f536076d38275c673de2fc910995a2b4accbe4a38f5b24f2023287a714a1c1a61f82f452e840272fa124c440e26800e2615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "type-fest", + "version": "0.20.2", + "bom-ref": "globals@13.24.0|type-fest@0.20.2", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35ef9e138af4fe25a7a40c43f39db3dc0f8dd01b7944dfff36327045dd95147126af2c317f9bec66587847a962c65e81fb0cfff1dfa669348090dd452242372d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "doctrine", + "version": "3.0.0", + "bom-ref": "doctrine@3.0.0", + "description": "JSDoc parser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/doctrine@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/doctrine.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/doctrine", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/doctrine/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c92f90e62de105fec6064778286f1aede04d3563462d3684c306165228c860cef3ae56033340455c78e33d6956675460ed469d7597880e68bd8c5dc79aa890db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/doctrine" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "enquirer", + "version": "2.4.1", + "bom-ref": "enquirer@2.4.1", + "author": "Jon Schlinkert", + "description": "Stylish, intuitive and user-friendly prompt system. Fast and lightweight enough for small projects, powerful and extensible enough for the most advanced use cases.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enquirer@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/enquirer/enquirer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/enquirer/enquirer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/enquirer/enquirer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad1a8983fea0779dfc547bd1dcf4ab75105bff5572d987f31eacef6e11884290d12886b816057fe786f9435c584b138ec0abe35f0792dba13443e9c0330a76a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enquirer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-colors", + "version": "4.1.1", + "bom-ref": "ansi-colors@4.1.1", + "author": "Brian Woodward", + "description": "Easily add ANSI colors to your text and symbols in the terminal. A faster drop-in replacement for chalk, kleur and turbocolor (without the dependencies and rendering bugs).", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-colors@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/ansi-colors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/ansi-colors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/ansi-colors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2685f46a919b1da50904d97ac85fa9e89005619ebaebf86108628de6df501636c940a514fe0f0c35b1436ef7eb80a5ef23542966994f3a7c08a3df655ff00098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-colors" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn-jsx", + "version": "5.3.2", + "bom-ref": "acorn-jsx@5.3.2", + "description": "Modern, fast React.js JSX parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-jsx@5.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn-jsx.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aeaf6cf893617f4202863b435f196527b838d68664e52957b69d0b1f0c80e5c7a3c27eef2a62a9e293eb8ba60478fbf63d4eb9b00b1e81b5ed2229e60c50d781" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-jsx" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esquery", + "version": "1.5.0", + "bom-ref": "esquery@1.5.0", + "author": "Joel Feenstra", + "description": "A query library for ECMAScript AST using a CSS selector like query language.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/esquery@1.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esquery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esquery/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esquery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6102d7529940c09802c9d43bf08309cb064271ea2a935a07d3538445d48025cffb5360329708e14822c312dab083cd7589d212ffd7c85391a31bbdc882328c56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esquery" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esutils", + "version": "2.0.3", + "bom-ref": "esutils@2.0.3", + "description": "utility box for ECMAScript language tools", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esutils@2.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/esutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esutils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "915b1ca97938382a7af126747648042958baffc8a3df4d0a0564c9ab7d8ffdd61e5934b02b8d56c93c5a94dd5e46603967d514fcb5fd0fb1564a657d480631ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "file-entry-cache", + "version": "6.0.1", + "bom-ref": "file-entry-cache@6.0.1", + "author": "Roy Riojas", + "description": "Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/file-entry-cache@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/royriojas/file-entry-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec6a6cfd75b299b2e4d902d82b8373a4c3ab623321748c57b88bf2d9006c2c4ea58eea1d2af7645acfdca72249dc25485691f43a2d47be0d68bdb3332dd14106" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/file-entry-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "functional-red-black-tree", + "version": "1.0.1", + "bom-ref": "functional-red-black-tree@1.0.1", + "author": "Mikola Lysenko", + "description": "A fully persistent balanced binary search tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/functional-red-black-tree@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/mikolalysenko/functional-red-black-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76c28d40d763eb10374fe4250030c0ee6392957d2a88c20d8e7d1c82bf9e1871ac6d21f34da6dc228833dbea7f8aa3f55ece843ffb12d926ea1fe6eb1936ead2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/functional-red-black-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2665cc67ac2ebc398b88712697dca4cea3ba97015ba1fd061b822470668435d0910c398c5679f2eece47b0880709b6aad30d8cc8f843aa48535204b62d4d8f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/imurmurhash" + } + ] + }, + { + "type": "library", + "name": "json-stable-stringify-without-jsonify", + "version": "1.0.1", + "bom-ref": "json-stable-stringify-without-jsonify@1.0.1", + "author": "James Halliday", + "description": "deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/samn/json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d6e8cbe97bb40dce196e858f21475a43f92ee0728f54e4df72e3caad1ac72cdd93dfff2528b6bb77cfd504a677528dc2ae9538a606940bbcec28ac562afa3f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stable-stringify-without-jsonify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "levn", + "version": "0.4.1", + "bom-ref": "levn@0.4.1", + "author": "George Zahariev", + "description": "Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/levn@0.4.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/levn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/levn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/levn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9b4f6b87e04e4b184ee1fe7ddebdc4bfb109495c2a48a7aca6f0e589e5e57afbaec3b2a97f2da693eea24102ddabcdfa1aff94011818710e2c7574cb7691029" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/levn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.merge", + "version": "4.6.2", + "bom-ref": "lodash.merge@4.6.2", + "author": "John-David Dalton", + "description": "The Lodash method `_.merge` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.merge@4.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0aa63a97455beb6320ac5f5b3047f5d32b4bdae9542440ce8c368ecfa96efb0728c086801103c11facfd4de3e2a52a3f184b46540ad453fd852e872603ba321" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.merge" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "optionator", + "version": "0.9.3", + "bom-ref": "optionator@0.9.3", + "author": "George Zahariev", + "description": "option parsing and help generation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/optionator@0.9.3", + "externalReferences": [ + { + "url": "git://github.com/gkz/optionator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/optionator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/optionator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2630a8ca9a7e8ca9f5b6d105131c617ad08a789b7dce102002f7b91571e2c53bc50d6ff968492d5fd6ee7c128b45131d53b6cdb692df706bbde01ddc7442608e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fast-levenshtein", + "version": "2.0.6", + "bom-ref": "optionator@0.9.3|fast-levenshtein@2.0.6", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c25eee887e1a9c92ced364a6371f1a77cbaaa9858e522599ab58c0eb29c11148e5d641d32153d220fcf62bcf2c3fba5f63388ca1d0de0cd2d6c2e61a1d83c77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator/node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "progress", + "version": "2.0.3", + "bom-ref": "progress@2.0.3", + "author": "TJ Holowaychuk", + "description": "Flexible ascii progress bar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/progress@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/node-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-progress#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecf887b4b965e4b767288330d74d08fbcc495d1e605b6430598913ea226f6b46d78ad64a6bf5ccad26dd9a0debd979da89dcfd42e99dd153da32b66517d57db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/progress" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "version": "3.2.0", + "bom-ref": "regexpp@3.2.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexpp@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6ad9b5a8f66543e379dbb6cdb01afd7b5cb88d2f26be1a4959f246832d5d99d3c8030ac1a99ca9fd04531ea6f5ae1c26f256f63b279a39f8156fa106e69492e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "table", + "version": "6.8.2", + "bom-ref": "table@6.8.2", + "author": "Gajus Kuizinas", + "description": "Formats data into a string table.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/table@6.8.2", + "externalReferences": [ + { + "url": "git+https://github.com/gajus/table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/table#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gajus/table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/table/-/table-6.8.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c36b1fbfcd27ac08765426ea47900adbbc2cc1786a71c9360217e7356efa6de417b24199d55d761b04bfff26156b77777dcbc08a9d8e5276c30235b6937bfd7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/table" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37ef148ac0170c693c3c55cfe07033551f676df995277cd82c05a24c8a2a0b9bf98ac8a786bfabe6e68ef3eeebdc131fb8d22e7c8b00ed176956069c0b6712a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-table" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache", + "version": "2.4.0", + "bom-ref": "v8-compile-cache@2.4.0", + "author": "Andres Suarez", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache@2.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/zertosh/v8-compile-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1cc967376c01c107f82ecaa250548e68e016643e1ce73d8506d9e6bcd06a2777f060356a5aa7c4ce98b49e7901bb6e787628c212c6c91d0031b9f63ef3aee87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confusing-browser-globals", + "version": "1.0.10", + "bom-ref": "confusing-browser-globals@1.0.10", + "description": "A list of browser globals that are often used by mistake instead of local variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/confusing-browser-globals@1.0.10#packages/confusing-browser-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/create-react-app.git#packages/confusing-browser-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/create-react-app#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/create-react-app/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/confusing-browser-globals/-/confusing-browser-globals-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80d95dff7972487c2e85a565b8950a2de3d88ab33740d08acd5c6a01d849208f7f5972955f93d447331526ca52d634ec952aa37ae1b828c5534a8ba2b7960f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/confusing-browser-globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-mocha", + "version": "9.0.0", + "bom-ref": "eslint-plugin-mocha@9.0.0", + "author": "Mathias Schreck", + "description": "Eslint rules for mocha.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-mocha@9.0.0", + "externalReferences": [ + { + "url": "git://github.com/lo1tuma/eslint-plugin-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-mocha/-/eslint-plugin-mocha-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77b92701c423d633c2cd97f771a781227dc19d6ea291cbdfcf4912a90a703d871518ba09579b33d25d0e241d8b47c23b76f4c36eaab5a15eb29614a0cc0d74ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ramda", + "version": "0.27.2", + "bom-ref": "ramda@0.27.2", + "author": "Scott Sauyet", + "description": "A practical functional library for JavaScript programmers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ramda@0.27.2", + "externalReferences": [ + { + "url": "git://github.com/ramda/ramda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ramdajs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ramda/ramda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ramda/-/ramda-0.27.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b88b3d4e3426e2678877b141202069ddf685fc1df834547701763e556e2394590f4fef6a151ca3b47cbc3f3a27fb5c10a285f6f66b515c20b66182aa508ac8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ramda" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-node", + "version": "11.1.0", + "bom-ref": "eslint-plugin-node@11.1.0", + "author": "Toru Nagashima", + "description": "Additional ESLint's rules for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-node@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-node/-/eslint-plugin-node-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a14c2d3c9d56d12283d13afec2abbdd9ce71b82790a81de14821dab27fd982315d03d88318d90d7f6662f73b58ed7fa136e3226f6dcb346466ebeb8df8a2c4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "eslint-plugin-node@11.1.0|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-es", + "version": "3.0.1", + "bom-ref": "eslint-plugin-es@3.0.1", + "author": "Toru Nagashima", + "description": "ESLint plugin about ECMAScript syntactic features.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-es@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-es.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-es/-/eslint-plugin-es-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "194980b0968de0573b19bb65f2e38195aca8d83aa1c16bc4cf290c1d20991d4dd7749f8d4b3cd97158578775715f989ca90fa841d2046b05d7f31911de620599" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif", + "version": "4.0.0", + "bom-ref": "eslint-config-oclif@4.0.0", + "author": "Jeff Dickey @jdxcode", + "description": "eslint config for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif/-/eslint-config-oclif-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6d91441e0b7deb1c0849c5a19e0466087e50cbba6795daa0ffe172c1757841ffa17ff899f075c7bdc181d2be4c74254a9441286942ff09115901a7fcf30fb86" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "36.0.0", + "bom-ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "author": "Sindre Sorhus", + "description": "Various awesome ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@36.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-36.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c71376bd272d1969c35ba68b1259bf2ca23072b9a4ea676211c5b9e54bf992b72b55c20549632612073f870a5e9987d969c299e67a4511118dcf869386ca7500" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.27.0", + "bom-ref": "eslint-config-xo-space@0.27.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.27.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.27.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fc5235be9d0c8e921880355a48a6daa528fc84ed7472438d2e435368061cd57eef798317d91aba658aaf191c1a5a385db008b65a7b14d28e0ed1be6f7dbe3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.35.0", + "bom-ref": "eslint-config-xo@0.35.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f96c994cb594265bc4c45ac153f2ddc3c001fd2d1ddf1fb6e8941d0566dcaa283665a5a1d338a761c1e893e113e08a0f68471145fdc513d92322d3558c1c2702" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "helper-validator-identifier", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-validator-identifier@7.22.20", + "author": "The Babel Team", + "description": "Validate identifier/keywords name", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-identifier@7.22.20#packages/babel-helper-validator-identifier", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-identifier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "638399fb2b656ad47c008fbc2997cab8be6eacaa7ba9ecb4f216b7d4bf1bdc1c1ec0902825a993cf2bf13d1ff90fe2a47490863eaffef13ba41c1958d74157f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-identifier" + } + ] + }, + { + "type": "library", + "name": "clean-regexp", + "version": "1.0.0", + "bom-ref": "clean-regexp@1.0.0", + "author": "Sam Verschueren", + "description": "Clean up regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-regexp@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SamVerschueren/clean-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-regexp/-/clean-regexp-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19f8ac119109bf32ab9865a4bdf860cdccff06594dd5449ea83d95ead835e0e00e81a083d99fcf504bb19c067f9cfbe6687446edaf32efba754ff2114380f51f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp/node_modules/escape-string-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-template-visitor", + "version": "2.3.2", + "bom-ref": "eslint-template-visitor@2.3.2", + "licenses": [ + { + "expression": "GPL-3.0-or-later OR MIT" + } + ], + "purl": "pkg:npm/eslint-template-visitor@2.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/futpib/eslint-template-visitor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-template-visitor/-/eslint-template-visitor-2.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df2761a85a6e57bc7533d10ae7604f363e95d0ac2ed0a2a470801fa548701db47ca1c4659ffa141e07f142ea58f0ed61e10bff3ce1c3ba66ff070c0d7f16ed9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/eslint-parser@7.24.1", + "author": "The Babel Team", + "description": "ESLint parser that allows for linting of experimental syntax transformed by Babel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/eslint-parser@7.24.1#eslint/babel-eslint-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#eslint/babel-eslint-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/eslint-parser/-/eslint-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77982ebb33253de0df6486e943cfa0d4d68236e00604118d1028741d5ab3d6c8ce7952e1d8211a89fb8ecac087d7c5115ba47ba6a5c836f7f93da47f742ea32d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/eslint-parser@7.24.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-scope-5-internals", + "group": "@nicolo-ribaudo", + "version": "5.1.1-v1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "description": "Proxy package exposing internals of eslint-scope@5 for @babel/eslint-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@nicolo-ribaudo/eslint-scope-5-internals/-/eslint-scope-5-internals-5.1.1-v1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e78fc946f90b233cc35ac84259fba169d7eb7d954f884958f057209a0d47ae8125cbf1034accf384102c6ab0aec7e0ff90eb254d1aae373bb21929944934c71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "multimap", + "version": "1.1.0", + "bom-ref": "multimap@1.1.0", + "author": "villa.gao", + "description": "multi-map which allow multiple values for the same key", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/multimap@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/villadora/multi-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/villadora/multi-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/villadora/multi-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/multimap/-/multimap-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d19211f4f6ac3f1197991b0417c8ec0f39ddcc70e3eed21abfe2549af20507f587b30962167aaec44093fc37bb191e3283df64cbf36544a253f361b5cb6ef56f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/multimap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "3.2.1", + "bom-ref": "is-builtin-module@3.2.1", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0522c4dc79d5dacc99d052b488c03fc941a995478c98dcf8016e5f9d3ba76c222a662e2f1b75a3253f451cccb90faf719806011d742125d00b769c15c55e74d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-builtin-module" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pluralize", + "version": "8.0.0", + "bom-ref": "pluralize@8.0.0", + "author": "Blake Embrey", + "description": "Pluralize and singularize any word", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pluralize@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/blakeembrey/pluralize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35cdc84f9c87cdf9537db8e0a967023e9a3b0da2b2e059e907497fcc2016d1373b8f1022baa4b11dab27b41dc3efcf3b2d2ac0f7790327d217a2fc49631c8b08" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pluralize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "7.0.1", + "bom-ref": "read-pkg-up@7.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccad1307b5dde89a422e694b9ae7eaca4184fbf4e539e3c3eaa28294d5bb8470ca161fc9effee0096191ee3a044045b56caab76b7c9465239b3a858b150e2886" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-limit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.8.1", + "bom-ref": "read-pkg-up@7.0.1|type-fest@0.8.1", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1d6f3233aaf8ed822339af0d64e6b107b4100d2a676e7611b20446a3374d5f13285a00886ca0a372eb2efe20df7721fa45b7063d8aa8bb903fb1c0a850b0d24" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "regexp-tree", + "version": "0.1.27", + "bom-ref": "regexp-tree@0.1.27", + "author": "Dmitry Soshnikov", + "description": "Regular Expressions parser in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexp-tree@0.1.27", + "externalReferences": [ + { + "url": "git+https://github.com/DmitrySoshnikov/regexp-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.27.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8844f1a632ba628456246e68ea15cbc2f8d80285be144667f68b343c3fdbe803fac50c2c6bf63b942560222c416d43cc7e1bbe8b62ed75e02a5538069506ab7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexp-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safe-regex", + "version": "2.1.1", + "bom-ref": "safe-regex@2.1.1", + "author": "James C.", + "description": "detect possibly catastrophic, exponential-time regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-regex@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/davisjam/safe-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/davisjam/safe-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davisjam/safe-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af1fb1f0033329be50e6543de59a22e996c9ab008b92a8b75ee257a793f7ad3f0e11ceac642246e40139754de5b2046bfc5e01b37d634a554dfa3e4aaec1aef4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-regex" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "52.0.0", + "bom-ref": "eslint-plugin-unicorn@52.0.0", + "author": "Sindre Sorhus", + "description": "More than 100 powerful ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@52.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-52.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58ce6eff9bed11e1d8c7d2d8c38df55e8bf8eedb0dc0cd41a31baabc267b8d20be71230b1f9720a8a16e6c7c1bd0a76a4c61015259608538db2309ac751079e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "2.1.4", + "bom-ref": "@eslint/eslintrc@2.1.4", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbaf59dfd312eb0549b6ca14975d0beb459d92125574f1b6e10e1e6531f79e717a969bd24a110adf04230d7f494560143ef3e1ec23a8b8fa54f48aea69916fb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "9.6.1", + "bom-ref": "espree@9.6.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@9.6.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/espree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-9.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2bb99685923a2b4e9177da40d2239ffbe558b019e6608a7186cb636839283743d6e7c259e60e6e072e7925d111379fe9e30d7474dfb698d7ec79f19ff315dc1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parent-module", + "version": "1.0.1", + "bom-ref": "parent-module@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the path of the parent module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parent-module@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parent-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190d84591a5057cfe8f80c3c62ab5f6593df3515996246e2744f64e6ba65fe10b7bed1c705f1a6d887e2eaa595f9ca031a4ad42990311372e8b7991cb11961fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parent-module" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "4.0.0", + "bom-ref": "resolve-from@4.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5bfcc6265ecb40932b11171f2988d235b4614d408140def904dc6ab812e035745ea01e9ffebe066ab021896a9bf2f0ddd0fb8a3b170beab8f25c9d9ed1632e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4dd1ea8067fda1d77c49736ec6d501571f0dbfea9939e8c4eaacaa8b2e4db5b61840e7856bace61e4c653f399a2f15961ec53a9c9981ec01137553e2fb634152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core-js-compat", + "version": "3.37.0", + "bom-ref": "core-js-compat@3.37.0", + "author": "Denis Pushkarev", + "description": "core-js compat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-js-compat@3.37.0#packages/core-js-compat", + "externalReferences": [ + { + "url": "git+https://github.com/zloirock/core-js.git#packages/core-js-compat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/zloirock/core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zloirock/core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8ab82fe4fc692e54b858385300e173b60d45655e559c25b5a77d0bf8d5dd1d8b8153a94bd043afb97f58be8137475b5779355de8cf4c7aaa133260b1ad1fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-js-compat" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browserslist", + "version": "4.23.0", + "bom-ref": "browserslist@4.23.0", + "author": "Andrey Sitnik", + "description": "Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/browserslist@4.23.0", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/browserslist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/browserslist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/browserslist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "416f0788cd6c8614f61aece4be495f8dc2838961571ce78508803f86e24fc07b2c97073276093b5fecf6cd7a448a33fdf14098ec76ee6d9b79276660bdfd0269" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browserslist" + } + ] + }, + { + "type": "library", + "name": "caniuse-lite", + "version": "1.0.30001612", + "bom-ref": "caniuse-lite@1.0.30001612", + "author": "Ben Briggs", + "description": "A smaller version of caniuse-db, with only the essentials!", + "licenses": [ + { + "license": { + "id": "CC-BY-4.0" + } + } + ], + "purl": "pkg:npm/caniuse-lite@1.0.30001612", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/caniuse-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001612.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "945827674ed485a09cb12660596d0ae63e1eebd74ad6efe5b6b2fd95352214ec0d1ecd764b750c204620055d19e82ea14437afee2467333cd898a69b61d5c5f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/caniuse-lite" + } + ] + }, + { + "type": "library", + "name": "electron-to-chromium", + "version": "1.4.747", + "bom-ref": "electron-to-chromium@1.4.747", + "author": "Kilian Valkhof", + "description": "Provides a list of electron-to-chromium version mappings", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/electron-to-chromium@1.4.747", + "externalReferences": [ + { + "url": "git+https://github.com/kilian/electron-to-chromium.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.747.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f859d2599200bc51dbb0d566531844a9689a3a23cc71fba6d464339560a0ff02e2815b6c84eb235c7c8415f9ade9c14aebe1e44b740e241bfaff738fba66c17f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/electron-to-chromium" + } + ] + }, + { + "type": "library", + "name": "node-releases", + "version": "2.0.14", + "bom-ref": "node-releases@2.0.14", + "author": "Sergey Rubanov", + "description": "Node.js releases data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-releases@2.0.14", + "externalReferences": [ + { + "url": "git+https://github.com/chicoxyzzy/node-releases.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb5d30396b7cc99a6a5e63a0468efb59a1c49a1610606340eb2e36d4f2ac2985842bc696f9ca80a616e8ad90e1a9fc8aadb64437dd823755f629b69f636b3b63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-releases" + } + ] + }, + { + "type": "library", + "name": "update-browserslist-db", + "version": "1.0.13", + "bom-ref": "update-browserslist-db@1.0.13", + "author": "Andrey Sitnik", + "description": "CLI tool to update caniuse-lite to refresh target browsers from Browserslist config", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/update-browserslist-db@1.0.13", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/update-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/update-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/update-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e6cff3548d70fb8da4f3f7bb3796d4d617c48debc72273177a43eac1f88c4ee8fc85fe5ad4a9c27554faa22c0cfca4d1dde198543b9a3a9ce80b55eb4e216e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/update-browserslist-db" + } + ] + }, + { + "type": "library", + "name": "escalade", + "version": "3.1.2", + "bom-ref": "escalade@3.1.2", + "author": "Luke Edwards", + "description": "A tiny (183B to 210B) and fast utility to ascend parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escalade@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/escalade.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/escalade#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/escalade/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b08730269ed7dbd1f2f4067b9d3122c5689b2d7dae0ea016edfeaf78e410ee3ab2e2cc58192cbd5ca81a0415fa339f97ce1948e4a59afe86c5af3d3e64c698" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escalade" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "5.3.0", + "bom-ref": "estraverse@5.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@5.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30c74046e54443388d4de243f0380caa6870475d41450fdc04ffa92ed61d4939dfdcc20ef1f15e8883446d7dfa65d3657d4ffb03d7f7814c38f41de842cbf004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "3.3.0", + "bom-ref": "builtin-modules@3.3.0", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce16820e271d2ee58de546cde4832716a34c84d7e8f75f6c1fce72dbf79afb9620f53b1391e671a4bf892dba7a7206054b8b112e9dd85784bac83baa5561d83b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/builtin-modules" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "3.0.2", + "bom-ref": "jsesc@3.0.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4aab3cd65c3b6d26e39c6b006de0a9ca1c721fe6843f0b16b1fb43d6146f83143807340762f935c40800c8f91622154326c7cefddb1b0c6db8178f80b09cfe2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-try", + "version": "2.2.0", + "bom-ref": "p-try@2.2.0", + "author": "Sindre Sorhus", + "description": "`Start a promise chain", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-try@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-try.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-try#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-try/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4789cf0154c053407d0f7e7f1a4dee25fffb5d86d0732a2148a76f03121148d821165e1eef5855a069c1350cfd716697c4ed88d742930bede331dbefa0ac3a75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-try" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "4.0.0", + "bom-ref": "path-exists@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a4f50cb943b8d86f65b071ecb9169be0d8aa0073f64884b48b392066466ca03ec1b091556dd1f65ad2aaed333fa6ead2530077d943c167981e0c1b82d6cbbff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "5.2.0", + "bom-ref": "read-pkg@5.2.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "520ebd98d3a97ef28301cd90f034693238f376dae7bfd1dc48c5fee15b19c43d5a67a673ac813bae5cd706d593ca150b48c2a0d3be805ba591e626690f42623a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "normalize-package-data", + "version": "2.5.0", + "bom-ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.5.0", + "externalReferences": [ + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ff908c3774f44785d38f80dc19a7b1a3eae8652752156ff400e39344eae3c73086d70ad65c4b066d129ebe39482fe643138b19949af9103e185b4caa9a42be78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.8.9", + "bom-ref": "read-pkg@5.2.0|hosted-git-info@2.8.9", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.8.9", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9b120301bf4bb26e83a0e27bc47fb9f97e32d4b53fe078b9d0bf42e6c22cc0adc9cd42d2e1bc24d45be374182f611e1bcd3e2db944220b5e451367f91db2ef63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.7.2", + "bom-ref": "read-pkg@5.2.0|semver@5.7.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "701ce79d0f4a8c9a94ebb079d91302eb908c6ab2b6eb4d161676e471a8b05aadf1cbfe61685265b21827a63a2f31527e1df7f8f5df06127d1bf3b0b9a43435d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.6.0", + "bom-ref": "read-pkg@5.2.0|type-fest@0.6.0", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abe301f27611d4a0cbae0af81b9c9e99fb69302eff40ba959dd06610476ace6363e5d70538ee0ea3caa5c1913750b4f7f998a6d45f0aab87019e290d86508c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "group": "@types", + "version": "2.4.4", + "bom-ref": "@types/normalize-package-data@2.4.4", + "description": "TypeScript definitions for normalize-package-data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/normalize-package-data@2.4.4#types/normalize-package-data", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/normalize-package-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/normalize-package-data", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfb8be39a59387da9e2b82d21cfb32442ecd6a19c6a2d36e66f8cb4a070fcdb9691c1debac227100e808e6009d2a6edca289ec697d4e7f420b8937276636dfc4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e92a6d948bfc4deff1d0282b69671a11581859f59d24aadca01bc5c280d43c6650e7c6e4265a18f9eba8fc7cde02bb7fc999b86c0e8edf70026ae2cf61dbb13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regjsparser", + "version": "0.10.0", + "bom-ref": "regjsparser@0.10.0", + "author": "'Julian Viereck'", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/regjsparser@0.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jviereck/regjsparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jviereck/regjsparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jviereck/regjsparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab1fb1406655b32e79087d1ad61895c079aa8cbaf27e1ef04321791ced3b5c9f5fedd40c63f80f407865c83908cc9282fb1d9f502a42714383514505ae6ed21c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "jsesc", + "version": "0.5.0", + "bom-ref": "regjsparser@0.10.0|jsesc@0.5.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "http://mths.be/mit" + } + } + ], + "purl": "pkg:npm/jsesc@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b99cf952707bbb84fd2efc2616a5e28bba594a8b9a44fa2b1ace70868d48a7b54ed30c5a9c5bc12fb1a433a7531e5817fa384102945eb5a5a99c369b39e4dc9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser/node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "strip-indent", + "version": "3.0.0", + "bom-ref": "strip-indent@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip leading whitespace from each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-indent@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-indent/-/strip-indent-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "95a2536b725bf95429682e83b1e1e117b75756a1d37c93c24436846e277f76b3a1822b60624bbf95eb4c52a397168595d3320851b8e9747dadfad623e1b40c45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "min-indent", + "version": "1.0.1", + "bom-ref": "min-indent@1.0.1", + "author": "James Kyle", + "description": "Get the shortest leading whitespace from lines in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/min-indent@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejameskyle/min-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23d8f0327d3b4b2fc8c0e8f7cd59158a4d894ef8296b29036448a02fa471e8df4b6cccb0c1448cb71113fbb955a032cb7773b7217c09c2fbae9ecf1407f1de02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/min-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@eslint", + "version": "8.57.0", + "bom-ref": "@eslint/js@8.57.0", + "description": "ESLint JavaScript language implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/js@8.57.0#packages/js", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git#packages/js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cfb78364da5bb8000ce2733edf37489b420e13239dd703305550fd38fd880d417c9cc5283f660145d3dce7a7a6e3c76c8e8ffe6c840b1449ae87d4b03c7fe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.11.14", + "bom-ref": "@humanwhocodes/config-array@0.11.14", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.11.14", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd3f0b90e9a0e39055e452026f5e5040cb325125ab43c0328157c2ed91b7db339a967aab8a59b4d7c6550b0d1e6a95eec7c16d037deaf0f4914acb6379ede34a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "2.0.3", + "bom-ref": "@humanwhocodes/object-schema@2.0.3", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f77cd874c112fdcd43ebdc9988a0c18f4576e2fa8dcc1fe4a05dba28f69a8007dddcfff8814961dc3cace688002be1318bd432ce50fcc7fd3c66def020a70370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "module-importer", + "group": "@humanwhocodes", + "version": "1.0.1", + "bom-ref": "@humanwhocodes/module-importer@1.0.1", + "author": "Nicholas C. Zaks", + "description": "Universal module importer for Node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/module-importer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f1bde57857cbf961be277054d3deb3d281904ea429237cad32e28555549c08b8354144c0d7acfc9744bf7cf22e5aa7d9bd6e7c8412359f9b95a4066b5f7cb7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/module-importer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs.scandir", + "group": "@nodelib", + "version": "2.1.5", + "bom-ref": "@nodelib/fs.scandir@2.1.5", + "description": "List files and directories inside the specified directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.scandir@2.1.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "beadb806adf29b91c4426d8d282af7c970f08dceef4ec1138510e7929d832bda75baa2d1f831eeae6fcd393a34286ec760753b7a9a4a663dcccaa62e3017fada" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.scandir" + } + ] + }, + { + "type": "library", + "name": "run-parallel", + "version": "1.2.0", + "bom-ref": "run-parallel@1.2.0", + "author": "Feross Aboukhadijeh", + "description": "Run an array of functions in parallel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-parallel@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/feross/run-parallel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/run-parallel", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/run-parallel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65e15c9947ce8b67f943c594d1ea3a8bf00144d92d0814b30fdba01b8ec2d5003c4776107f734194b07fb2dfd51f0a2dddcf3f0e950b8f9a768938ca031d004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-parallel" + } + ] + }, + { + "type": "library", + "name": "queue-microtask", + "version": "1.2.3", + "bom-ref": "queue-microtask@1.2.3", + "author": "Feross Aboukhadijeh", + "description": "fast, tiny `queueMicrotask` shim for modern engines", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/queue-microtask@1.2.3", + "externalReferences": [ + { + "url": "git://github.com/feross/queue-microtask.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/queue-microtask", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/queue-microtask/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36e68d49ae9f94a4f925a498433268934e09cd32f5080e9a1a1bf9adf2d6dcf82a03e3360a1a59427002f21f22e19164052f17e51aa40c11c0eebe217a3dcaf4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/queue-microtask" + } + ] + }, + { + "type": "library", + "name": "fastq", + "version": "1.17.1", + "bom-ref": "fastq@1.17.1", + "author": "Matteo Collina", + "description": "Fast, in memory work queue", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fastq@1.17.1", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/fastq.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/fastq#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/fastq/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b11543de55952175a0e81cbaf1937bbe1a3d6b5a5070dfd604568002c0c31739498efa06c743fccfb575b7bda0ac525f261bb760f641baedb97fb29ac368cdd7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastq" + } + ] + }, + { + "type": "library", + "name": "reusify", + "version": "1.0.4", + "bom-ref": "reusify@1.0.4", + "author": "Matteo Collina", + "description": "Reuse objects and functions with style", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/reusify@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/reusify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/reusify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/reusify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d9c7f3c6b77dcfde902175974fd43f5228b22b888f24e1ee106f5d530762055c7c6bedf3ded782e8f650e2c3788e411b69bbfeec3268b553e9f6ed0b04f2cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/reusify" + } + ] + }, + { + "type": "library", + "name": "structured-clone", + "group": "@ungap", + "version": "1.2.0", + "bom-ref": "@ungap/structured-clone@1.2.0", + "author": "Andrea Giammarchi", + "description": "A structuredClone polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40ungap/structured-clone@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/ungap/structured-clone.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ungap/structured-clone#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ungap/structured-clone/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cee55d16b3098ae083414302cd0683e8a2f6f0c8e7aaa37c5e702a884abd3cd9bf8423d34867eb5c239fc23d68c382c56ffb4dca624fc2c35b55e3dcd7116aad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ungap/structured-clone" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2399e374a9dfb2d23b3312da18e3caf43deab97703049089423aee90e5fe3595f92cc17b8ab58ae18284e92e7c887079b6e1486ac7ee53aa6d889d2c0b844e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "907c6bdb366962d766acdd6a0e3aeb5ff675ad1d641bc0f1fa09292b51b87979af5ecc26704d614d6056614ce5ada630d7fc99a7a62e0d8efb62dbdb3747660c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-command" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efef9d161b5cc77df9dee05aabc0c347836ec417ad0730bb6503a19934089c711de9b4ab5dd884cb30af1b4ed9e3851874b4a1594c97b7933fca1cfc7a471bd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-regex" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04b2374e5d535b73ef97bd25df2ab763ae22f9ac29c17aac181616924a8cb676d782b303fb28fbae15b492e103c7325a6171a3116e6881aa4a34c10a34c8e26c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "447c4c2e9f659ca1c61d19e0f5016144231b600715a67ebdb2648672addfdfac638155564e18f8aaa2db4cb96aed2b23f01f9f210d44b8210623694ab3241e23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "7.2.2", + "bom-ref": "eslint-scope@7.2.2", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@7.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74eb76d4eee54cc84333e5fd981e065fe0d9ad9b425093cbff095c4eac72af1e48bced0862d20b76dad0190a7ef27e52d20c1256639ff4d42b8cc3a07d066522" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "8.11.3", + "bom-ref": "acorn@8.11.3", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@8.11.3", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63dad17c91b98dc28e13408b8ac61ba2352322b20413b00633303f4a6e01b2500d85b4be70332980175c3d3f75a09eceb89f61609071e7d4636e1c559eb17c5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn" + } + ] + }, + { + "type": "library", + "name": "flat-cache", + "version": "3.2.0", + "bom-ref": "flat-cache@3.2.0", + "author": "Jared Wray", + "description": "A stupidly simple key/value storage using files to persist some data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/flat-cache@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/flat-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09870435af85b5c50a2e6861ab272da5c96cabb405dfca4a8d91ec18d892405e6be05b6828359a6c50e5de1cda11032f4f52c7132b30e6dc202efa5861be2f6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "flatted", + "version": "3.3.1", + "bom-ref": "flatted@3.3.1", + "author": "Andrea Giammarchi", + "description": "A super light and fast circular JSON parser.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/flatted@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/flatted.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/flatted#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/flatted/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5fc72a30b2e27bb2ac3540d277378df0560af6b12de03b7aeceb06fc33469d84d20c11b8b850091419d47a257ecc2540bf0172e7a22333db07e758d568484dc7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flatted" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "keyv", + "version": "4.5.4", + "bom-ref": "keyv@4.5.4", + "author": "Jared Wray", + "description": "Simple key-value storage with support for multiple backends", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/keyv@4.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/keyv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/keyv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/keyv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3154790747f1097f608d5e75b144b5ba9a0ec9c82094706d03b441a62f672d528d4f3538a7d4f52297eafffb8af93295600bf7e7d648ecc7b9a34ae8caa88a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/keyv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-buffer", + "version": "3.0.1", + "bom-ref": "json-buffer@3.0.1", + "author": "Dominic Tarr", + "description": "JSON parse & stringify that supports binary via bops & base64", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-buffer@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/dominictarr/json-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1b57905f4769aa7d04c99be579b4f3dd7fe669ba1888bd3b8007983c91cad7399a534ff430c15456072c17d68cebea512e3dd6c7c70689966f46ea6236b1f49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-buffer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "5.0.0", + "bom-ref": "find-up@5.0.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efcfcf5d3d7094b2c3813cc3b3bb23abd873cf4bd70fece7fbbc32a447b87d74310a6766a9f1ac10f4319a2092408dda8c557dd5b552b2f36dac94625ba9c69e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "6.0.0", + "bom-ref": "locate-path@6.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88f64ae9e6236f146edee078fd667712c10830914ca80a28a65dd1fb3baad148dc026fcc3ba282c1e0e03df3f77a54f3b6828fdcab67547c539f63470520d553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "5.0.0", + "bom-ref": "p-locate@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2da363b51594058fbecc1e6713f37071aa0cca548f93e4be647341d53cdd6cc24c9f2e9dca7a401aded7fed97f418ab74c8784ea7c47a696e8d8b1b29ab1b93f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-extglob", + "version": "2.1.1", + "bom-ref": "is-extglob@2.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a string has an extglob.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extglob@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extglob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b29b00d90deb4dd58b88c466fe3d2de549327e321b0b1bcd9c28ac4a32122badb0dde725875b3b7eb37e1189e90103a4e6481640ed9eae494719af9778eca1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extglob" + } + ] + }, + { + "type": "library", + "name": "is-path-inside", + "version": "3.0.3", + "bom-ref": "is-path-inside@3.0.3", + "author": "Sindre Sorhus", + "description": "Check if a path is inside another path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-path-inside@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-path-inside.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15de200016fec9c18098aa2ef1e31fb42ba94a2af9951c6a7f8683fef774703daa7381cbd3b3a309eb8732bf11a380a831a782283074fc40813955a34f052f3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-path-inside" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "prelude-ls", + "version": "1.2.1", + "bom-ref": "prelude-ls@1.2.1", + "author": "George Zahariev", + "description": "prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prelude-ls@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/prelude-ls.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://preludels.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/prelude-ls/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be47033eb459a354192db9f944b18fa60fd698843ae6aa165a170629ffdbe5ea659246ab5f49bdcfca6909ab789a53aa52c5a9c8db9880edd5472ad81d2cd7e6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prelude-ls" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-check", + "version": "0.4.0", + "bom-ref": "type-check@0.4.0", + "author": "George Zahariev", + "description": "type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-check@0.4.0", + "externalReferences": [ + { + "url": "git://github.com/gkz/type-check.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/type-check", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/type-check/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5794a1cf6ec065ea8d6c176944d9026ccc705679f39f10036befc7552be7121c8b15c83fef0b9c50e0469954df4bacead7aa765b2415fbbe69ee0aefd3a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-check" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "word-wrap", + "group": "@aashutoshrathi", + "version": "1.2.6", + "bom-ref": "@aashutoshrathi/word-wrap@1.2.6", + "author": "Jon Schlinkert", + "description": "Wrap words to a specified length.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40aashutoshrathi/word-wrap@1.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/aashutoshrathi/word-wrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d588ecd92bccf137e5111fce0f770e8e15963996f9f00dadef0a44d92f577c161388897e5c58501b66e3cb83eed48f8402508d533443603745c056142af5dc20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aashutoshrathi/word-wrap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "deep-is", + "version": "0.1.4", + "bom-ref": "deep-is@0.1.4", + "author": "Thorsten Lorenz", + "description": "node's assert.deepEqual algorithm except for NaN being equal to NaN", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-is@0.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/thlorenz/deep-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/deep-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/deep-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a083f392c993838fccae289a6063bea245c34fbced9ffc37129b6fffe81221d31d2ac268d2ee027d834524fcbee1228cb82a86c36c319c0f9444c837b7c6bf6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accepts", + "version": "1.3.8", + "bom-ref": "accepts@1.3.8", + "description": "Higher-level content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/accepts@1.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/accepts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/accepts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/accepts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d802d8536b69b654ac6ebd20f70cf0bf1b2f94fac380d4b02e4fc9a4991bafc3e34009269e5c443e34771517bace365eaa71ac55dd4b9e9b06b093eefe4892f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accepts" + } + ] + }, + { + "type": "library", + "name": "mime-types", + "version": "2.1.35", + "bom-ref": "mime-types@2.1.35", + "description": "The ultimate javascript content-type utility.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-types@2.1.35", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-types.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-types#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-types/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64363e6cf9b9cd34c5f98a42ac053d9cad148080983d3d10b53d4d65616fe2cfbe4cd91c815693d20ebee11dae238323423cf2b07075cf1b962f9d21cda7978b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-types" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8452ca863cbb0cfa3ff37428598ec9d7e758385eb1c53885f07e70953c695093f9398226a470ab2ec4239b051bba0d29bda29c3f3bab2559b25d82140ce1b06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/negotiator" + } + ] + }, + { + "type": "library", + "name": "array-flatten", + "version": "1.1.1", + "bom-ref": "array-flatten@1.1.1", + "author": "Blake Embrey", + "description": "Flatten an array of nested arrays into a single flat array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-flatten@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/array-flatten.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c254042cc167a6bba51dc6c0c5157ffe815798a8a0287770f75159bdd631f0ca782e3b002f60f871f2736533ef8da9170ae82c71a5469f8e684874a88789baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-flatten" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "version": "1.20.2", + "bom-ref": "body-parser@1.20.2", + "description": "Node.js body parsing middleware", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/body-parser@1.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/body-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/body-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/body-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a5f6945e0aedcceb590696aa139b6ba64974e5453b864f1d1b7d88feb8850a298c9c1b936d49b79eb55ddf69253a47b6a338fc3483f2753ef2b8a8dcbbb396c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "body-parser@1.20.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "body-parser@1.20.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "bytes", + "version": "3.1.2", + "bom-ref": "bytes@3.1.2", + "author": "TJ Holowaychuk", + "description": "Utility to parse a string bytes to bytes and vice-versa", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bytes@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/bytes.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcd7fb4f2cd3c7a4b7c9124e6ce015efde7aafc72bdbe3a3f000b976df3048fdc1400a1e5f9f0da07c8253c3fccc690d5d2b634d28ba7f33ba174a4175c61b12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bytes" + } + ] + }, + { + "type": "library", + "name": "depd", + "version": "2.0.0", + "bom-ref": "depd@2.0.0", + "author": "Douglas Christopher Wilson", + "description": "Deprecate all the things", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/depd@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/dougwilson/nodejs-depd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83b9c7e8fe9dc838a8268800006a6b1a90ad5489898693e4feba02cdd6f77c887ad7fb3f9cfb1f47aa27c8cc2408047f3a50b7c810b49444af52840402cb08af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/depd" + } + ] + }, + { + "type": "library", + "name": "destroy", + "version": "1.2.0", + "bom-ref": "destroy@1.2.0", + "author": "Jonathan Ong", + "description": "destroy a stream if possible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/destroy@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/destroy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/destroy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/destroy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dac246253697208691d70e22252368374867318ec6a5cfe7f03e2a482270f10a855977fb72e0209c41f1069c1e69570f7af0b69772a98d80b1dcdca941081a26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/destroy" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "version": "2.0.0", + "bom-ref": "http-errors@2.0.0", + "author": "Jonathan Ong", + "description": "Create HTTP error objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-errors@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/http-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/http-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/http-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16dc2b1bf7ae0736848d8791a8e825cbb1b4aaf8a25e82569ef107d99d6994175781bca3bf7e291d349bf73a1e1ccc83cb7dfe0d6cb95adf56a3e4d446d39849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-errors" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.4.24", + "bom-ref": "iconv-lite@0.4.24", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.4.24", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf73179d901cbe7cb091350466898801cb657bb4575de79d391df5c3097b565ca85cee108bd6abbd27a73505a77b54dc4708422f51f02c8db56c4a9da63f3fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/iconv-lite" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "619a372bcd920fb462ca2d04d4440fa232f3ee4a5ea6749023d2323db1c78355d75debdbe5d248eeda72376003c467106c71bbbdcc911e4d1c6f0a9c42b894b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safer-buffer" + } + ] + }, + { + "type": "library", + "name": "on-finished", + "version": "2.4.1", + "bom-ref": "on-finished@2.4.1", + "description": "Execute a callback when a request closes, finishes, or errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/on-finished@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/on-finished.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/on-finished#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/on-finished/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a15973920dc4340842936cddbfb209c1dfd0503e33d91c51c2991c198f29b0255c09864dab8c189d55802c733e6ebb6e26378f5a2605fc2966b83afc0a1e7e92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/on-finished" + } + ] + }, + { + "type": "library", + "name": "qs", + "version": "6.11.0", + "bom-ref": "qs@6.11.0", + "description": "A querystring parser that supports nesting and arrays, with a depth limit", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/qs@6.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/qs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/qs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32f8e830227011aad26d4624e4efa79a84b34aeb52b13c05f39cdc1cf43d3ab945a193982236aa040248a885e3a6dc83e6f4e1c46ab9d97bbf31a273464224e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/qs" + } + ] + }, + { + "type": "library", + "name": "raw-body", + "version": "2.5.2", + "bom-ref": "raw-body@2.5.2", + "author": "Jonathan Ong", + "description": "Get and validate the raw body of a readable stream.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/raw-body@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/raw-body.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/raw-body#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/raw-body/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f331aaca97c4363088a868605d3a02f1a076afb62b057f804007c83ecfcc964f81b4f4f3b4ebd34b4d4d456ff7121eb427e6b8f25b7caac0b38ab43a9680957c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/raw-body" + } + ] + }, + { + "type": "library", + "name": "unpipe", + "version": "1.0.0", + "bom-ref": "unpipe@1.0.0", + "author": "Douglas Christopher Wilson", + "description": "Unpipe a stream from all destinations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/unpipe@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/unpipe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/unpipe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/unpipe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cb66d8852b2e7f05a52b03dcfa5ddc37bfb0b8994aeaecf461d2443a54036e5ea3a3f6253e2e266fc6a0524542f0117b57c36ecdec8f36a464b00de1ced29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/unpipe" + } + ] + }, + { + "type": "library", + "name": "type-is", + "version": "1.6.18", + "bom-ref": "type-is@1.6.18", + "description": "Infer the content-type of a request.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-is@1.6.18", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/type-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/type-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/type-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e444aafdb144f1107f0c75fb8248fed58b3272cd134c8e3d89d9da3626bdcaca6e7df0955d124b2eccf4029e514f5b8932f50fa203e99af411a6d3a5d0072f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-is" + } + ] + }, + { + "type": "library", + "name": "content-disposition", + "version": "0.5.4", + "bom-ref": "content-disposition@0.5.4", + "author": "Douglas Christopher Wilson", + "description": "Create and parse Content-Disposition header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-disposition@0.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-disposition.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-disposition#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-disposition/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16f7994cdb86c34e1cc6502259bce2eb34c02ff9617a16966d3b6096e261e3f13de43a8cc139a16b7299375680580f1c148847ccc654bcb7af930e51aa4fad49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-disposition" + } + ] + }, + { + "type": "library", + "name": "cookie-signature", + "version": "1.0.6", + "bom-ref": "cookie-signature@1.0.6", + "author": "TJ Holowaychuk", + "description": "Sign and unsign cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie-signature@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/node-cookie-signature.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4000f395a1dcf22715f08eef6da257270a1df47598a7cb82a9fd716b839f36ed53ec9571408ad480e5ad1dd343b4f8b2c2615b892d76563a2d2172eb28cde8ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie-signature" + } + ] + }, + { + "type": "library", + "name": "cookie", + "version": "0.6.0", + "bom-ref": "cookie@0.6.0", + "author": "Roman Shtylman", + "description": "HTTP server cookie parsing and serialization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bd5cc936a6ba1d4244d09fa4663ab68dbc971bcdc0f1b81aecff1158e07f7266cefd2f943a756ad4fd792e5d0e33181ee7291db5a7b3a2f07f704acfab2f77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie" + } + ] + }, + { + "type": "library", + "name": "encodeurl", + "version": "1.0.2", + "bom-ref": "encodeurl@1.0.2", + "description": "Encode a URL to a percent-encoded form, excluding already-encoded sequences", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encodeurl@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/encodeurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cf257abc26a15a5589b609698fbe73f6232a3865233bfd029c4a6b8c2c339b7e91f97e2ed150699dfeb4c37feaeeb7fb1a88389011e5533600262447403b1d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/encodeurl" + } + ] + }, + { + "type": "library", + "name": "escape-html", + "version": "1.0.3", + "bom-ref": "escape-html@1.0.3", + "description": "Escape string for use in HTML", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-html@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/component/escape-html.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/escape-html#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/escape-html/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3624aea59e0e7ae1b0afaf251887b29bf92c219309a1d506392099fc54a74f172b7a46efaab81d53194938ca628da299563009ad6ac6b3fe89cbc38cbb28fda3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-html" + } + ] + }, + { + "type": "library", + "name": "etag", + "version": "1.8.1", + "bom-ref": "etag@1.8.1", + "description": "Create simple HTTP ETags", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/etag@1.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/etag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/etag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/etag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6882f9171ee66b055adf4d1a976067104e2236fa35a844f12eb3c8fe8d392fbcfa828edf0b0d49e844266cae05989d804bb920545fca1195ae7c17dd0a531c3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/etag" + } + ] + }, + { + "type": "library", + "name": "finalhandler", + "version": "1.2.0", + "bom-ref": "finalhandler@1.2.0", + "author": "Douglas Christopher Wilson", + "description": "Node.js final http responder", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/finalhandler@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/finalhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e5dc5157ed9503059d60bdaaefecbe45afdc64ddd8f7d484aff73cb9183407bb15ba8932ddf9d791dac44e9e44bef819db2b8a2c2e8e26b075a0750691084a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "finalhandler@1.2.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "finalhandler@1.2.0|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "parseurl", + "version": "1.3.3", + "bom-ref": "parseurl@1.3.3", + "description": "parse a url with memoization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parseurl@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/parseurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/parseurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/parseurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0a2c9e3b1153fc96723799b4cfd3df5f0e1208127a4b2833d43a65d30aa39610c418604fd469ec51510bd29eb78681b57dc8f77c7ca75e2f4d60ee2758e2fea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parseurl" + } + ] + }, + { + "type": "library", + "name": "statuses", + "version": "2.0.1", + "bom-ref": "statuses@2.0.1", + "description": "HTTP status utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/statuses@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/statuses.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/statuses#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/statuses/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "470340f59ffb3eb2b4eab60b23314c95a17e97bde2c29ceca9120581b30b6d370b0fa70e6a8f364da59e7cf5d0bc1d9f382e008ee612127752ecdfe64c26e475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/statuses" + } + ] + }, + { + "type": "library", + "name": "fresh", + "version": "0.5.2", + "bom-ref": "fresh@0.5.2", + "author": "TJ Holowaychuk", + "description": "HTTP response freshness testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fresh@0.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc9da6418335f2b1053ae75e57819285318843b45bcc0ee8cdb53d23f5c1a66ee4aa0332c209b294cc171f16499a45686249daf5dda95575573dd6133fd7a3f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fresh" + } + ] + }, + { + "type": "library", + "name": "setprototypeof", + "version": "1.2.0", + "bom-ref": "setprototypeof@1.2.0", + "author": "Wes Todd", + "description": "A small polyfill for Object.setprototypeof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/setprototypeof@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/wesleytodd/setprototypeof.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1392c35fb5aba7ce4a8a5e5b859bf8ea3f2339e6e82aae4932660cde05467461fcc45a4f59750cb0dae53830ab928c4c11e362fd7648c2e46f6385cdc18309a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setprototypeof" + } + ] + }, + { + "type": "library", + "name": "toidentifier", + "version": "1.0.1", + "bom-ref": "toidentifier@1.0.1", + "author": "Douglas Christopher Wilson", + "description": "Convert a string of words to a JavaScript identifier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/toidentifier@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/toidentifier.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/toidentifier#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/toidentifier/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39b123ca12483f0c840d987e37574fee7ab2eba7355e764521f2d18dbda797a5fa6ec2329e9e54a8c7fd8efc14e5654b447be246eece58844cfad3c3e500744" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/toidentifier" + } + ] + }, + { + "type": "library", + "name": "merge-descriptors", + "version": "1.0.1", + "bom-ref": "merge-descriptors@1.0.1", + "author": "Jonathan Ong", + "description": "Merge objects using descriptors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-descriptors@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/merge-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/merge-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/merge-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7028ba837fd9af58aa422eb249bb1e3355efa286bdf0dd30df58f3518ad73d7db1a8e6e61461c9d2d439bbbe07de6561ef02e8b93b1e672608ab7f60f1c369d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-descriptors" + } + ] + }, + { + "type": "library", + "name": "methods", + "version": "1.1.2", + "bom-ref": "methods@1.1.2", + "description": "HTTP methods that node supports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/methods@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/methods.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/methods#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/methods/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "89c9401de36a366ebccc5b676747bed4bdb250876fccda1ab8a53858103756f1ffbcf162785eea7d197051953e0c0f4ff5b3d7212f74ba5c68528087db7b15db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/methods" + } + ] + }, + { + "type": "library", + "name": "ee-first", + "version": "1.1.1", + "bom-ref": "ee-first@1.1.1", + "author": "Jonathan Ong", + "description": "return the first event in a set of ee/event pairs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ee-first@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonathanong/ee-first.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonathanong/ee-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonathanong/ee-first/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58cc26f4b851528f9651a44dfaf46e113a86f3d22066985548d91d16079beac4bf1383ab0c837bb78f0201ec121d773a0bc95e7c3f0a29faf9bd8eb56eb425a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ee-first" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "0.1.7", + "bom-ref": "path-to-regexp@0.1.7", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@0.1.7", + "externalReferences": [ + { + "url": "git+https://github.com/component/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e43164ba8aa5bf5b9840ac72f2898505e24f41c768134ecabf6b1f7ab0c2ac0ab5a21394f8c483b300c86e7c7760033ad2a20e9d86b9df00615d6d046cca27ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-to-regexp" + } + ] + }, + { + "type": "library", + "name": "proxy-addr", + "version": "2.0.7", + "bom-ref": "proxy-addr@2.0.7", + "author": "Douglas Christopher Wilson", + "description": "Determine address of proxied request", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-addr@2.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/proxy-addr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96542c30b4940d43d3e388ddad4fcedfbaa59e27e2b433fe670ae699972848ac8b2afb59c69c95d27dbf6c3fcde2d040019fe024475953b28cadaa0ad7e5d802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-addr" + } + ] + }, + { + "type": "library", + "name": "forwarded", + "version": "0.2.0", + "bom-ref": "forwarded@0.2.0", + "description": "Parse HTTP X-Forwarded-For header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/forwarded@0.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/forwarded.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/forwarded#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/forwarded/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ee446d1fa41b511d24c238049eea10f6e7cb44b9b16844b6f864d03a3713151cdc3680e7301e8f70c9a6e5ccccce039cfdc40f4bd4a36393f36de8c4fd698a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/forwarded" + } + ] + }, + { + "type": "library", + "name": "ipaddr.js", + "version": "1.9.1", + "bom-ref": "ipaddr.js@1.9.1", + "author": "whitequark", + "description": "A library for manipulating IPv4 and IPv6 addresses in JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ipaddr.js@1.9.1", + "externalReferences": [ + { + "url": "git://github.com/whitequark/ipaddr.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0a23feb4ef1a31493a07ec68cdd457d26cba14d3e6ed4e2723b1049642587f859ca437c2a998c7fbb98c0f5b747e6a467a47fc35f199574870585e26143cede" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ipaddr.js" + } + ] + }, + { + "type": "library", + "name": "side-channel", + "version": "1.0.6", + "bom-ref": "side-channel@1.0.6", + "author": "Jordan Harband", + "description": "Store information about any JS value in a side channel. Uses WeakMap if available.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/side-channel@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/side-channel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/side-channel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/side-channel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c35bf119e90f5188ef1e146f078feeeefe85be5eb3d320287008e336fad87603a39b943b58608a6f7bd9be2af23d6780bda9211795a191e9b4c460745eba094" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/side-channel" + } + ] + }, + { + "type": "library", + "name": "call-bind", + "version": "1.0.7", + "bom-ref": "call-bind@1.0.7", + "author": "Jordan Harband", + "description": "Robustly `.call.bind()` a function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/call-bind@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/call-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/call-bind#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/call-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1874d2352608090eec707eec67e336ac5a294682e1f2dd9b2d25ba05b82bb4bb1a84e201e62c805497fd1a358addc6130da323e17741a4cd5c03aa484b42afdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/call-bind" + } + ] + }, + { + "type": "library", + "name": "es-define-property", + "version": "1.0.0", + "bom-ref": "es-define-property@1.0.0", + "author": "Jordan Harband", + "description": "`Object.defineProperty`, but not IE 8's broken one.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-define-property@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-define-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-define-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-define-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f16b22ca4a1ac4aaacc9d1eba641b5614d840cdbb09f4f54f7e7e8028031682fcd892ec5ea4c9efacefe80d182ce8049cb50cbcbcec0ec188ae5f0d1694f681" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-define-property" + } + ] + }, + { + "type": "library", + "name": "get-intrinsic", + "version": "1.2.4", + "bom-ref": "get-intrinsic@1.2.4", + "author": "Jordan Harband", + "description": "Get and robustly cache all JS language-level intrinsics at first require time", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-intrinsic@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/get-intrinsic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e621b091fc549053bfba2c960e01ce7258843a1123ac1a602c4c9827674eb702ac703f7c214aa13173d8928a1341dd0c5505effa10ba1cee99724aee968145" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-intrinsic" + } + ] + }, + { + "type": "library", + "name": "es-errors", + "version": "1.3.0", + "bom-ref": "es-errors@1.3.0", + "author": "Jordan Harband", + "description": "A simple cache for a few of the JS Error constructors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-errors@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65fe47d8ac6ddb18d3bdb26f3f66562c4202c40ea3fa1026333225ca9cb8c5c060d6f2959f1f3d5b2d066d2fa47f9730095145cdd0858765d20853542d2e9cb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-errors" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed71cdc47eea5fdc46e66230c6486e993a31fcc21135c3a00ebc56b0cb76a40af6dd61e9e8cad194dec50521690a9afea153b417be38894811f369c931f1b648" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/function-bind" + } + ] + }, + { + "type": "library", + "name": "set-function-length", + "version": "1.2.2", + "bom-ref": "set-function-length@1.2.2", + "author": "Jordan Harband", + "description": "Set a function's length property", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/set-function-length@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/set-function-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/set-function-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/set-function-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6045ce21278fec363582492f409a74b8d31ddb34c0d39271e02f951a3014ccc899d4f741205a1d51cfe302f5e16ee01b8dfd4c198ca42e63fd6fdeb33b1cc7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/set-function-length" + } + ] + }, + { + "type": "library", + "name": "define-data-property", + "version": "1.1.4", + "bom-ref": "define-data-property@1.1.4", + "author": "Jordan Harband", + "description": "Define a data property on an object. Will fall back to assignment in an engine without descriptors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-data-property@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/define-data-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/define-data-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/define-data-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac132f23396903cbfa13e489668a3ef87018aac2eb920ecc49f2229cc3c5866928af0ed7f9d39754942cf904faf731a4cccc9f0e720c3765a2775f8d6cbdd3f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-data-property" + } + ] + }, + { + "type": "library", + "name": "gopd", + "version": "1.0.1", + "bom-ref": "gopd@1.0.1", + "author": "Jordan Harband", + "description": "`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gopd@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/gopd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/gopd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/gopd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77ae5b36521a771be96ff03669b55d96a2aa579eb78ee4676755ad93ab35b0847cb8db1747bd31a88cd5ab155fd5e4ea0ee9f04f632473311e69ecc2293661c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gopd" + } + ] + }, + { + "type": "library", + "name": "has-property-descriptors", + "version": "1.0.2", + "bom-ref": "has-property-descriptors@1.0.2", + "author": "Jordan Harband", + "description": "Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-property-descriptors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-property-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7924d2ae216fafab829ed418ce4e333661cb5022f093ec61731f099f64f1a8e709eb82489dd1842d9c095e152aae9999b86b3de7d814be7ab6f2e62a49760ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-property-descriptors" + } + ] + }, + { + "type": "library", + "name": "has-proto", + "version": "1.0.3", + "bom-ref": "has-proto@1.0.3", + "author": "Jordan Harband", + "description": "Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-proto@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-proto.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-proto#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-proto/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "489d5a999009522652f8f86c54b7f9b46c9d95a541f04745a5a48ee209a250a50ec64f2ace7e40232e19789526876db39c8764fee300513da9977171cd5507f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-proto" + } + ] + }, + { + "type": "library", + "name": "has-symbols", + "version": "1.0.3", + "bom-ref": "has-symbols@1.0.3", + "author": "Jordan Harband", + "description": "Determine if the JS environment has Symbol support. Supports spec, or shams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-symbols@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/has-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/has-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/has-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9772c2b85e8c8033704c32a47581848a1623b79a513db120e3aaed9669d23e551b82607c2ce22b2896d86050526e73da25ec4c2ad88f3bc8667918d1cf64ddf8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-symbols" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21254f5208fbe633320175916a34f5d66ba76a87b59d1f470823dcbe0b24bcac6de72f8f01725adaf4798a8555541f23d6347e58ef10f0001edb7e04a391431" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hasown" + } + ] + }, + { + "type": "library", + "name": "object-inspect", + "version": "1.13.1", + "bom-ref": "object-inspect@1.13.1", + "author": "James Halliday", + "description": "string representations of objects in node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-inspect@1.13.1", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/object-inspect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6aa23d5152228e32c08234b57508188f604d74b33893b2798dc64008feb661883eb7085ec8a9d1460bf5f38d68e94a02dfd0bc575f76c3148874135f1fe9485" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-inspect" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "version": "1.2.1", + "bom-ref": "range-parser@1.2.1", + "author": "TJ Holowaychuk", + "description": "Range header field string parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/range-parser@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/range-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/range-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/range-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1eb82cc7ea2baa8ca09e68456ca68713a736f7a27e1d30105e8c4417a80dba944e9a6189468cb37c6ddc700bdea8206bc2bff6cb143905577f1939796a03b04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "version": "0.18.0", + "bom-ref": "send@0.18.0", + "author": "TJ Holowaychuk", + "description": "Better streaming static file server with Range and conditional-GET support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/send@0.18.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/send.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/send#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/send/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aaa5b3b8e8d214ebaa3e315ee0d3ac30b69f4e8410c0148e1294be17012ddc0d95def2ae6d3aae4f7be62d3429160317a7c02515616e3f5a8a68964eb4fa555e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "send@0.18.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "send@0.18.0|debug@2.6.9|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug/node_modules/ms" + } + ] + } + ] + } + ] + }, + { + "type": "library", + "name": "mime", + "version": "1.6.0", + "bom-ref": "mime@1.6.0", + "author": "Robert Kieffer", + "description": "A comprehensive library for mime-type mapping", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-mime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-mime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-mime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c74567f2ca48fb0b89d4ee92ee09db69083c3f187834d1dbeca4883661162a23c4e1128ea65be28e7f8d92662699180febc99cef48f611b793151b2bb306907a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "version": "1.15.0", + "bom-ref": "serve-static@1.15.0", + "author": "Douglas Christopher Wilson", + "description": "Serve static files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/serve-static@1.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/serve-static.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/serve-static#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/serve-static/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c6b910cd8d75228ec50bd2f97a9d20fb730511bb31208256ce685b9933d8379300d7396553724d232f38cfcc60fe4dacd66dba1962ee76ffdfd73dd5209def6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serve-static" + } + ] + }, + { + "type": "library", + "name": "media-typer", + "version": "0.3.0", + "bom-ref": "media-typer@0.3.0", + "author": "Douglas Christopher Wilson", + "description": "Simple RFC 6838 media type parser and formatter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/media-typer@0.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/media-typer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/media-typer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/media-typer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76afaa7a543d6a41e970e97f8145514f15483a4009d70477400bdbe11b158d2f285681630c64dcebbf702589949a49d41791f030b3a06f93be6b72b17d66a93d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/media-typer" + } + ] + }, + { + "type": "library", + "name": "utils-merge", + "version": "1.0.1", + "bom-ref": "utils-merge@1.0.1", + "author": "Jared Hanson", + "description": "merge() utility function", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "http://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:npm/utils-merge@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/jaredhanson/utils-merge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredhanson/utils-merge#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/jaredhanson/utils-merge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a4c653bc8913d5df93146bc33aaa1d39c971d105a49208ba4dda1af200bc7df18002acfda733d36560326dbb071e8103ff3b4cb64bff5686136324a1527f3584" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/utils-merge" + } + ] + }, + { + "type": "library", + "name": "vary", + "version": "1.1.2", + "bom-ref": "vary@1.1.2", + "author": "Douglas Christopher Wilson", + "description": "Manipulate the HTTP Vary header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/vary@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/vary.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/vary#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/vary/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04d19b58b7ddd1e50f69b8645d4566d23f2ebaf444c93879a2f45afddca8c3f06a01b649c82fb97d4f88cd03b39802b362a6110084a8461750af778867f3d7aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/vary" + } + ] + }, + { + "type": "library", + "name": "asynckit", + "version": "0.4.0", + "bom-ref": "asynckit@0.4.0", + "author": "Alex Indigo", + "description": "Minimal async jobs utility library, with streams support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/asynckit@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexindigo/asynckit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexindigo/asynckit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexindigo/asynckit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39e8bd387e2d461d18a94dc6c615fbf5d33f9b0560bdb64969235a464f9bb21923d12e5c7c772061a92b7818eb1f06ad5ca6f3f88a087582f1aca8a6d8c8d6d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/asynckit" + } + ] + }, + { + "type": "library", + "name": "combined-stream", + "version": "1.0.8", + "bom-ref": "combined-stream@1.0.8", + "author": "Felix Geisendörfer", + "description": "A stream that emits multiple other streams one after another.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/combined-stream@1.0.8", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-combined-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1503783117ee25e1dfedc05b04c2455e12920eafb690002b06599106f72f144e410751d9297b5214048385d973f73398c3187c943767be630e7bffb971da0476" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/combined-stream" + } + ] + }, + { + "type": "library", + "name": "delayed-stream", + "version": "1.0.0", + "bom-ref": "delayed-stream@1.0.0", + "author": "Felix Geisendörfer", + "description": "Buffers events from a stream until you are ready to handle them.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/delayed-stream@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-delayed-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "672483ecd7fdd5a2c1d11c4be0a1ab28705797b11db350c098475ca156b05e72c3ed20e1a4d82db88236680920edaed04b8d63c4f499d7ba7855d1a730793731" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/delayed-stream" + } + ] + }, + { + "type": "library", + "name": "mime-db", + "version": "1.52.0", + "bom-ref": "mime-db@1.52.0", + "description": "Media Type Database", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-db@1.52.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0f538b95edd625bed589c70c311c3d0fba285536213b4f201b439496c43081f66518bce82ba103b061040e28f27c0886c4fb51135653a82b5502da7537818be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-db" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "11.2.0", + "bom-ref": "fs-extra@11.2.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as recursive mkdir, copy, and remove.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@11.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e60e2deec0ae6716e5e1ed70d39559d2d7bc494bbbd6dfa8acdbec37c5cbfc495c620783720137f872d9156396e44a35f46389dbbd90aad7f123b44cabf64b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "6.1.0", + "bom-ref": "jsonfile@6.1.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@6.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5d8277563ab8984a6e5c9d86893616a52cd0ca3aa170c8307faebd44f59b067221af28fb3c476c5818269cb9fdf3e8ad58283cf5f367ddf9f637727de932a5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsonfile" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "2.0.1", + "bom-ref": "universalify@2.0.1", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "829b4735082120d9dcfef4c6224d12385185357c3b255ae5454b42a2725196f6b0e83b97d303b925e928f6c5ab301861f8fb18019ee85c088e9dffd42a88328b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/universalify" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "version": "4.0.8", + "bom-ref": "get-installed-path@4.0.8", + "author": "Charlike Mike Reagent", + "description": "Get installation path where the given package is installed. Works for globally and locally installed packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-installed-path@4.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/tunnckoCore/get-installed-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-installed-path/-/get-installed-path-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e600d2b5c449481e51c7dad5df3a84e74835235f55f71af28ae99c8b6d49d20829f5a400f0bbaede556b6db8fcc95ab5c30d3d8c7ceeae01a2882ce15f8ad98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "global-modules", + "version": "1.0.0", + "bom-ref": "global-modules@1.0.0", + "author": "Jon Schlinkert", + "description": "The directory used by npm for globally installed npm modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-modules@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0ace91247f5d46a4e16ec346738f39ade01e146708ce706ef9ecf3efadf87170b15bab4c29b20a4eab1a71b71162086e03b46f7733a5d155b176a0675ebfb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-modules" + } + ] + }, + { + "type": "library", + "name": "global-prefix", + "version": "1.0.2", + "bom-ref": "global-prefix@1.0.2", + "author": "Jon Schlinkert", + "description": "Get the npm global path prefix.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-prefix@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-prefix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65b31d4d5031ed4a37e0d1e1e5998bd92aff3f9d5a97e1c9056ccf85ac6710fb4e0a59c585a3d3f93313d9612cd4bf2ce67536c8ec48b1f10e086c42c3ab32a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix" + } + ], + "components": [ + { + "type": "library", + "name": "which", + "version": "1.3.1", + "bom-ref": "global-prefix@1.0.2|which@1.3.1", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f125d616ab53132106c9de7c3472ab2c1e84cd536ebb2a5ac3b866755989710d2b54b4a52139a266875d76fd36661f1c547ee26a3d748e9bbb43c9ab3439221" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix/node_modules/which" + } + ] + } + ] + }, + { + "type": "library", + "name": "expand-tilde", + "version": "2.0.2", + "bom-ref": "expand-tilde@2.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like tilde expansion for node.js. Expands a leading tilde in a file path to the user home directory, or `~+` to the cwd.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expand-tilde@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/expand-tilde.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0391267ac1d6eab7e767dcac1d08cf7494678b44916abd2d8ed1b930db66f67e5352fb1853ca28ce9aed443e00a87c5c6565a556e026428da758a7cdf68ca34f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expand-tilde" + } + ] + }, + { + "type": "library", + "name": "homedir-polyfill", + "version": "1.0.3", + "bom-ref": "homedir-polyfill@1.0.3", + "author": "Brian Woodward", + "description": "Node.js os.homedir polyfill for older versions of node.js.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/homedir-polyfill@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/homedir-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7929a6584e5b6532b6368bb8834008df367daecc29ec644aa0a5d2d412d492f3ef88eaace184cdd5d8d022aad7cbd939804b5d2cfcbce898d1c2c34cf6d9c370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/homedir-polyfill" + } + ] + }, + { + "type": "library", + "name": "parse-passwd", + "version": "1.0.0", + "bom-ref": "parse-passwd@1.0.0", + "author": "Brian Woodward", + "description": "Parse a passwd file into a list of users.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-passwd@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/parse-passwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/parse-passwd", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/parse-passwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58d40fff4145c464aed82b3fab0fd5b275c135f84b8fafa64180a79c001f2d9a85ba505bf435111525ed69fa3471b5386471b6ca91fc086d625efc8784ea6d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-passwd" + } + ] + }, + { + "type": "library", + "name": "is-windows", + "version": "1.0.2", + "bom-ref": "is-windows@1.0.2", + "author": "Jon Schlinkert", + "description": "Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-windows@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-windows.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7972b55089ead9b3e68f25fa7b754723330ba1b73827de22e005a7f87a6adce5392a4ad10bde8e01c4773d127fa46bba9bc4d19c11cff5d917415b13fc239520" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-windows" + } + ] + }, + { + "type": "library", + "name": "resolve-dir", + "version": "1.0.1", + "bom-ref": "resolve-dir@1.0.1", + "author": "Jon Schlinkert", + "description": "Resolve a directory that is either local, global or in the user's home directory.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-dir@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/resolve-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bba24e3102cef3ac5927dd33440a14d05515c2b6eda1ce53076f2b9dc1716f33aa719d629d056e3f36732e78fb60383f6b45336d89e6445f7b547e94cff5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-dir" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "5.0.3", + "bom-ref": "domhandler@5.0.3", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@5.0.3", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "720c25bffd621508859d4f7a5d78113a1f314de7adb272620ec4dced36022c577dfbf58d908a8f4f188cffca5277c548ae15c64dfd4dcb5ab586ab95a83241e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "3.1.0", + "bom-ref": "domutils@3.1.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@3.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fbf2e32642d23602180326359e4261f0249d9b2cf0f718c98eed98dafd9661f38c249bee2eb7e2149d47516bcb82197f3c0e2571d63e8545ed577f11208c464" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "2.0.0", + "bom-ref": "dom-serializer@2.0.0", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-serializer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c08900af28aab7f9d5e4440aa90a68dd24e848e57d2740e76c9ab02bb5affd3adcf76cc801867816532ef893c55b50df185b7cd594c21a00c469b7df5de2f226" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "4.5.0", + "bom-ref": "entities@4.5.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease & speed", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@4.5.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5748631f87463e1f40a39a74328458e8156ab700a3873eaf2392d3f00279e47fb883dff8bdb1f1d48e787d2d17b9c94b8431c0acf40288c8c3c6368bf1f3f187" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "https", + "version": "1.0.0", + "bom-ref": "https@1.0.0", + "author": "hardus van der berg", + "description": "https mediation", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/https@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/https/-/https-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e040b9edd757ae4685d31f373a3f2c33a48b4070165f0f744a4aaed8ce0011610d677174d9d14913f180440f2280eefdb5c818a86ac3eda7b87f92f7ba6da582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/https" + } + ] + }, + { + "type": "library", + "name": "inquirer-file-tree-selection-prompt", + "version": "2.0.2", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2", + "author": "anc95", + "description": "inquerer file tree selection prompt", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inquirer-file-tree-selection-prompt@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/anc95/inquirer-file-tree-selection.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer-file-tree-selection-prompt/-/inquirer-file-tree-selection-prompt-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae56d0ec1ca4819fdf9aded259cdac681072b8cb10ad487e8aa9f2e1a32868bab6e426354ed643a7171a3bea0407335e5410fbe7d7789936884877e74a75414b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt" + } + ], + "components": [ + { + "type": "library", + "name": "rxjs", + "version": "7.8.1", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@7.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://rxjs.dev", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "000dd3563fb40368ae2284245842bfb6a16306ada3fba3cee98d3325cbf32c016110520edc72f4be5b3d8562e77196c001b2b499aafba19e15d3bf48fea3ccc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt/node_modules/rxjs" + } + ] + } + ] + }, + { + "type": "library", + "name": "cli-cursor", + "version": "3.1.0", + "bom-ref": "cli-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Toggle the CLI cursor", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23fcc7030b0a7fd16a1a85cce16591002a1bf7e48dba465377de03585e7b138b68a2e46e95b0b171487a44a5043909584c7267ce43ccc92bcf35a6922cd7cb67" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-cursor" + } + ] + }, + { + "type": "library", + "name": "restore-cursor", + "version": "3.1.0", + "bom-ref": "restore-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Gracefully restore the CLI cursor on exit", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/restore-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/restore-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97eb1279fcc7a63e6a8a6845484e5af27b9f65800cdec05254c00fb589260bee041f66a7486684317483d22cd141bbbd9dfc90f72e49ad59a9ec4f2866b523bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/restore-cursor" + } + ] + }, + { + "type": "library", + "name": "onetime", + "version": "5.1.2", + "bom-ref": "onetime@5.1.2", + "author": "Sindre Sorhus", + "description": "Ensure a function is only called once", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/onetime@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/onetime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/onetime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/onetime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91ba5a4921894d674063928f55e30e2974ab3edafc0bc0bbc287496dcb1de758d19e60fe199bbc63456853a0e6e59e2f5abd0883fd4d2ae59129fee3e5a6984a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/onetime" + } + ] + }, + { + "type": "library", + "name": "mimic-fn", + "version": "2.1.0", + "bom-ref": "mimic-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Make a function mimic another one", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3aa6ce939a0441e019f165d6c9d96ef47263cfd59574422f6a63027179aea946234e49c7fecaac5af850def830285451d47a63bcd04a437ee76c9818cc6a8672" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-fn" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "3.0.7", + "bom-ref": "signal-exit@3.0.7", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@3.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c270f6644fa5f923c2feea12d2f5de13d2f5fb4c2e68ca8a95fcfd00c528dfc26cc8b48159215c1d1d51ae2eb62d9735daf2ebd606f78e5ee2c10860c2901b19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "figures", + "version": "3.2.0", + "bom-ref": "figures@3.2.0", + "author": "Sindre Sorhus", + "description": "Unicode symbols with Windows CMD fallbacks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/figures@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/figures.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/figures#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/figures/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c9a76e40544a2d760e1a0127e8065abbdd23de08123b28aa5d4d05f4965f79762135af899385feb38e40db38398e7b3cec60056b7e01066da45f0e17a4d71b76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "figures@3.2.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures/node_modules/escape-string-regexp" + } + ] + } + ] + }, + { + "type": "library", + "name": "inquirer", + "version": "8.0.0", + "bom-ref": "inquirer@8.0.0", + "author": "Simon Boudrias", + "description": "A collection of common interactive command line user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/inquirer@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer/-/inquirer-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38df291093cf09dca3c63f9cc6c6117ba5df0897a94f100d74d9d379bb13b90817a51c994514fdb78749c2346e6e09af9f6d022d2127a334546b25f233d5535c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "3.0.0", + "bom-ref": "cli-width@3.0.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "171aa990f3f0bb51e3b8df773a67e6e21f2e21a9d7a1f5b44715445b793944ac7e9892584ad873361a77d8acf1c72dd800467f0dcfc458dd6f651634fa43a16f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-width" + } + ] + }, + { + "type": "library", + "name": "external-editor", + "version": "3.1.0", + "bom-ref": "external-editor@3.1.0", + "author": "Kevin Gravier", + "description": "Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/external-editor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mrkmg/node-external-editor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84c438097d69d62ce6b8b63266a2cc3bfa86370d74c12bfd40308f7f35dfc85ace682492a117ea13529fd6ce5a9fae89e49642eb635ec06fa62b8f63382b507b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor" + } + ], + "components": [ + { + "type": "library", + "name": "tmp", + "version": "0.0.33", + "bom-ref": "external-editor@3.1.0|tmp@0.0.33", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.0.33", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d10899688ca9d9dda75db533a3748aa846e3c4281bcd5dc198ab33bacd6657f0a7ca1299c66398df820250dc48cabaef03e1b251af4cbe7182459986c89971b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor/node_modules/tmp" + } + ] + } + ] + }, + { + "type": "library", + "name": "chardet", + "version": "0.7.0", + "bom-ref": "chardet@0.7.0", + "author": "Dmitry Shirokov", + "description": "Character detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chardet@0.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/runk/node-chardet.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/runk/node-chardet", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/runk/node-chardet/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "993f220dcae1d37a83191466a00da1981267c69965311fb4ff4aa5ce3a99112e8d762583719902340938acf159f50f39af6eee9e488d360f193a2c195c11f070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chardet" + } + ] + }, + { + "type": "library", + "name": "os-tmpdir", + "version": "1.0.2", + "bom-ref": "os-tmpdir@1.0.2", + "author": "Sindre Sorhus", + "description": "Node.js os.tmpdir() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-tmpdir@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/os-tmpdir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f6151d37562afb148bb8e57058db49936fefd9496074d2c8d4f637505edf37803ac8e19b73e45b3bff2cbbe20d8de52550638c58d6a0ebe2b35d770611557d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/os-tmpdir" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "0.0.8", + "bom-ref": "mute-stream@0.0.8", + "author": "Isaac Z. Schlueter", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@0.0.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e76d658e9285b252c4e32ab8600f475ccf6da67644a7a58a9b123226da787086ec654a4a72c09981a3c87466a25d929ef799bf744acb0790de2bb1168101f00" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mute-stream" + } + ] + }, + { + "type": "library", + "name": "run-async", + "version": "2.4.1", + "bom-ref": "run-async@2.4.1", + "author": "Simon Boudrias", + "description": "Utility method to run function either synchronously or asynchronously using the common `this.async()` style.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-async@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/run-async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/run-async#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/run-async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-async/-/run-async-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6f56756fd356fc73546b03a129ec9912b63f391aebff62b31cc2a6109f08ec012d9c4e698f181063023a425bb46b4a874d4a8136fea83d3b86dc78dbd4b8381" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-async" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "6.6.7", + "bom-ref": "rxjs@6.6.7", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@6.6.7", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "853770afeef260d213e67e00318a7ce4a03acb0d956b414b6b7460baf6e96b85b7239c729da059a38d5c3375ccfb843a7d1323dec058211d5502664c5d826f45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "rxjs@6.6.7|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "through", + "version": "2.3.8", + "bom-ref": "through@2.3.8", + "author": "Dominic Tarr", + "description": "simplified stream construction", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through@2.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/through.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/through", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/through/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3cf6a83b3c8f3001dbd7eb46cc0cff9b1680f90ef866f682e1785a793b86b6405d1c4811ac057e2a66669d3ccbd5aa52c9041722f96a8618e00fbdc0de35256" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "29.7.0", + "bom-ref": "jest-mock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@29.7.0#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21338c667f949184b864587cdf16003b3592b65a0dcc914edacf035ab138961b460fe028ae09db92228445ee3041507274818fc74e7d83aae25b906da7a2e59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "group": "@types", + "version": "3.0.3", + "bom-ref": "@types/istanbul-lib-report@3.0.3", + "description": "TypeScript definitions for istanbul-lib-report", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-report@3.0.3#types/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-report", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3509fb00742793f4522cec6b05b1b224cfda550fa98e3e470a06ac1717342bf2a1a004df43fe3b032525d79236c815298a18e66acf9af952413aa79cac51feb8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "group": "@types", + "version": "21.0.3", + "bom-ref": "@types/yargs-parser@21.0.3", + "description": "TypeScript definitions for yargs-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs-parser@21.0.3#types/yargs-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "238abd414f4c42fe2810ecf8b401c9b4dcf5730b8bc67d85df171cda257959da8b3e95278f7d1a52ec6dd660316131bea1ef0264c57ffbaad4e12e20443ceab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "29.7.0", + "bom-ref": "jest@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@29.7.0#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348cb7a00169f6c85d6b5f61cb81cad0745358ab4f26619d9efcb0bb4d673aa342daf660f99f9fbc90f1a4c400f3c79bd88f4471a7dc763620b03b619d84ef1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/core@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@29.7.0#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fb69e5d628c9c6b43038f32f132d624f2662e6999eb8d827a8efc718584a620fb1730e098d0d5fc6095468acf0017572c967ff70cf38190251e35e3c431c6b2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@jest/core@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/console@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@29.7.0#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e4d8b8094ed71d08b7d88277f7c1043f846b07c795d3db173f644ea83e1b92c1eb9d3ade7b9d8fb31bd7f2da4bf0bbd3677a45cd7c8f6cd411792378d420213a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/reporters@29.7.0", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@29.7.0#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c0a6ad0a25b24e1330056231c00cd371004dca6e1c50075cb92a995be566aac3acd56ee59ab529cc8c4e60b3c1548043e636c9d90373425a5f4d1b489ad383e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-result@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@29.7.0#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15dc7eb6feb1d7396424f7165e6303006d87067691f573d277968359056c7eb6662d54f7954d5cc32c4b81199747dcabab8341a049bd04cb1f805cd34006c960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/transform@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@29.7.0#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24fc14cf17314a54cc0ee5e38746bbe70551dd472f48aecad6d46a4c690f4c0a78a534b5d02a6017f2cd585c315a6a2f7126969cdb24b357461e451102af657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "fs.realpath", + "version": "1.0.0", + "bom-ref": "fs.realpath@1.0.0", + "author": "Isaac Z. Schlueter", + "description": "Use node's fs.realpath, but fall back to the JS implementation if the native one fails", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs.realpath@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/fs.realpath.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38ed291f694ae9ad2166701d6aee48b731cf23aa5496f23b8cc567c54411b70e28c05db093c94e49a6ed1830933f81a0ae0d8c6c69d63bd5fc2b5b78f9f18c0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs.realpath" + } + ] + }, + { + "type": "library", + "name": "inflight", + "version": "1.0.6", + "bom-ref": "inflight@1.0.6", + "author": "Isaac Z. Schlueter", + "description": "Add callbacks to requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inflight@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/npm/inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inflight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93dd88fdbd3cab8c2f16c71708bbea7ec1c2ae3ac5ef2897b10b8856f544ecdf365b7f9aaa9cee51d05b7e159ccbf159477ff82207e532028b3acbcf0eb18224" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inflight" + } + ] + }, + { + "type": "library", + "name": "path-is-absolute", + "version": "1.0.1", + "bom-ref": "path-is-absolute@1.0.1", + "author": "Sindre Sorhus", + "description": "Node.js 0.12 path.isAbsolute() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-is-absolute@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-is-absolute.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0156f0dd42767bd6eaeb8bd2692f409b47e37b53daf296c6a934ec9977da2223299ebe4394385f24eb8b8fd49ff7964f5430147ab0df124f3c30f98f7bb50242" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-is-absolute" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "6.0.2", + "bom-ref": "istanbul-lib-instrument@6.0.2", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@6.0.2#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5652c67d475940d07b414a8853926dfd5933e534a489e62164ed4c2a5e404ba07413fa17ea3ec7ec4c356e65d286681c27edd8a7f5b4bb4ac9e802bf78de1bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "make-dir", + "version": "4.0.0", + "bom-ref": "make-dir@4.0.0", + "author": "Sindre Sorhus", + "description": "Make a directory and its parents if needed - Think `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/make-dir@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/make-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8577544d960854eb75131fff8c0422fb04d9669529c018ffd10b0ecea7a06f7ac630c78989212ee712c79d87c1ad1578447dbe38248e3bde48b3fef1d562786f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-dir" + } + ] + }, + { + "type": "library", + "name": "source-map", + "version": "0.6.1", + "bom-ref": "source-map@0.6.1", + "author": "Nick Fitzgerald", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map@0.6.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mozilla/source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mozilla/source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mozilla/source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52381aa6e99695b3219018334fb624739617513e3a17488abbc4865ead1b7303f9773fe1d0f963e9e9c9aa3cf565bab697959aa989eb55bc16396332177178ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map" + } + ] + }, + { + "type": "library", + "name": "html-escaper", + "version": "2.0.2", + "bom-ref": "html-escaper@2.0.2", + "author": "Andrea Giammarchi", + "description": "fast and safe way to escape and unescape &<>'\" chars", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-escaper@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/html-escaper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f688cb5dd08e0cb7979889aa517480e3a7e5f37a55d0d2d144e094bb605c057af5d73263a9f66c8dad4bc28340fac2cf22aa444f05f28781bc228354a694b7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-escaper" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "29.7.0", + "bom-ref": "jest-worker@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@29.7.0#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "788cf69ac2ff1332fd5054c5171ee305391e65f92ed32500c99659989f771f64d8122ae8231d8f42311773062d625f335c2c5bf8f02603684b22dffa64490f1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "char-regex", + "version": "1.0.2", + "bom-ref": "char-regex@1.0.2", + "author": "Richie Bendall", + "description": "A regex to match any full character, considering weird character ranges.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/char-regex@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/Richienb/char-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Richienb/char-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Richienb/char-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "916597cedbd9e5205057e79180a15e87cab9b0bb99636fbc5942339715954e0fa81b0635e2aca5c7529b2b31ddf0fe99624020d31c880d4f4930787224c6758f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/char-regex" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "2.0.0", + "bom-ref": "convert-source-map@2.0.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afa78e7d1eb576144275080b22d4abbe318de46ac1f5f53172913cf6c5698c7aae9b936354dd75ef7c9f90eb59b4c64b56c2dfb51d261fdc966c4e6b3769126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "29.7.0", + "bom-ref": "jest-changed-files@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@29.7.0#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c402b162c1fd41a50fb86d74a9adc0dcdffc781d2ccbe1a976b68cf05690c5a6cc402e32d87728882b87b9573eba1902486d727cdbedf93edcaca1fa6d357db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "get-stream", + "version": "6.0.1", + "bom-ref": "get-stream@6.0.1", + "author": "Sindre Sorhus", + "description": "Get a stream as a string, buffer, or array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stream@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6ce968beda3de3423aa2ef4c3902537c0c59e44b00be32a9b113374400b076a976585775ff6f50937e03cb18934c7805b174f7d4f053b59acdcd51f68708f62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stream" + } + ] + }, + { + "type": "library", + "name": "human-signals", + "version": "2.1.0", + "bom-ref": "human-signals@2.1.0", + "author": "ehmicky", + "description": "Human-friendly process signals", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/human-signals@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/ehmicky/human-signals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://git.io/JeluP", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ehmicky/human-signals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07814567aabf4f68e1864b2091b116dc706f5887c35bce6c9e44206b0b74ed2ec9e505d393a064355fb4c80799acce50a4c01d625a1c1a89639f4b09fd642417" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/human-signals" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "4.0.1", + "bom-ref": "npm-run-path@4.0.1", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b8f16cd95bbefbce1348ae7ee0c4e94848d02a8bd642fee4059d175b7881e1661080e94aa990e4fc4f51bb06f7dd80fe04afc805e2c51b692d22ed0bc87c25b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "strip-final-newline", + "version": "2.0.0", + "bom-ref": "strip-final-newline@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip the final newline character from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-final-newline@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-final-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06ba6f7cd004ddd72fabb965df156e9b38ca8d9439b48d6c11420aaf752892cd17525e394addc595ab55a9e7fda6b9388d10f3856e96660fb76e4f77cbaa4b8c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-final-newline" + } + ] + }, + { + "type": "library", + "name": "yocto-queue", + "version": "0.1.0", + "bom-ref": "yocto-queue@0.1.0", + "author": "Sindre Sorhus", + "description": "Tiny queue data structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yocto-queue@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yocto-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad592cbec9cd09d27fa2119ceb180fc3237c7a1782c6c88b33c9b1b84fedfe6395a897b03ee3b59a22e94c74224604ca08b7b12f831e00555a82db3b1e6359d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yocto-queue" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "29.7.0", + "bom-ref": "jest-config@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@29.7.0#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b976e97de43b47a4d906a237fd3c42538ab8b6d937bb43c9782f84d336df4a84a3aba6c9edbb813f1cd03cbd227eb918e0336ee0951d9342269415188bce3479" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-config@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-sequencer@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@29.7.0#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190c09e56655aca9ce26e898880179d94354257813671d4d1e3152101d2a10c99264a02474ca08cf0fc28fac7a345e00bd5db7014a83a45cd090dfde602613c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "29.7.0", + "bom-ref": "jest-haste-map@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@29.7.0#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cff2eda9c9fab1d0ad6b1a7d51f69c84d3f2939fe1bb3f192d5a274e053a853cb617d1bf64b1a3059212b9beb4b70d5ba7d3da5c90b765c7dd10b61956ec098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "29.7.0", + "bom-ref": "babel-jest@29.7.0", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@29.7.0#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06bbc6637c594b011c0b32af2ac0a2d86807a83aac62438fe3f6f2e710a023019743120487ef1ec37826ac4d72ed7451e8b1d9223eb22d89d48bf9a6d8a5ca06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "29.7.0", + "bom-ref": "jest-circus@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@29.7.0#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc4d6708c822a5c4e40a8705c0cf745d741a6fd6d2f8632c8dda663eb95e95ac700fddc077c8951235ffbef1cf74b3e715ff8be34bbee7e8aeb51740d4df66cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/environment@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@29.7.0#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69021f1c3ab7dc4c6c3788cfd4d5865e1c6043fc22c6ceb480388a3be5d531df0c9f43563d681cdf86500d36f68ca694590eccbb0a22b5702c3765d55cd32903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@29.7.0#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e31e00cc9cb6da6f6b73f59411c1f157224bd5745c0af71b298fa62a5dc905db05cba190b40e49ef04fe9f7647201d4e84ba643d6d1645fe0a486810213475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "29.7.0", + "bom-ref": "jest-snapshot@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@29.7.0#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "466d01316b7105c8a81ebd7f397e5808ff14a2fe2b887bca3e49ce1acf34e1983d2466609880646ed971242ffb6789ac29855b209b5f53eb4a6fcc6560d7dd93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "1.5.3", + "bom-ref": "dedent@1.5.3", + "author": "Desmond Brand", + "description": "A string tag that strips indentation from multi-line strings. ⬅️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@1.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34742d7ce396ebc583f25832a5b2c0e684fe06dd315c986262fa11e929a635765fa733865f074a5a67301bc37b3f0555595dde17febc9e60fd05a252b13061c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "29.7.0", + "bom-ref": "jest-each@29.7.0", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@29.7.0#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "827b3e12bd78f99ac4a02e5f84e7d8098d4b3871ebd1323ead0507652f13b70da5ee097ef3478773f8057f62ad930d3e4880020d3796be915cbf7074e157a66d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "29.7.0", + "bom-ref": "jest-runtime@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@29.7.0#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8149cb8e0c1d1aa5bb0782ef38891b2acf5619b9fe40ba91410f63b82e879dd78389ecc8c210cffa684cc0758211c7d0e515176ba38f9c517c049879c5e830c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "pure-rand", + "version": "6.1.0", + "bom-ref": "pure-rand@6.1.0", + "author": "Nicolas DUBIEN", + "description": " Pure random number generator written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pure-rand@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/dubzzz/pure-rand.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d559ac2fa19a01629a7ac88a10b505c76639b3df94525479d439379f97c55c8ebf2c9d33d8d709e948f3167a4705c1bc48ea0b664fbad260f16fcfbd6576238" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pure-rand" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "29.7.0", + "bom-ref": "jest-environment-node@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@29.7.0#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ce4b0091a978ab4ceca178cfb87796193ab59c76ed0b359f3b7b0528cb06dc6f65d1e302a0aa21bcbcd798c218c531b1247e3bbbc31d86607d0fda07af1af17" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/fake-timers@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@29.7.0#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab80c7d476b84d314f7712eca835cad5ddfe8a848bef22f9a023096600d89ba8bee82ca05b9139c55aff0f51ddb06c63b7565649f500b3d3b1481fc135e956ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "29.6.3", + "bom-ref": "jest-regex-util@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@29.6.3#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "289241b110b2c8b35608d04ebd9c910e70087d489127cbfe84e0506069fc803c85dd47a0c223f8830451dff4836b8da0d586d5c9c4e2754177aca8f22c50d66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "29.7.0", + "bom-ref": "jest-resolve@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@29.7.0#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20e561652ae0f94bd502c843483b47c8508205497f43700026ff2267a6639d9ef8c73bf0bb32d789df482083e04e763ad922637eeba930a66c65046c0afc4480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "29.7.0", + "bom-ref": "jest-runner@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@29.7.0#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ec73837a70f0806a1c9b1817d345cab9c0547a7e92f39cc838eec639683a6ca1e8ce7156056f4ec01ee4a747496231c3d3801b00dd924bea414e8cf768362a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "29.7.0", + "bom-ref": "jest-validate@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@29.7.0#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "641ef01ea691195c3ff61493fceb85511786eccf2f29eab4fc9d9e80818b76f8c70a662a180461cd79ad822fa055e679b97145db5f5a39cdcbb36c8b836eed93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate" + } + ], + "components": [ + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "jest-validate@29.7.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate/node_modules/camelcase" + } + ] + } + ] + }, + { + "type": "library", + "name": "bser", + "version": "2.1.1", + "bom-ref": "bser@2.1.1", + "author": "Wez Furlong", + "description": "JavaScript implementation of the BSER Binary Serialization", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/bser@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/docs/bser.html", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "810c53344fc601f208ae61cb504de8272a7914ee874417e18e7c38ff032603add91832675819a063f972401a670d490698085b49edfdb71d9dfe24ce01f825c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bser" + } + ] + }, + { + "type": "library", + "name": "node-int64", + "version": "0.4.0", + "bom-ref": "node-int64@0.4.0", + "author": "Robert Kieffer", + "description": "Support for representing 64-bit integers in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-int64@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-int64.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-int64#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-int64/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b9973f75c5239ea173fa0ee9721df965a6af84834d0c5a2b5921bb4f7e8484bea207765e607dc63a858cc35a78f4a83e6dcf9d8f234f2ef6a52f49579405e1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-int64" + } + ] + }, + { + "type": "library", + "name": "makeerror", + "version": "1.0.12", + "bom-ref": "makeerror@1.0.12", + "author": "Naitik Shah", + "description": "A library to make errors.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/makeerror@1.0.12", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-makeerror.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "266a82bd4866b78de669d9691731b8050cc6d99de6eadbd00cd29d0a56673b755b22e749626c6c4f414d24c7a2076f894d295341349b53c41d7ac566c097262e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/makeerror" + } + ] + }, + { + "type": "library", + "name": "tmpl", + "version": "1.0.5", + "bom-ref": "tmpl@1.0.5", + "author": "Naitik Shah", + "description": "JavaScript micro templates.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/tmpl@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-tmpl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddfd2e384010c08a86b965b6315cd883c7d5fd036773f229b89346f37eeb2ee73301a2d51ec9561d9423e081a2125e47b379246e1c0bf406fb1ebb26ba3f929b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmpl" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "29.7.0", + "bom-ref": "jest-resolve-dependencies@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@29.7.0#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d330ffeaac49f92d1eb7b5b1788dc7e5749ef654c1051edb3870875e4291ea5b86e66c030e5233550d15e5c642ba84e011d71dc334e085891359fb9b8be9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "2.0.2", + "bom-ref": "resolve.exports@2.0.2", + "author": "Luke Edwards", + "description": "A tiny (952b), correct, general-purpose, and configurable \"exports\" and \"imports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f6516e8dc379ff68c803572fb4ad2aa01e5bf7f56640959ad709d9dbc8488a9b5ec34aa1d7e0c99031a493dc56de591e454ee45c530600ce265a8e38b463b9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.13.1", + "bom-ref": "emittery@0.13.1", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0de5b06b093aaf9c91f631609c3298b78b0b4b42e61c9262dd93a76f9fc975b6308f79d6f85c509c72238412b3f182c2ee844d3d533d350e3b237095c77e1ea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "29.7.0", + "bom-ref": "jest-docblock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@29.7.0#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abad7b02ec3703ad7682ec9a160b1b15e62934fe6dd9aa1434bc0151b73fd240f5478b7d8b10dbc854c77759e89387a9a15169afb3e67961eb86fb95dd7689e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "29.7.0", + "bom-ref": "jest-leak-detector@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@29.7.0#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91803c20971262d493d8163d23e48c0b7da70e9053dc9d8dbd6271f3e242b82765fc247523810a50944e88ff17b42731aa04d304624d75b07503c5d129b4deb7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "29.7.0", + "bom-ref": "jest-watcher@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@29.7.0#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e3d160ed65e4537565da1e8b6cbb4c43f1f207aad74885fb4aabc12d09acb1104637d2343cdbcf980982592398e923afae3848fc5eff6c602ff51b67b0f034de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/globals@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@29.7.0#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a98b3dddbad2db916d8c345b9b50650454b9131a2a96eb22d54c0f896cfe9f23a27988bf58d0d960f24f79a5c17c72d2b0092ed6571b5e06cdbd8617c0a2dcd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/source-map@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@29.6.3#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3078d3f7942e8a970fae92ccfbc24c4b3171e9e1e9e419bee177850c9970b2f5418e628d88802f6ac18ad9fc73d966c64659efa9e8456e1d3b30c6bb9f76099f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-jsx", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-jsx@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of jsx", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-jsx@7.24.1#packages/babel-plugin-syntax-jsx", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-jsx", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e0adc595dffa46e4308b174b8a684ef4f862ee6b5e245afbdc46553e7aada8218e605328ca4535cf51e080e20787a66a8f5e3b6d8ec7b0b1b891bb060131a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-jsx" + } + ] + }, + { + "type": "library", + "name": "helper-plugin-utils", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/helper-plugin-utils@7.24.0", + "author": "The Babel Team", + "description": "General utilities for plugins to use", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-plugin-utils@7.24.0#packages/babel-helper-plugin-utils", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-plugin-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-plugin-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c5339d7306d3e17146e25fbcbf364254ea2338555bdb0bd0a8cc3c784038ebe94062fc42d7719c12882e306ac651f2962cf4c826b51bdd3765723f16e1f2db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-plugin-utils" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-async-generators", + "group": "@babel", + "version": "7.8.4", + "bom-ref": "@babel/plugin-syntax-async-generators@7.8.4", + "description": "Allow parsing of async generator functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-async-generators@7.8.4#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b727266719067d96b184c45b5e53d7b95169756957a62af65b800c85226044ace4fde0e52173a16f62c75a82e90c5ed3107ca5579ccd872917e8a0201c999337" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-async-generators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-bigint", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-bigint@7.8.3", + "description": "Allow parsing of BigInt literals", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-bigint@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c274e71651be631426def0f1a46139ecf8f4b2b454e2c1c4fe60e4b75aafd9824949e50079cda66b858b52750f78a8f2adf9ed5707bf37a7425e953eccbdcda6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-bigint" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-class-properties", + "group": "@babel", + "version": "7.12.13", + "bom-ref": "@babel/plugin-syntax-class-properties@7.12.13", + "description": "Allow parsing of class properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-class-properties@7.12.13#packages/babel-plugin-syntax-class-properties", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-class-properties", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-class-properties", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e6e227632a56b461a85436014d2c2074ab249db283e264fde2404deb932d26054b4c676df20c9f5225d83a7574d20e7ba5395aa21771e0afd9db5ef5d341960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-class-properties" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-import-meta", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-import-meta@7.10.4", + "description": "Allow parsing of import.meta", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-import-meta@7.10.4#packages/babel-plugin-syntax-import-meta", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-import-meta", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62a7e6f970f1d3e3eb8775527844023d4f35c82f89599da90cf1524b865da5f661a7832414c6830b552ab1ea2f10ac125299c82fbfaf2be0a5a7b6df874883ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-import-meta" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-json-strings", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-json-strings@7.8.3", + "description": "Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-json-strings@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ea4746a561ef8e87b6be4e16ac06a912e051ebd10cc5997e46819186b14635854af2638f016f157db4ff660ac56d794336289ac509c0b6054267a8efdf410" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-json-strings" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-logical-assignment-operators", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "description": "Allow parsing of the logical assignment operators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-logical-assignment-operators@7.10.4#packages/babel-plugin-syntax-logical-assignment-operators", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-logical-assignment-operators", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77cc1a4a19691438a743932dbc653dc4300ecca1f8efe145a277b2d9b68522832bf79da128e2e9d4747b56cce866f3ac57fe3e451b33358ec3d7b6dad2d7b48a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-logical-assignment-operators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-nullish-coalescing-operator", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "description": "Allow parsing of the nullish-coalescing operator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-nullish-coalescing-operator@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6927dfe333c8235bb6403ef2f85f280eccf5f5ec3820610983d4955be6eac29c2d7c595e8900cc77303f47e525583cdf9c7142c7195e153d0f308ad1dfa5cb35" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-nullish-coalescing-operator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-numeric-separator", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "description": "Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-numeric-separator@7.10.4#packages/babel-plugin-syntax-numeric-separator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-numeric-separator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f47e9875f91c2bfb8e9d8fcaeff680db1a73680824427dfbcb35943112bb39a3cea8ea464b5fa7d07e61c53f40530f44b128cf5bc495c8c270611b56b375f7ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-numeric-separator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-object-rest-spread", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "description": "Allow parsing of object rest/spread", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-object-rest-spread@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e8a8c8a31996fdcb7cb65ec90df8fd70506895c16679266a03470c79fb71a612994dc95336b360e0f082c5426f2b58ce3ca2b1b2e58a48e4197c535cbbc9d94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-object-rest-spread" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-catch-binding", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "description": "Allow parsing of optional catch bindings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-catch-binding@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e953c3d0f7359694eac3468aa1e45332207e916840a13db83c0fa4b16481ac5b65e52211569665c0ddcd34f4237a103613ff75155dd18cb5a855382559c495dd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-catch-binding" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-chaining", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "description": "Allow parsing of optional properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-chaining@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a82bd12b1f53019423f15745403645d6dbf770e2f95b183ac5833f1b994b0119890545c6d1c0c87a70826e6dd3eb931470b8676d0a4d2fff03d329b42006392" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-chaining" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-top-level-await", + "group": "@babel", + "version": "7.14.5", + "bom-ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "author": "The Babel Team", + "description": "Allow parsing of top-level await in modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-top-level-await@7.14.5#packages/babel-plugin-syntax-top-level-await", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-top-level-await", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-top-level-await", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "871fbeba92efe54d6b8187f07b5c41414851994e35344be952fae9f2392b48276f1929cce7fa9d44cb72949e8f1b938590168791b4c02939dddff63211244717" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-top-level-await" + } + ] + }, + { + "type": "library", + "name": "pkg-dir", + "version": "4.2.0", + "bom-ref": "pkg-dir@4.2.0", + "author": "Sindre Sorhus", + "description": "Find the root directory of a Node.js project or npm package", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-dir@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pkg-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1d10f36da2a30be00e5955f1014ff1e7808e19e22ff5e6fee82903490a0d4ede17c96a0826fb8fb178b3c6efc5af6dc489e91bb59c2687521c206fe5fdad7419" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-limit" + } + ] + } + ] + }, + { + "type": "library", + "name": "resolve-cwd", + "version": "3.0.0", + "bom-ref": "resolve-cwd@3.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from the current working directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-cwd@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-cwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3ab65a5f631bfab242a47ffa0a94aab7dc4556937efb1d355e737689ef60e8fe7fdf17a52c0917595003a5dcf52070ff2857c45f213a574534d4e43750edab12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd" + } + ], + "components": [ + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "resolve-cwd@3.0.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd/node_modules/resolve-from" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "29.7.0", + "bom-ref": "jest-cli@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@29.7.0#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3955686f0d88b9b37f19262cc444e2fa039eeca6b9f4414c47fb70394dc96f61a728a78c189079486514ac4cf7485566240494759533cbcdec2cd350da066c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "create-jest", + "version": "29.7.0", + "bom-ref": "create-jest@29.7.0", + "description": "Create a new Jest project", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-jest@29.7.0#packages/create-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/create-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "01dcf66dd1f456adc5e772843093a87ed405bad582ba49ba276e306cf5913b893590c63b812eddb3fba826436e57cc030ad5969eec06709c2959c8a1fb3116d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-jest" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "8.0.1", + "bom-ref": "cliui@8.0.1", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05278d9f2bacef90b8fff350f6042dd7f72c4d7ca8ffc49bf9a7cb024cc0a6d16e32ca1df4716890636e759a62fe8415ef786754afac47ee4f55131df83afb61" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "get-caller-file", + "version": "2.0.5", + "bom-ref": "get-caller-file@2.0.5", + "author": "Stefan Penner", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/get-caller-file@2.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/stefanpenner/get-caller-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f214fdc133fdd81d340e0942ffc343991d1d25a4a786af1a2d70759ca8d11d9e5b6a1705d57e110143de1e228df801f429a34ac6922e1cc8889fb58d3a87616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-caller-file" + } + ] + }, + { + "type": "library", + "name": "require-directory", + "version": "2.1.1", + "bom-ref": "require-directory@2.1.1", + "author": "Troy Goode", + "description": "Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-directory@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/troygoode/node-require-directory.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/troygoode/node-require-directory/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/troygoode/node-require-directory/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c6c4423bfb0b06f71aef763b2b9662f6d8e3134e21d1c0032ba2211e320abc833a0b0bf3d0afb46c4434932d483f6d9019b45f9354890773aff84482abba2f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-directory" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "5.0.8", + "bom-ref": "y18n@5.0.8", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@5.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d297c5cde81e0d62472480264cb44fd83c078dd179b3b8e8f6dbb3b5d43102120d09dbd2fb79c620da8f774d00a61a8947fd0b8403544baffeed209bf7c60e7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "2.0.1", + "bom-ref": "argparse@2.0.1", + "description": "CLI arguments parser. Native port of python's argparse.", + "licenses": [ + { + "license": { + "id": "Python-2.0" + } + } + ], + "purl": "pkg:npm/argparse@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f3ef56a9e6db173a57f4e47e59ae8edbd6ac22881e44ccdc1ad00835da4c1c7c80835d1fd3969215505b704a867ff3d7c35123019faadbf6c4060dc3beeacadd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "json-colorizer", + "version": "2.2.2", + "bom-ref": "json-colorizer@2.2.2", + "author": "Joe Attardi", + "description": "A library to format JSON with colors for display in the console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-colorizer@2.2.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/joeattardi/json-colorizer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-colorizer/-/json-colorizer-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7aa19b70575a625eb42744d4ed25ea91bfe07d63f7570182ea04169897f08e71476867180b04b00ef3cf829e46d3e8cc4db3473913d98f0486f6b0570dcf7bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "json-colorizer@2.2.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "json-colorizer@2.2.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "json-colorizer@2.2.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/has-flag" + } + ] + } + ] + }, + { + "type": "library", + "name": "markdown-diff", + "version": "2.0.0", + "bom-ref": "markdown-diff@2.0.0", + "author": "Martijn van Duijneveldt", + "description": "Generate a diff between two markdown files in markdown format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-diff@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/martijnvanduijneveldt/markdown-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-diff/-/markdown-diff-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "625ac74890b6ac0b1e707082ddce556a178aec6a6dd749040552aa2b9012ead91b4e2fa1bfe9393d73e517e8aa010ff7e9720d36aaab2baf13f6811a66a49174" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "markdown-diff@2.0.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff/node_modules/diff" + } + ] + } + ] + }, + { + "type": "library", + "name": "marked", + "version": "12.0.2", + "bom-ref": "marked@12.0.2", + "author": "Christopher Jeffrey", + "description": "A markdown parser built for speed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/marked@12.0.2", + "externalReferences": [ + { + "url": "git://github.com/markedjs/marked.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://marked.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/markedjs/marked/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a97526edefd8285a2a14f60f6b752483dc6523973202d1a6c8423331f5bffe6ea45f00b2d8fb3d0d87f98a88a314a43cab2bac72b1e8634e2224672dbb62a0d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/marked" + } + ] + }, + { + "type": "library", + "name": "markdown-table-ts", + "version": "1.0.3", + "bom-ref": "markdown-table-ts@1.0.3", + "author": "Jiri Hajek", + "description": "A zero-dependency library for generating Markdown tables written in TypeScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-table-ts@1.0.3", + "externalReferences": [ + { + "url": "git+https://gitlab.com/jiri.hajek/markdown-table-ts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts/-/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-table-ts/-/markdown-table-ts-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ae9ec55e606aa661a6b0417dd969d2ba476062f2e6d7914f20e0d93b1f7ede7a1b9312718c161cb33a997f956a4e306d2123d2342ef38d4f68df3c292fa01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-table-ts" + } + ] + }, + { + "type": "library", + "name": "mocha", + "version": "10.4.0", + "bom-ref": "mocha@10.4.0", + "author": "TJ Holowaychuk", + "description": "simple, flexible, fun test framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mocha@10.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/mochajs/mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mochajs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mochajs/mocha/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mocha/-/mocha-10.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7aa84607c24a6a9118702e32b57ff1af329fa2b8047378f5a469405d5cb7791c2bb40cb9fe721f4f54af806cdf3745d967178bab46905a4394026a88262bfe6c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.0.0", + "bom-ref": "mocha@10.4.0|diff@5.0.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.0.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd54c2aef9b9674246b72fc158796387e0408b0dc82beda3f3b34632ef0dc1cfdfe3c5a80c00b7f79ba898ef590f5d7b64e05a1e6917d68c8bbe454cfda213df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "8.1.0", + "bom-ref": "mocha@10.4.0|glob@8.1.0", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@8.1.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afc869123890118945d9053475fddd4be9f1c5222b797412d6a461309334439343751dfce82ee36fb1f0c2877c1608ae7b1fa4d0616381fb75f32bf19b95e809" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/glob" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.0.1", + "bom-ref": "mocha@10.4.0|minimatch@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cb0f12054728436e5cf7a8cbaaf92a116440f8fa6889fc6fad743ae39249119e302c05ec5e1a98232c44346e5272eeb1e14766fddeb8506384afc96bbdbf4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "4.1.0", + "bom-ref": "mocha@10.4.0|log-symbols@4.1.0", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: `✔︎ Success`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f173efa4003cbb285fb5ebbca48bd0c69259ed2618769522bd9a46cbab05b01b8a458ffbad019abde75e07c68af99932ababa930554bffd016eaf398cdf4722e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/log-symbols" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "16.2.0", + "bom-ref": "mocha@10.4.0|yargs@16.2.0", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@16.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f59afbed0c6d0be5fb7f8c65a42e91b5fa6d1e43139f681bd33442eb6968f6db049550c5b1654bd880961c2a1ea3186224245847e0864f4214784caa5cf2607" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/yargs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "7.0.4", + "bom-ref": "mocha@10.4.0|cliui@7.0.4", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39c444ebc70eb15317a7562fa2797f7f39103b28cb4aeffc6e13c37d0b747b4fc46f6f374ca3f6d05b3632aa0fb2bf52c00e7de6b44203e40ccd873d9c13fe25" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/cliui" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "browser-stdout", + "version": "1.3.1", + "bom-ref": "browser-stdout@1.3.1", + "author": "kumavis", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/browser-stdout@1.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumavis/browser-stdout.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa1015235f80bf65fba9e94e7c0218c1738da2877a5e5644fdf5da052996fd3e52ccb0260a0ce2f9e89613b7d4bdb1da78d0501f5dd47ed8e95f1b1f2e432983" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browser-stdout" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fill-range", + "version": "7.0.1", + "bom-ref": "fill-range@7.0.1", + "author": "Jon Schlinkert", + "description": "Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fill-range@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/fill-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ea3d17e74c5260b62dc6f805b56f9ca2714cf8c29be451a5ee200ee1abce42fb984565fdd8d84aed8e750d8f6b7d36378a2a91283d8abea368b589d94495a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fill-range" + } + ] + }, + { + "type": "library", + "name": "to-regex-range", + "version": "5.0.1", + "bom-ref": "to-regex-range@5.0.1", + "author": "Jon Schlinkert", + "description": "Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-regex-range@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/to-regex-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb93fb8b3e97e7212bd5cc1c82f4316db230ed493780ecb974876d678ac3bde2ea86b7493fe2e2fc7c7ab722b43446fed860b29de08c2621aaac00c248d93cb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-regex-range" + } + ] + }, + { + "type": "library", + "name": "is-number", + "version": "7.0.0", + "bom-ref": "is-number@7.0.0", + "author": "Jon Schlinkert", + "description": "Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-number@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-number.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e350a27e483a7bc4f2952a5db53a5e2d532abd20445734edb47bc4443ef8d7ea6767c00dbf4d34e0c44be3740a3c394af5c1af369e8d6566540656c65d8c719e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-number" + } + ] + }, + { + "type": "library", + "name": "is-binary-path", + "version": "2.1.0", + "bom-ref": "is-binary-path@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a file path is a binary file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-binary-path@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-binary-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64c11161eb3aa43c9dcae1a276c7bb3ac1f1b5b23b595794128ce047f83baddd31522998365bd9444fcad8c8194e35b2ef6e487de94b79570433dee69ad4465f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-binary-path" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09e87eee8c79a9eecb26e2c7a18d1f7a1de91ee5031c071151ec8bd95620859c1fa64348cbffbc39c8346b752e4a86336af9b2970b8b59039fde19748e330c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/binary-extensions" + } + ] + }, + { + "type": "library", + "name": "readdirp", + "version": "3.6.0", + "bom-ref": "readdirp@3.6.0", + "author": "Thorsten Lorenz", + "description": "Recursive version of fs.readdir with streaming API.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readdirp@3.6.0", + "externalReferences": [ + { + "url": "git://github.com/paulmillr/readdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/readdirp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/readdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e4b4f3da27f1176ea9d6e1bd0e59dfb0341128ecab3eaa9d171f7ec314df8f7916e4dda929beedb849dbd26f20eb010c41276a7e433eef6ddd3a3d55194ccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readdirp" + } + ] + }, + { + "type": "library", + "name": "wrappy", + "version": "1.0.2", + "bom-ref": "wrappy@1.0.2", + "author": "Isaac Z. Schlueter", + "description": "Callback wrapping utility", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/wrappy@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/wrappy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/wrappy", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/wrappy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9784a9fc346c7a8afdc0be84bd5dbe4ee427eb774c90f8d9feca7d5e48214c46d5f4a94f4b5c54b19deeeff2103b8c31b5c141e1b82940f45c477402bdeccf71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrappy" + } + ] + }, + { + "type": "library", + "name": "is-unicode-supported", + "version": "0.1.0", + "bom-ref": "is-unicode-supported@0.1.0", + "author": "Sindre Sorhus", + "description": "Detect whether the terminal supports Unicode", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-unicode-supported@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-unicode-supported.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "927c46daae140b7bbcb2d446c8054908e771166bf90d989171d94868041701b49f2726be3a1a29368b4b42bb2d061aaeaaee19a6e29b0dcffc4ba9a05e03c53f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-unicode-supported" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "serialize-javascript", + "version": "6.0.0", + "bom-ref": "serialize-javascript@6.0.0", + "author": "Eric Ferraiuolo", + "description": "Serialize JavaScript to a superset of JSON that includes regular expressions and functions.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/serialize-javascript@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yahoo/serialize-javascript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "42bdd3a2cbe0b85b7c78f5aab2f45facac905c8896fa719b629cbc5cadb83501c4f3771ac56b7e988ca64d3d7d0c615b35634b7c4c2cae44a637ae2555607d6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serialize-javascript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "randombytes", + "version": "2.1.0", + "bom-ref": "randombytes@2.1.0", + "description": "random bytes from browserify stand alone", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/randombytes@2.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/crypto-browserify/randombytes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd897788e5fee022945aec468bd5248627ba7eca97a92f4513665a89ce2d3450f637641069738c15bb8a2b84260c70b424ee81d59a78d49d0ba53d2847af1a99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/randombytes" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "workerpool", + "version": "6.2.1", + "bom-ref": "workerpool@6.2.1", + "author": "Jos de Jong", + "description": "Offload tasks to a pool of workers on node.js and in the browser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/workerpool@6.2.1", + "externalReferences": [ + { + "url": "git://github.com/josdejong/workerpool.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/josdejong/workerpool", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/josdejong/workerpool/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/workerpool/-/workerpool-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b10813dee40d9bc5f566fd7fa8796972b8b304a528651c3841a22186f638ebbf22b0d4f62c23d1f0fffd2b00e84e626f0271a44be1ba59496384a5e0672903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/workerpool" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "20.2.4", + "bom-ref": "yargs-parser@20.2.4", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@20.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e92980d84f4e513bde1e1514016c3a7a262556a8bcef15a8b0f3cb9b1a0a1441150141a0c622ae8c325be43d1c1e07145e19ed5653886de24b3249036f7244" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-unparser", + "version": "2.0.0", + "bom-ref": "yargs-unparser@2.0.0", + "author": "André Cruz", + "description": "Converts back a yargs argv object to its original array form", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs-unparser@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-unparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ee9453200f5073571a6746d9e9161119b1c9b61256b9a91ff969872b4ad578b90daeb1a17e869b04d76e7ba91d20d23aaf889fee872af5a0ff9fbc7028e77338" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "yargs-unparser@2.0.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser/node_modules/camelcase" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "4.0.0", + "bom-ref": "decamelize@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f621353e04a293d1de208c3624ef78222767137781a10ac5277c3bb05bb3497e03a66677bf9b19a54895e52c1c7fa990105f98d2bbbc35ea3ea7e9f287627e85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decamelize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "2.1.0", + "bom-ref": "is-plain-obj@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6169dfc91c312fff92b2b5987cea54b73e5bdd80fe9f27e41ef8db71a9f393cce0c8ee00483ebbb95311b7c9396cce252cc0e75dfae24613a97a6c3e35f4f578" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "version": "5.2.0", + "bom-ref": "mock-fs@5.2.0", + "author": "Tim Schaub", + "description": "A configurable mock file system. You know, for testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-fs@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/tschaub/mock-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tschaub/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tschaub/mock-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9d17647a60c4996e98a9d55d561ca18b363aff938f2e40296a3156f91f730ebf073daa1622b37fc859b8f4daa220fd8f0c0d7285178739bf4af1c76a3ac5367" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "version": "1.3.6", + "bom-ref": "objects-to-csv@1.3.6", + "author": "Anton Ivanov", + "description": "Converts an array of objects into a CSV file. Saves CSV to disk or returns as string.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/objects-to-csv@1.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/objects-to-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/objects-to-csv/-/objects-to-csv-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfcdde4a94b786680292c5bce4a22a06d71b8125b90c356c0a6ccba0ce82deae32cce5f6ae6b56c45e296cb27be9fcfeb9f03ee3f4b0013e1075a63a2145a602" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "async-csv", + "version": "2.1.3", + "bom-ref": "async-csv@2.1.3", + "author": "Anton Ivanov", + "description": "ES7 async-await wrapper for the csv package.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/async-csv@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/async-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-csv/-/async-csv-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a9b0237e0fb9b365eaab943c3b5133e1bc3403971d62f35f44f5f6ca22df1dae48040f91523a506fdd193ffac5dd7af9cedb0c2546454e43891d4f4032a8fa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-csv" + } + ] + }, + { + "type": "library", + "name": "csv", + "version": "5.5.3", + "bom-ref": "csv@5.5.3", + "author": "David Worms", + "description": "A mature CSV toolset with simple api, full of options and tested against large datasets.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv@5.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv/-/csv-5.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "413698d178e385340e760b80445d2518a9b9fe612af4f0fdfd585965e8070c806adad43080da47737767783e261a8da226cf9f4cabf9069d1f67e051b98dd9d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv" + } + ] + }, + { + "type": "library", + "name": "csv-generate", + "version": "3.4.3", + "bom-ref": "csv-generate@3.4.3", + "author": "David Worms", + "description": "CSV and object generation implementing the Node.js `stream.Readable` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-generate@3.4.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-generate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/generate/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-generate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-generate/-/csv-generate-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3f4feaea474bf0bc7a96b3fd59c8c0d6b471d225a374ea4951a895c11290c968cffe75992ca3438a87555cbae62f2b75cce772b2b1536af0aa3f7a908af303b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-generate" + } + ] + }, + { + "type": "library", + "name": "csv-stringify", + "version": "5.6.5", + "bom-ref": "csv-stringify@5.6.5", + "author": "David Worms", + "description": "CSV stringifier implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-stringify@5.6.5", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/stringify/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e3890eb9f5a43e7d44d0a92addd571039ceaf9da3877d1106eadfce4b1c684dad3da16c0c7e703801c98b0f17007a614649c2c0c504f4a45ac9ce0afcd6cef0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-stringify" + } + ] + }, + { + "type": "library", + "name": "stream-transform", + "version": "2.1.3", + "bom-ref": "stream-transform@2.1.3", + "author": "David Worms", + "description": "Object transformations implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-transform@2.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-stream-transform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/transform/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-stream-transform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-transform/-/stream-transform-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f461d488ce613220a2e98d378c3d80442d5eb6d0579100684007bb9c9b0f9279c8d28c35d1a5e34e77b0f10b584262e3ce7f7be019e658400980263a64fd4379" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-transform" + } + ] + }, + { + "type": "library", + "name": "mixme", + "version": "0.5.10", + "bom-ref": "mixme@0.5.10", + "author": "David Worms", + "description": "A library for recursively merging JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mixme@0.5.10", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-mixme.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/adaltas/node-mixme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-mixme/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mixme/-/mixme-0.5.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e47efa00d5a29c1d47dedc2927a258f2ebc0b69985bc7340ae98a52408d744a5d20c32cf20ca1902bc39487d2af73fa52ecf08accc3b436556a568a614a153d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mixme" + } + ] + }, + { + "type": "library", + "name": "oclif", + "version": "4.13.0", + "bom-ref": "oclif@4.13.0", + "author": "Salesforce", + "description": "oclif: create your own CLI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/oclif@4.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/oclif/-/oclif-4.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c12b4e4be3963c2c513ca2bc87a037648009aeed940377b6f568d791ad2085e0fd64a60375495d8e3b6df2d2930dfac3ac64009d17f06de32f4baea28620726d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "oclif@4.13.0|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "oclif@4.13.0|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/debug" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "oclif@4.13.0|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/ms" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "8.1.0", + "bom-ref": "oclif@4.13.0|fs-extra@8.1.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca1950800ea69ce25428eb11505b2025d402be42a1733f2d9591b91c141f45e619cb8e8ec0b718f9989ad26b5d1ec3a8f72fe13fe0b130dd1353d431a0eb46e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/fs-extra" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "4.0.0", + "bom-ref": "oclif@4.13.0|jsonfile@4.0.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@4.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ba175477cfc8e395fda29901d2d907b3e6c8ca590cdbbae86e27f14a605459bcf1373ee1dc48c559cdfb0b84654e91f776d286cbe5258405ec394a196ab8dc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/jsonfile" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "0.1.2", + "bom-ref": "oclif@4.13.0|universalify@0.1.2", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@0.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac125e2390970259b2d6957eeb5ed607d27add4e9771acc71c5d9fd9d6c98b1e17ce9505d114b765b8f414620e080bdae4ffddfc604e61a002435c3ed1acd492" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/universalify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "client-cloudfront", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Cloudfront Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-cloudfront@3.575.0#clients/client-cloudfront", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-cloudfront", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-cloudfront", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-cloudfront/-/client-cloudfront-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a3a39ffdc9954b510287ef7fc531f8267a2b003663279a9c563b7b40ef5cad4106549b9183585e20e327c7a14d6745e453c284854a1c3b32f69d641a6e08693" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.575.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "602b2d55a5b9b40bd7b3ebf82d1f603403be55184839b8e4d7f92709d550e504114debed550b5d25678dac3658a38013a343871b2a860a3e59d3d4d632ff9ed5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.575.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0cad3e09d9d462b247f42453062f954d06a3ef73a8a035adb5f0b1812731d798bb26d567c60869dc7bce11ed4d944abf283ce7a7bb45f34822ef310c996c659" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.575.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d75ed4fa44248b65e829c6107dea6695170dc67eab10b1a538538143c6762530571181db956da47b4ebb6b408b9b1170a7fcc25ae73b2068ddde29f7c78437ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.575.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac474da6a5b68c47399306dffecf57432c0c2d094890c8ee08aea6c3db05d8e5511871959e1fba7a1ff5245c7c2a3f9e539d5cb627d0eca6877bc746728f0761" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.575.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5765a82c1897342738ac8599b7a15470fe13374564d3603d3cf0815a44dfc8ea288aa7eaf96666663451069c25d7ee54b2f011b25aca585d15ce178c4573c92d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-host-header" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.575.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec310ac7d675d4c69ac9eec57e162d0bcae36ccfcf70570c3b637840401fca97205828fec3882c784d8e19d7c01fd3850e815ce98bcba79defd7abdb3e3cd04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-logger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.575.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae2f3d95d445a2ce8a64319a92758f4b65cf3bdaabfa067bfa63daa14f189123355b8b8aaad9d448e37273e3b7085189aea45eb861e146ad25d9295dd1b8f03b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-recursion-detection" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.575.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7d696be117eb50d4b64773e03fe5aca0c60e44082fff8ecba742747dbddd5ced58bdd73335675d45b152517d8c43133fcbd5c57d03cba4b83396e8682f70a37a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.575.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0124ac1358a096bbdcbc1735c88a3606c242abded0e43d733b072953a1ee96fad1a4a783a2ad5e225eb580f7345e3704d37a9a311ee7e87ea8c62bd06d708f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.575.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eb9e89501acd305f176036e762ad1d783a034e6ab1fb59489fdfcfb63dde289d91fe2fb5e820b7a6d04800d6d469805a70da914795908d6801c33520446a5ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.575.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c02e71f95eb0de446547a5fa5d520db003c3606f93cecdd6b61970f982ed8ee3ce0d435921002ab000476a1c677a417202fb1efb5f76f47c28f8268bf811d918" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.575.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8800e89d7c9a5e0c2f0b84f4a91b8358274a227cfcd865f67327b3abfa2a5652fc6cf63b1c3f23c1966bbae25dab9b646898b51216cee3e7f592c66a3a264abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.575.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "930cef05f0342e820b0ce152e8157cb8e924b011eb62e94fea43577a00797999c348d89ae436c1b17ab143f1e49cd1796b8dbd496430d9a690244810bd907554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.575.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "613829ab7aef6015f35ba3930c1d34704efd7af42db2cfe5cf61a525782aa955c3d26ee2efb84603ccdbe3855ebcffd6c6d0da8925bb4928eebbc542046b20e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.575.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c507d599823ef4aa91be1598f1fc84967a5c5540415208bf1e88e2de853a58bad48eb5fdf24f771deee0283412c877fbca430b5002585b0b15e008d0da3ea78c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.575.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d33a6bfe5552e3607b773ac91bb1bcefb8b2b2e849fa877e44067d40df8537532699639697e773d877cf6362d7e6ae78e1cf64c34558892d1c3717e7050606" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.575.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbfe4d255ecc672b0a825a89490fcef0e10b35cc0b707df192769b2fd35a82dcc1ed1341da9d405174745254decbdb120cb2f8a0298d6bffae9d8ba0956fc086" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.575.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36d5c0f4e3c82aca9abecd85ee184b4ffb766438f026cbd07af8f7d68bf536999335831cece585583a6d386eeba69b1632c93928a99f88bdaa5624099decd734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.575.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41cbd51fbc29be91515c600680205f41e885fe9b43d0d27e1eb73c74361f3c6845799d04a1540160da612e2db9c5eec967e5db6aa08aad444766daf87c010e27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.575.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a5156a40b64b43dd7072e3b7ad1bcd062972bd2e1dec3423172e3712b34352d1f751210252db32b10bca8adb651099d14aa57c6d84d0f914a93b7cd12aad1fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.575.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f3433d0a109232aa9f80f6b7bd2a5736df76d95a032f4a05d1b9f2a0f5c8d595c6af1187f957770981f9a1363d26a1b727d58a465d091a19885cf10e1e4850" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "xml-builder", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/xml-builder@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "XML builder for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/xml-builder@3.575.0#packages/xml-builder", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/xml-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/xml-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "716800c266c560d085ccfc312fbd39fa55a9b3417766f39c92e7ddd8a2a8119526b69570f7fb7151736b3f24945d29914d2461a1ab4830004d7d2b56474e376d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/xml-builder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-waiter", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-waiter@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for client waiters for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-waiter@3.0.0#packages/util-waiter", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-waiter", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-waiter", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-waiter/-/util-waiter-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9f1172711832c2a2a44a5529a8d1ab86c5aa9b882a3ef28a61fb86ae79f62368dc6338b2926363315507d1ce8eb93da66fe1fafee655a0f9abbbbd2b8927fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-waiter" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-s3", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript S3 Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-s3@3.583.0#clients/client-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a52ef09dcba04ae210f1182d44813d0f2b2d76677798c9e37e388ed62035521197932020a09cd0e231f4afee57f9e5a660761071fcbd7d44174f682a577b7d18" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.583.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cedf09ab1573e2da4344e3a943d570137d1aef74dc577780e54c5a2ea169abee5beaa1491c6e6b64576aff5c2859036cf41e20daba9842d5ef1bf2568955e4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.583.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4333189e98f0d6afd758d90e00ca2c6446793f86f4ba7ece8e5b1b950b3d563b8ed885a01f3ac10602040c8032cb68e7e3fe82d4e43d78b9334110f1a1e2b04" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.582.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1f983f7a21073d83575bcaa942cb1bb97c21bb90897da75368379faf1815322dd6e63c25773dd83df6744760426ebf63201b1e405051833cc1dca9b2699d923" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.583.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81372a415e7cbbcc91fce52cf10e3f2cd666cb5eff5cfd56ead2a4774773ce8f689d67acb007faa52110b55f006ebf8f56be0f24035c0a5e4dcade3ae971523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.583.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c553575d70d6bc1548fc0795b52740f5256e9aac6265a11293f269527f463249ad4ca7ed7abd02c1e6a9fb5890f63f1b4403b4bcd8662246dcbdd0754b859553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.583.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642f666f68eae811573d8b14b03dad99872796677ef4f18dc2714d9fc8e4e1a6e76b9263936c0392737cd726e4b66051e6db4df56f2e82692db8ab6f00c20309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.582.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9063942b0e6bc8f90321807af4f8cadd289c54b4db581d3aa2e14dd96d44bea509a644063c0506cd872898ab6dde625a0937ffd647e8687c0044097a28a48ff1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.583.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d2858d83fca9b3a72d8e111e2ffa89f4121affec573fb44f0d0a85299db306459b98b2cea0c59746f97cb8a5010faa827be0c699cbbdb247d55de5d27ac11" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.583.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bfd44bcbf6d05ecd2894fb4ead1b82bf90ebc57cf8e785e4f82525ea8cf33bfaf8cace0a768f1a7527d30c77af73b388d55a89fddf6ccc786823ac2a65ccc12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.583.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d276326881b596708248f8f862d5af3ab0983e83f05069b6b15993b3e71a449feefd50f2dc58348ea063ddfc4518582789415b870d6e13ef5a80f1025f741f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha1-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha1-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha1-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha1-browser/-/sha1-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "349b61e5cf7dec62c7b3a9ce613cc52936d874c340ebfd5794a5609d9a1a65c43bcfb50994e823d8975b1c4f2d8982d2ddfcd734282e72defb48f19ab76ada4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/region-config-resolver@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.577.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e0284214008dc33ab1ff18e0df3805716f00962e91f42f797051022964ffec250cd43d0c1af91c9521f670b6ab9870a626053aa272a426ba05b56a74907860ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.577.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eabed1636d232dc9c653595c037bc0d15a8beea0c6c0e789e1528670554eab5bd3920fa359586479d7605418715a5b35b45a0f3ef838f5d05aca4c6d97b6a7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-env@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.577.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "271bb6e798f4813a0c1848aab9f3fc66d288f075bdd2538b8f02772eb7650ff34bb00634b4e41fd5f59ce77bb6f215a698d18cc660ab2f6a7ae883a030384353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-process@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.577.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a29fa056b4e897c488084eb27737073e6363f5b954fa86e611e0471b03f0c950f5b23b49fdcb95052dec0fbd56cb9119f5e49784a84ac12d4ac772592238ab7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.577.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6461c6351682b49266b336fd5139c2ee2ccd0ad454b6d74f94b74c921e3528f4b7daf7ddac10c7b3526ba5b6628c8b518f5c4ab8e5ec8984972c068719c2e1f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/token-providers@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.577.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d02908669702dc3350250d610e39b66dd4b2fd78ececdcb962f4ac69c6ac18e90d7e4f85764890cba37aedb657dd96dcf4a231f8dcf86eede20de3523699679d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso-oidc@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.577.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e398a48f0d6b9e59661516915c6763f77c8ebfa5d4150dad05802c986613a724b8041d921c04183502c9e455669c06e2e8a69f5756dda6fbb84eeae818d7fd6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sts@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.577.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e74f4a9258a6bdad575658466e94e9797de438fe8e4699b8e2dc09c431e96bd4d445b9a86b18fbbde5a59cb09b0e8af10d3adbb03821bd866c86f70bb288d5a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.576.0", + "bom-ref": "@aws-sdk/core@3.576.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.576.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.576.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "283bc395b7a2a524c87fe7df2ad4e0d66e35f532bbb3d9994960bc6efb99f6ac7afec8d014e5c828e56acae962e839dfc466ef45cc2846e63df4e7021f537fd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.577.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a96751ce32cad704d7337341d0a6fd15323a80129734f43500ed183781425f9fcba684c2fb03b6d79d4caa3c0f92e78ab7f7b51883595e40a7529f6dce8b041" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-user-agent@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.577.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f9e470178309a21c7a45c792443ef3a701b7e137bbfab16bfd3c142cfb3dad0bb42205c3d2d1c74947a3df57b2759f854f2b9dbf3a7acade5f55c5d43b32cd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-endpoints@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.577.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "163b94cf529dcb8665cb6abf739f2da5da8777acfb88e754fdc698ce873c8f08001c10c16c824d40b094f615c99cf57633ca56c500f2219b28570b66bc4acfcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-http@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.577.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fefb2842a7aedbf7e651184758d6385a981e44fcef90b080ce3d2b9199d69218c08e77cda850428f8085445356e4ab10ec071822116bafb5f84aeac3620d2d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-ini@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.577.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abb9473edbfa06346f0a1504de6d2d21a1192b13d3699d41de52b1198b0597754b02ee4df3218250ac2e0358b37f8b9c4fe2f22ac7151aa2ba543671d5ebf79f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.577.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8959b9490bd2ec48194c9b116aa50e9834290503cf3dab78d9209b585bc540e2eb97ca9ec2af0e3fde21152e70da63fadb39e0798cea8499c37a5efd1d76f17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.577.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "070ba3757af276593a504c8f99ec26e46a86e27910e8e5724614bf4b264fffa50a485bf6fec7f7f750a6cf484dd22b544c7d6b4785de2e59fc5c23ad6ab92bce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-bucket-endpoint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-bucket-endpoint@3.577.0#packages/middleware-bucket-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-bucket-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-bucket-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b70964357d95a1f33a9075f30c48893a260273db550017b971bcb1300ad15ac708b02586f666a63e10bbedecc6e17b0df5d144c157711180f90aba66ff91148b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-bucket-endpoint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-arn-parser", + "group": "@aws-sdk", + "version": "3.568.0", + "bom-ref": "@aws-sdk/util-arn-parser@3.568.0", + "author": "AWS SDK for JavaScript Team", + "description": "A parser to Amazon Resource Names", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-arn-parser@3.568.0#packages/util-arn-parser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-arn-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-arn-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-arn-parser/-/util-arn-parser-3.568.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d4289596a3e28e07b7db9cf3f4fa0fe8e54964bbf5f9dedee2fe1fac3c7af9c71613249f426276d3a28f799b3c5eef15af90baec36d27c2fe327367f4836cdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-arn-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-expect-continue", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-expect-continue@3.577.0#packages/middleware-expect-continue", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-expect-continue", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-expect-continue", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9d3e9f13bf8174a1fe2e9f9200c86eaafbe1ab46b3504383f6340301d56d153b826812ed42f0689ebdb6c32e2f3c4c52059ad2a99c70743830b3c27a1ef09b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-expect-continue" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-flexible-checksums", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-flexible-checksums@3.577.0#packages/middleware-flexible-checksums", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-flexible-checksums", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-flexible-checksums", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "207014122a487da823c3dd8b57c48e48188217b667a9f1dcc35e0891c656dbf99fac2cb5161fe4e343284bfb774eba36b50f75ae040fc14a12801fd00a2d8eae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-flexible-checksums" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2334a0b2bc5472cade8d06cf5629482b2d7a9004f9d84c01eb349a23e337c712212a1e7e6a5744caf23ecfa7ab33b4c22c1d8126c16bb478e9ebfe3fb2bfb774" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "crc32c", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32c@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32c@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32c", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32c/-/crc32c-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10d34f3cc6a79a7549e014d794e8c0803ed446275b0339d446a0f42af7d1132738a36d033d874495d5357f9710ec96e3d0224948f68c224ffd66c85d077db5d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "middleware-location-constraint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-location-constraint@3.577.0#packages/middleware-location-constraint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-location-constraint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-location-constraint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ca3d30f60f6b3eb76414a3f21762d55affa527f0667ea61493064c81371da47d9cf82b06af865fc92734aa4d5dc67c25e455d16eec2ae3a17ec167aa9679350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-location-constraint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-sdk-s3", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-sdk-s3@3.582.0#packages/middleware-sdk-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-sdk-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-sdk-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c9a90a4ba0b6993d12382ff5d951e1e477d5152bc540afd477f30bf4a2c19e313bf30fd8b0cf39342364ed06a15d6bfe71101d58815619c32aaf992b579adb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-sdk-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-signing", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-signing@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-signing@3.577.0#packages/middleware-signing", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-signing", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-signing", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "412fdd877f8da996d7b58d23fc367cebba203f8d77a46e5c146a81cbd39e3a10ccb2895cc0bad06e2d12d1ceb6d5d73540dabe7abf5f7da32167f68f9325d722" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-signing" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-ssec", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-ssec@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-ssec@3.577.0#packages/middleware-ssec", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-ssec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-ssec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-ssec/-/middleware-ssec-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8b604f251faba7cc6645520673487590344570cd89f469c296aaa973e34b4a399869d95c83898f9258accfd1f3c0555c44f2795dc19fdd4e0162ce46f3e893ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-ssec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signature-v4-multi-region", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/signature-v4-multi-region@3.582.0#packages/signature-v4-multi-region", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/signature-v4-multi-region", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/signature-v4-multi-region", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68508e8e336a117da5f95f108ce5b2e45ec2b47202fd1958741bafdcda3acb19fea4cbd55147bacdd324db21d672e755a475accaf719cc050196200f7852cfb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/signature-v4-multi-region" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-browser@3.0.0#packages/eventstream-serde-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "341ec01623cde0dc4ffd80809ebbd8475f33dbf66c887885ed5b46df482c84ef466c5ac86f5ac2f1ea78346a49496af3e8feb8ba13d77a8e0cd14b022e764aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-universal", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-universal@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-universal@3.0.0#packages/eventstream-serde-universal", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-universal", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-universal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1cd15f4a19a8b5619e0285b8ba33fc99e57d0596af72999eac36cf2239096f129b37c46c51ca5143fd8ec88c563715cd1f6196080c6e481ef29e62062654370f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-universal" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-codec", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-codec@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-codec@3.0.0#packages/eventstream-codec", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-codec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-codec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-codec/-/eventstream-codec-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d4b72100d0e8a4e7449a105099d163d5b45f6dcffb5ecded9f0e9b56e9645797e46b11e9c7f146c48ee74ecfc89a922325de513794256a61fd98fb39cbf1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-codec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-config-resolver", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-config-resolver@3.0.0#packages/eventstream-serde-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "454406def4372d7ee97aaa8701b99aca182b1796938a53e76b38a7692185d4fd3eb60337bef21158f1e694b233daa16a07d2ea148c5d8adc5cf0ed99ea9b2b47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-node@3.0.0#packages/eventstream-serde-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-node/-/eventstream-serde-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da44f74c0433011316572140283c69bf867b62c63b7f545a54ebe5660b2898258cd11d1c68688d4c37ee5713e8484bc009d860872cc14420e2f3abdc71d4481" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-blob-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-blob-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-blob-browser@3.0.0#packages/hash-blob-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-blob-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-blob-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-blob-browser/-/hash-blob-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd66e9760f9bc09bd6ee5c51ff3a5601cd7fc7f62472a82eb85d9b033909aef5eb899bb5be6f2bf8f51d138b32895c1083b3cf476757a62dc22c16fda910da55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-blob-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader-native", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader-native@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader-native@3.0.0#packages/chunked-blob-reader-native", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader-native", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader-native", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5439290985bea5e4ae338cc98a9e560dfaaf836328fdef32c4ebf7545d66d75cbb07c28a30a545b666560dedfa16f93cac6b96acf6471d767bad1eee339c96ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader-native" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader@3.0.0#packages/chunked-blob-reader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader/-/chunked-blob-reader-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1b9d4442c231748124e81a5b0188099dd654429929fbda7bbd6b17c9bb9948c7a4541201eee86c1331ba827614128b43ee99c9b9bc5c6c8bd5d65dbda64daa0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-stream-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-stream-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-stream-node@3.0.0#packages/hash-stream-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-stream-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-stream-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-stream-node/-/hash-stream-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2748bb75ef848170c41884c3e1fc7398c5fc0b208d1134c84579718cc88d52fbeeefa5e7dc6277d70411f39ca794f936c08d65aa892700525a0f57e234395b20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-stream-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "md5-js", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/md5-js@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/md5-js@3.0.0#packages/md5-js", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/md5-js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/md5-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/md5-js/-/md5-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e6d2faeb5738e50fee910904f1ec3dcbb39f12dc5507d590ad53530887fa9099a3a8d47f6530dd9ab3a0a291c13081ab6d9c0f5251149da09276ef131c11f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/md5-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confirm", + "group": "@inquirer", + "version": "3.1.9", + "bom-ref": "@inquirer/confirm@3.1.9", + "author": "Simon Boudrias", + "description": "Inquirer confirm prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/confirm@3.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/confirm/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/confirm/-/confirm-3.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "505d3d69e8f10a2e17aa6e8dfe32408855c0ad77e2f5a979d8015a483fb6b881e78591ad77577a94819344c3e8b95489c5b1848be1e43964986a2118ffeb3353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/confirm" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@inquirer", + "version": "8.2.2", + "bom-ref": "@inquirer/core@8.2.2", + "author": "Simon Boudrias", + "description": "Core Inquirer prompt API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/core@8.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/core/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/core/-/core-8.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bc4ae357e398c41655f7101269bbd07e4b64c84b330f197648b89f4c13ddb84aa6dd5ba3ede9f2242af5e0ee638438a2785b1a50b318f45137dc2ff038df85b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "cli-width", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|cli-width@4.1.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@4.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2eb99778fdd9b64b0e469aacba6c6c8d34d7b5aadf51a66c6f78b48eeca720b139d4ed15dfb30fbf6ee9161a8d5a6e006230089cd3af2b72566c3b82169a6c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/cli-width" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "@inquirer/core@8.2.2|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6afb09421c9dfbaf3480a5f21bfb107349d7682eab0643ce7f21d87056fdfa1764a90911f5b767909d003198647b4a1eb0fa883be985149f8874173b9acb7820" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "6.2.0", + "bom-ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afa94f7011b1657948732984bbb227c43321756d0a0f1a4b82814b720b9ab3109a27f48e219c0835ab4af4a63fb5ff99ae5cb038a5345038f70135d405fc495c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "figures", + "group": "@inquirer", + "version": "1.0.3", + "bom-ref": "@inquirer/figures@1.0.3", + "author": "Simon Boudrias", + "description": "Vendored version of figures, for CJS compatibility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/figures@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b5d7cc434c1f9a49b79fecb175740df59466a972f271b37f451c055f714e73fe2b27df1369aacb120c06b67c8a341c9369d4d13426e34110079dd8adec961f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/figures" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type", + "group": "@inquirer", + "version": "1.3.3", + "bom-ref": "@inquirer/type@1.3.3", + "author": "Simon Boudrias", + "description": "Inquirer core TS types", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/type@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/type/-/type-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5352dd0dba5ca55f6effcccc74e1961aaff92bd6b69a8854d5bd0e5f7a58d0b22020766d163e3e12ef7ff27b47dbb2587ed7942b22e0ef7c25d37a4ee9318e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/type" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "group": "@types", + "version": "0.0.4", + "bom-ref": "@types/mute-stream@0.0.4", + "description": "TypeScript definitions for mute-stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mute-stream@0.0.4#types/mute-stream", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mute-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mute-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mute-stream/-/mute-stream-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "08f33d9f3ac23cf24740d03d91e1fd09591523e591e6431afbb5c4b398dc190d15a001a72efdb8db0f252158300047e6138a2e7c945a4dcf4f34b425d22a00a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "group": "@types", + "version": "3.0.0", + "bom-ref": "@types/wrap-ansi@3.0.0", + "description": "TypeScript definitions for wrap-ansi", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/wrap-ansi@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/wrap-ansi/-/wrap-ansi-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96d229c7e90cee0fcc2d165f91b2fb12c0848dfcc271270ba64837ede5c4b71e649ab00a0644c9c1dd462008c348bf304e933a1f39f960ee2949bf75044c2ed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "input", + "group": "@inquirer", + "version": "2.1.9", + "bom-ref": "@inquirer/input@2.1.9", + "author": "Simon Boudrias", + "description": "Inquirer input text prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/input@2.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/input/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/input/-/input-2.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d714c21e621ee3cc7d086d7ef209401eb555747f907d887380151b832a15a69e4da2f9d78117234a7fd236e95ea717fd3a5f070eade0cf0dd908052bfa1d44ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/input" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "select", + "group": "@inquirer", + "version": "2.3.5", + "bom-ref": "@inquirer/select@2.3.5", + "author": "Simon Boudrias", + "description": "Inquirer select/list prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/select@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/select/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/select/-/select-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "232063f2812d99d1761b1e052533ed1326b7ecc0fab342804cab07aa09a5b3494aec441b8584aaf46425705aba701b187bf720434160d9c0aa6183e2fddfdfc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/select" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "plugin-not-found", + "group": "@oclif", + "version": "3.2.1", + "bom-ref": "@oclif/plugin-not-found@3.2.1", + "author": "Salesforce", + "description": "\"did you mean\" for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-not-found@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-not-found.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-not-found/-/plugin-not-found-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63617258b133893ae0750c1de0bb59718bf754e31e0e15b4a56ea16c4d2eddf25dc6cf1fdc92df38724f77c14fa2b56dda576c6a3e3371751603abcc40a78a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.15", + "bom-ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a66b5993c211e31a8fae5994a6365c83f7712363ad317a5911177dae63d41ac4bd7ad6bb80504a1545eac5f2f9132ff48cbf2c266b1b987b120039a5d27b4c3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "3.0.0", + "bom-ref": "fast-levenshtein@3.0.0", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84a28d6a39b8eae3664e58474b2664993a00739eae649c18abbcab722663a8ec6795f4301110d02661cf529ee6d66f70c7cbe039ef08682299e4abf69350dd09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7919c2b534ed199169402c2126250ebb13d05915d52980e7d1bd8f7877d72fafd98b9dd22c0cc01df5615562b602bc82fd61f4e6419fc611483ef4c5d125d0ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "async-retry", + "version": "1.3.3", + "bom-ref": "async-retry@1.3.3", + "description": "Retrying made simple, easy and async", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async-retry@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/async-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/async-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/async-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1faff8ecb70f71362ff4b5e307ad15bb76ccf72ede4046160d6767b0a5a76785a229e666c02e13803fe10076c0bbb7867ac2ab0356ff7e5ba826d4393d984cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.13.1", + "bom-ref": "retry@0.13.1", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.13.1", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d0050dc8f16d4281ed127a1fba8238f4dcb6e64455aea2cce02bda280a9c1822b861a0ef34a5fab8714914e439249f07ce7c5b5e470959e7a3d838663215676" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "change-case", + "version": "4.1.2", + "bom-ref": "change-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform a string between `camelCase`, `PascalCase`, `Capital Case`, `snake_case`, `param-case`, `CONSTANT_CASE` and others", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/change-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/change-case/-/change-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2c58db0b3d3adbe220b1b51226392bb34dc64aa0fc99d19c5c4bb4a43de896af8a22318bb76332b49dd04093f400be96db429666302b0e77056a4e31b968ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/change-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camel-case", + "version": "4.1.2", + "bom-ref": "camel-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform into a string with the separator denoted by the next word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camel-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83119606b4d3d49b8cc7a47ea393d35cc9949e19d5ccb43d48dbad0f862a2ad23a6a9f3deedded28409895aea0096124a655e794dc9b124660f46106c4a14283" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camel-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pascal-case", + "version": "3.1.2", + "bom-ref": "pascal-case@3.1.2", + "author": "Blake Embrey", + "description": "Transform into a string of capitalized words without separators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pascal-case@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/pascal-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b969464f76129caf71dc140968e75c670ae757a84fa5df23147d7fb9ca622d13e1ff6cc2549292d7d1381af607bda09c0029f77e85d9d1c2c1f56af1d4a19ee6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pascal-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "capital-case", + "version": "1.0.4", + "bom-ref": "capital-case@1.0.4", + "author": "Blake Embrey", + "description": "Transform into a space separated string with each word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/capital-case@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/capital-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/capital-case/-/capital-case-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76cdfb5bc0b2b478309e11864e2f3ca5c3f2475e6aa0d90ea58c2630c7e75aaa9680449aa4baaf0f1ea1b858d0e6fa964a7d99d3ad7bdd7340ecbb4c39e521d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/capital-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "no-case", + "version": "3.0.4", + "bom-ref": "no-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with spaces between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/no-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/no-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e000dde318087e468c541991d348e2c922a51cdb09a8070191e2d6e93402a69a8bc5a16ab439d4646f456495d45e3b66b68814ff384ba51bd5d251cd74af7ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/no-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case-first", + "version": "2.0.2", + "bom-ref": "upper-case-first@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string with the first character in upper cased", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case-first@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case-first/-/upper-case-first-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e75e29a581c168ac1f2512bfa4d0ba73f3b17c66b4a1b4a7025d74eaef7b11dd08eb6e4d8a7f7a2808edb5917a64bdded572eda61c67aab3a2f625a09bebbe6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case-first" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "constant-case", + "version": "3.0.4", + "bom-ref": "constant-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into upper case string with an underscore between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/constant-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/constant-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/constant-case/-/constant-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "236852062ed5becec112e243af97431dfcdbfd1ba3dc5caf17287b28b8a5023350c3705efb182a5010365bab1c54470bd212f57703d1b48a843d55022a44acc9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/constant-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case", + "version": "2.0.2", + "bom-ref": "upper-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to upper case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case/-/upper-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a07600c626dd93a6ec015088e01ba973c36196151096f5091f922bf40f1a871cb6091e6b6675420a71977cac78054a3a29553970ea08330a6d5bf0c150c2292" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "dot-case", + "version": "3.0.4", + "bom-ref": "dot-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with a period between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dot-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/dot-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afe672a587ac91addac6bf1789d9ee72d9e454a64528b085b8036012dfccf04b3dbbceeeee7c3c103e2e4986cdd702518d7ad9776e69c6850b0cb642899e3df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dot-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "header-case", + "version": "2.0.4", + "bom-ref": "header-case@2.0.4", + "author": "Blake Embrey", + "description": "Transform into a dash separated string of capitalized words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/header-case@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/header-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/header-case/-/header-case-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ffbee9394c4115670ad1d25a76cde77d382a35b8020b325c742443200b6eabcf2249dcdd6fe979301c75c941d4767684a37063cce8e28f6282607f4a65275d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/header-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lower-case", + "version": "2.0.2", + "bom-ref": "lower-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to lower case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lower-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/lower-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edf9b797734017d59f37a5b724e99fe5daf0a55a97efc26da0627703a5b46ba66795d338d70d9f5790f8f74a6c2854e931db3c4c9b1efde1cb145b0d1c78c782" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lower-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "param-case", + "version": "3.0.4", + "bom-ref": "param-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with dashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/param-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/param-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/param-case/-/param-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "457963ef3098a2445ea96a4e3c7f68622bd4ccb619e6f00f21f1260933558a8b02efc17c1741fdcbb4fb806d8cdfdca682eb7117981c144b326504a987d069dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/param-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-case", + "version": "3.0.4", + "bom-ref": "path-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with slashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/path-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-case/-/path-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ee2a0858d7a954eb71b3edfe141f85343e56116ca8d28e3edcad80d2a42b14a8129dd73d443c39b16e78fca5388a24e608e7ebdaf2f178942f10b0a2ddd67e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sentence-case", + "version": "3.0.4", + "bom-ref": "sentence-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case with spaces between words, then capitalize the string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sentence-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/sentence-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sentence-case/-/sentence-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0b4b42489da40c091a10ed8532b40a3fc54bb95b65e74315761c8ffab8ce94ec22134b546a3c496bdf457ab88ab230a33d949191545cb9ff80aecdc8b13584a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sentence-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "snake-case", + "version": "3.0.4", + "bom-ref": "snake-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with underscores between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/snake-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/snake-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c03a1e33f3d6c642f97da457cd17c575e3a8bba3bfc2a853dbab36203fec98cc3203792f4768d16d5c005a9915be010cc454e0dcbc4efd96327ef1af5849d32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/snake-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-yarn-workspace-root", + "version": "2.0.0", + "bom-ref": "find-yarn-workspace-root@2.0.0", + "author": "Square, Inc.", + "description": "Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/find-yarn-workspace-root@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/square/find-yarn-workspace-root.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-yarn-workspace-root/-/find-yarn-workspace-root-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d483276e3b782b3b107e7867ccd77cc141205d9e3823365a6669cb631ec3e45665687b76816db40ab8bc43e13fb79b488f8f9ea5306e6fed99c6efef3482f3a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-yarn-workspace-root" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "github-slugger", + "version": "2.0.0", + "bom-ref": "github-slugger@2.0.0", + "author": "Dan Flettre", + "description": "Generate a slug just like GitHub does for markdown headings.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/github-slugger@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/Flet/github-slugger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Flet/github-slugger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Flet/github-slugger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/github-slugger/-/github-slugger-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21a390f69b98b63ae4abb63462097d283667adffda89425852955ff3dcbc9326b16d11bb6354ab5ff8daba6aeff35bdceb5fa488c7a6a6e8ec337630ef0e6a73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/github-slugger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "got", + "version": "13.0.0", + "bom-ref": "got@13.0.0", + "description": "Human-friendly and powerful HTTP request library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/got@13.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/got.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/got#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/got/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/got/-/got-13.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5df064d42c4e39270370cafd3b5c8a90d690cb2f3ae4d6d8b3e17b76be07d0b64c5600a3d8b7b9f64e8fa9b347a0be53a1e684414621e9ceb231f55c73a489c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/got" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is", + "group": "@sindresorhus", + "version": "5.6.0", + "bom-ref": "@sindresorhus/is@5.6.0", + "author": "Sindre Sorhus", + "description": "Type check values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sindresorhus/is@5.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sindresorhus/is/-/is-5.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d5eedf062986895ac9f4d2d143a81c3cf94aa6afc0347d1535b6f4d08726731afd2c24219140bdc918c237b9cb8aa375c865d50ff8bc7bfe0876b7795ec32ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sindresorhus/is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-timer", + "group": "@szmarczak", + "version": "5.0.1", + "bom-ref": "@szmarczak/http-timer@5.0.1", + "author": "Szymon Marczak", + "description": "Timings for HTTP requests", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40szmarczak/http-timer@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http-timer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http-timer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http-timer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f9905f43e20183cc79561edb7ecb24062f38c616d63dab1f96113b24b76f8093549ba6df81df46f2af033a331c0406d139c735d51f63d9c2794c9102cfff73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@szmarczak/http-timer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "defer-to-connect", + "version": "2.0.1", + "bom-ref": "defer-to-connect@2.0.1", + "author": "Szymon Marczak", + "description": "The safe way to handle the `connect` socket event", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/defer-to-connect@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/defer-to-connect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2dbedb5ea571b555a606ad189b93913025dd6de2e76e9d239531d2d200bea621dd62c78dfca0fc0f64c00b638d450a28ee90ed4bd2dc0d706b1dcd2edd1e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/defer-to-connect" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-lookup", + "version": "7.0.0", + "bom-ref": "cacheable-lookup@7.0.0", + "author": "Szymon Marczak", + "description": "A cacheable dns.lookup(…) that respects TTL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-lookup@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/cacheable-lookup.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faa272c78c622ab6bc999adcc218cc44c5210f9351d51f1eb0f933218c57f7a26279c168c405c5bb3fc6a51dfe7afe0f13559a9878a9efcc15d2f7263d0b69f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-lookup" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-request", + "version": "10.2.14", + "bom-ref": "cacheable-request@10.2.14", + "author": "Jared Wray", + "description": "Wrap native HTTP requests with RFC compliant cache support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-request@10.2.14", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/cacheable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/cacheable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/cacheable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce40d3e56005e21492a148327e0e6d148c73f1740afb6e56fd32d5a2325330a05ac5ebcb041b4bc60aa0b80b95401f0f556efd1558c7714f8627db556c367d99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-request" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "group": "@types", + "version": "4.0.4", + "bom-ref": "@types/http-cache-semantics@4.0.4", + "description": "TypeScript definitions for http-cache-semantics", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-cache-semantics@4.0.4#types/http-cache-semantics", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-cache-semantics", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-cache-semantics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d66d1b20555cede256caf7bd4b4467b9181c42a17f5dde50b1464065e405af5437fe9f495a841012a995cbe0cf4cda465f086021eb40a1817c252737deadbd40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7abdbde4328f56c57cda3e64c351a3b7e00303f5d81ec6a397cd9c18d406d9eca83e4be05215fe9c32327a5ce12166dbb173f7f441dc23a979b58b36158a985d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "4.0.0", + "bom-ref": "mimic-response@4.0.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b92121fdc4c614d03ceb4fe8e5f2adb37bd0fa79606da3e23c08da5ef9523e2b627f17f9373dd91d4ddcf8c2f1951f8353a68f8d4584d522e31010c31cb0baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-url", + "version": "8.0.1", + "bom-ref": "normalize-url@8.0.1", + "author": "Sindre Sorhus", + "description": "Normalize a URL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-url@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/normalize-url.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20ef50be350c5b13d0421b3ad283aed740919160a26734949336d718657da6f8989757d761cbe4cd0e6357dcfc63aba7f0046855197812d0babfa8cda9b689ff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-url" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "responselike", + "version": "3.0.0", + "bom-ref": "responselike@3.0.0", + "author": "Luke Childs", + "description": "A response-like object for mocking a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/responselike@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/responselike.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/responselike#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/responselike/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/responselike/-/responselike-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e34c87c5b35c976fabcd7bd9b9592b62885ab61b122653135caaf21b9cbcb9c887bf5fb10cb1d0a608c6eb82543bd9eb12ada318b1fa219f01719cb0df0af07a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/responselike" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decompress-response", + "version": "6.0.0", + "bom-ref": "decompress-response@6.0.0", + "author": "Sindre Sorhus", + "description": "Decompress a HTTP response if needed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decompress-response@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decompress-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "696df9c9933a05bff8a099599dc307d8b0a866d2574d1c444b5eef137868462a305369161da24a1644810e70d1f9c9bd27ef5085799113221fbf4a638bd7a309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "mimic-response", + "version": "3.1.0", + "bom-ref": "decompress-response@6.0.0|mimic-response@3.1.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf4c9623ee050ebaf0792f199ade048f91dd266932d79f8bd9ee96827dfe88ae5f5b36fa4f77e1345ab6f8c79345bd3ae1ce96af837fc2fd03cd04e33731cd19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response/node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "form-data-encoder", + "version": "2.1.4", + "bom-ref": "form-data-encoder@2.1.4", + "author": "Nick K.", + "description": "Encode FormData content into the multipart/form-data format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data-encoder@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/octet-stream/form-data-encoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c8361280d32b6aabe7c621173b8862f3cf986716870ba40acdbe4df388910930de44eed900ba62aff95599ffee5d4867c14af63b81d4f2cfe7eb1fb23634241f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data-encoder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http2-wrapper", + "version": "2.2.1", + "bom-ref": "http2-wrapper@2.2.1", + "author": "Szymon Marczak", + "description": "HTTP2 client, just with the familiar `https` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http2-wrapper@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http2-wrapper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5799d5c353c03a07c8dcb99e6a3d84c667a0edf7a78e1454833d653d27b3cb50ae84f61b810b5b423e2365f10010c95a2febeea6cbe18ea0b28f3a1bd32c6c99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http2-wrapper" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "resolve-alpn", + "version": "1.2.1", + "bom-ref": "resolve-alpn@1.2.1", + "author": "Szymon Marczak", + "description": "Detects the ALPN protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-alpn@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/resolve-alpn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1ad45e25ef7fd915939a9099d0dc5be4276fa0493416cffaf6284e4e7436344f13e6e61e0692a91659f338ed3ec7b1b9ceb5c255105e1ea42572eaeed0dcafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-alpn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lowercase-keys", + "version": "3.0.0", + "bom-ref": "lowercase-keys@3.0.0", + "author": "Sindre Sorhus", + "description": "Lowercase the keys of an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lowercase-keys@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/lowercase-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a33082ea0750fa0957390b2f78a0f462c0f2f034901630d3cf8cf2cc41cd579f893f90fad8b99f0d9ea8d5cc9c171f68b86f78d0ce5d13c0bc0937b0763d9859" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lowercase-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-cancelable", + "version": "3.0.0", + "bom-ref": "p-cancelable@3.0.0", + "author": "Sindre Sorhus", + "description": "Create a promise that can be canceled", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-cancelable@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-cancelable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a55604773c6bb3968d0c993764e1c5ea5d69704032e738d4c083ab26eb65e430912247137718bdd27df918beac289db90905cac8ed4befe5987dca3be7da253" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-cancelable" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eabbc27de456f8e1196a0001e2530b48db933586562d5b4a71c2bbf554937ffff24d8e5538281ca47f343be6d92bc35ea6cee95277791be425320d7257fda265" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90df5d25bbe7c921d42c896e0c7cb7d961d152edce83b07db1b63bb6c14b72d42422a9cc877844ad881d3234d8baa99c5d7fa52b94f596752ddc6ef336cc2664" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71ba87ba7b105a724d13a2a155232c31e1f91ff2fd129ca66f3a93437b8bc0d08b675438f35a166a87ea1fb9cee95d3bc655f063a3e141d43621e756c7f64ae1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21f0f59cfdfb4ca8001d16206ee85cba2543988ea0c9049bc88697c33321ebaf445ba7996266a7784e3b50fd181f2e328565bf8b331e61a66979a8e5b2d2abe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e2538dabfb13b851b512d5bba8dcb3c992394eef8df45e7e5254085da73cec3c7b236d855f9679c57404e069b9cbb9d7be0aabb6e69e8dfa0da5c3f3c5b1ae3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-package-json", + "version": "2.10.0", + "bom-ref": "sort-package-json@2.10.0", + "author": "Keith Cirkel", + "description": "Sort an Object or package.json based on the well-known package.json keys", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-package-json@2.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-package-json/-/sort-package-json-2.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31879c7ef39b3302638c9b2487161fb8e003917a7564c3270850bcca1a7ef470ec93b1e1477dfa85dede881b3dea54d77e2aa650d23e59009e08c441865db9d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "detect-newline", + "version": "4.0.1", + "bom-ref": "sort-package-json@2.10.0|detect-newline@4.0.1", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a84dd57a0d585f3187421940ea3cde6d9376a957fa357f80ee6eea9610861b7d1d262c6b0108583ac263b270632640929ae38fa42937d35e397ebf055746f3a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/detect-newline" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "13.2.2", + "bom-ref": "sort-package-json@2.10.0|globby@13.2.2", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@13.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-13.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635ccd195fa9cd0761ec7dfd97dce00783c9aa344dab276f7580831b81c55cce17baf49a41094473dd48535c802cbf205130e89a00407f3dd725d9944bea28d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/globby" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "4.0.0", + "bom-ref": "sort-package-json@2.10.0|slash@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddd3ac0075d7524413a4e61ca00c4b228acc4e9e20210af9216de255bec0ee5148a74547867ca79bd8b3c7a4ecb1dac87152044809558ed9ced8af1b83e0a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/slash" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "4.1.0", + "bom-ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f822faf32e50d909c84c62301b792251683322a7af9ce127852ca73e7c58e841179428219905c8d1c86c102d1f0cd502093946d9dd54db0344deb5fe6983aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "detect-indent", + "version": "7.0.1", + "bom-ref": "detect-indent@7.0.1", + "author": "Sindre Sorhus", + "description": "Detect the indentation of code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-indent@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-indent/-/detect-indent-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31ced0850f2cf9c2eb9d47d4fc98bde2f1bfafc336ea6f1ffbebf2adeb38668a236910e9675792221fc4a732cdc255aebf3499dd46c316ca6316f4c35dee9efe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "get-stdin", + "version": "9.0.0", + "bom-ref": "get-stdin@9.0.0", + "author": "Sindre Sorhus", + "description": "Get stdin as a string or buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stdin@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stdin/-/get-stdin-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7552818df5a2b0b02271aac8d927fe26e044fc382157853334055ef7284426ecde44477726139313d7146894de49aefb7ec6d050ade970ea497cce7df9529968" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git-hooks-list", + "version": "3.1.0", + "bom-ref": "git-hooks-list@3.1.0", + "author": "fisker Cheung", + "description": "List of Git hooks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/git-hooks-list@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/fisker/git-hooks-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/git-hooks-list/-/git-hooks-list-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c5f15787791eeffb001b5ea7e04654d25ffd41251f50d6f10c47c240cf570483a197d3bfb3ca3dec01d0ef6238ffc679487d5b86823e2a05e8b52b784a1fe3c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/git-hooks-list" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-object-keys", + "version": "1.1.3", + "bom-ref": "sort-object-keys@1.1.3", + "author": "Keith Cirkel", + "description": "Sort an object's keys, including an optional key list", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-object-keys@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-object-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-object-keys/-/sort-object-keys-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39e69bcaf95914ecf68a60f73e2639e6b781337a3407ca1845df7ab7d6a1bcc7b99a0f391e1610004e174261acb5d422123bea803308ce04ff9f3d97b420fca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-object-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-jsonc", + "version": "1.0.1", + "bom-ref": "tiny-jsonc@1.0.1", + "description": "An absurdly small JSONC parser.", + "purl": "pkg:npm/tiny-jsonc@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/fabiospampinato/jsonc-simple-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tiny-jsonc/-/tiny-jsonc-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a4e810b1cef6bd0e88847c35ff962d0bd9c58a3cf10d62f8b1529ac5765dd83e2e1b6595210e7348f5852469caeffae206f74767c51e6636a6a80fa5210fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tiny-jsonc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "open", + "version": "10.1.0", + "bom-ref": "open@10.1.0", + "author": "Sindre Sorhus", + "description": "Open stuff like URLs, files, executables. Cross-platform.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/open@10.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/open.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/open#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/open/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/open/-/open-10.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a791e435a8fe547b6c1df9a8af4c3dcd1ddfe567de8bbb48e07f4a7092d2cfb71e9c4d9887eedc9e191447b34cd7d2b6eb6a15cf9d79549db797c9a041b886b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open" + } + ], + "components": [ + { + "type": "library", + "name": "is-wsl", + "version": "3.1.0", + "bom-ref": "open@10.1.0|is-wsl@3.1.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51c55f55f68ae127389bb5f77544a81e8a3340604415e0c2fb3568d3ab7df317bc0b31d265905e90d5c7fadbb435a947a25709fd0006a92e3a1de7fb41704833" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open/node_modules/is-wsl" + } + ] + } + ] + }, + { + "type": "library", + "name": "default-browser", + "version": "5.2.1", + "bom-ref": "default-browser@5.2.1", + "author": "Sindre Sorhus", + "description": "Get the default browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser@5.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser/-/default-browser-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "598ff74d4304d31dca3d875147110926f5d11d5e0fc8fa14b31b596bbf25c08b7045044785dd94f713ac71a4ff6137fcb825c8023789385055121ffb16d0fc5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser" + } + ] + }, + { + "type": "library", + "name": "bundle-name", + "version": "4.1.0", + "bom-ref": "bundle-name@4.1.0", + "author": "Sindre Sorhus", + "description": "Get bundle name from a bundle identifier (macOS): `com.apple.Safari` → `Safari`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bundle-name@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/bundle-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bundle-name/-/bundle-name-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63c0ce5ec4c83a046448fa43664e7b4db2f7594b55fc045612ead9c9da1747d2457133afde559db1cbe16a4ad496bd89ad7c53032c8c6eae8ac7c0329f0f3e5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-name" + } + ] + }, + { + "type": "library", + "name": "run-applescript", + "version": "7.0.0", + "bom-ref": "run-applescript@7.0.0", + "author": "Sindre Sorhus", + "description": "Run AppleScript and get the result", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-applescript@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/run-applescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-applescript/-/run-applescript-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5bcb8223f7d254aff3021415240ca2d62b71bd1d55e669b2b3f54e4c948008bafbb39223a271162cf1724bc57fb16a10fe98b8a20980ea17d74a020b7328fd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-applescript" + } + ] + }, + { + "type": "library", + "name": "default-browser-id", + "version": "5.0.0", + "bom-ref": "default-browser-id@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the bundle identifier of the default browser (macOS). Example: com.apple.Safari", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser-id@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser-id.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser-id/-/default-browser-id-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03aa7fa6effa7f205c0354d1cff1aa5983d58a996b7ed716da0642f6aefd9e0342280791fd7de070475740797828d5d5fb7c20209d423e4250dc81ccea572cc8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser-id" + } + ] + }, + { + "type": "library", + "name": "define-lazy-prop", + "version": "3.0.0", + "bom-ref": "define-lazy-prop@3.0.0", + "author": "Sindre Sorhus", + "description": "Define a lazily evaluated property on an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-lazy-prop@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/define-lazy-prop.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37e31e5d8a2aaf7a4e827f317f244f44437b8076a42d88e1b07856193ddf58088be08900b74883c35e108a2126d9b137d1ce575f9ab416d000dc22b97fdfc152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-lazy-prop" + } + ] + }, + { + "type": "library", + "name": "is-inside-container", + "version": "1.0.0", + "bom-ref": "is-inside-container@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a container (Docker/Podman)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-inside-container@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-inside-container.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-inside-container/-/is-inside-container-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28860b08226085f1d9c6a8d8044eeb132d0e06e4dde710874bbb47560bc22e4c7b4ad2286b1c0d5b784200b80452315f79193e306fd0c66a7fbed113105ded44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container" + } + ], + "components": [ + { + "type": "library", + "name": "is-docker", + "version": "3.0.0", + "bom-ref": "is-inside-container@1.0.0|is-docker@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a58dc8040e5127b3fec05c5a2c0792bfda708ce0fec540f90673f0d62f2e6b985116bd96b21ab8a4d5df7f4086399c9e1ff58b15bc1900ea42691e7f6b21275" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container/node_modules/is-docker" + } + ] + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "version": "4.2.0", + "bom-ref": "prompt-sync@4.2.0", + "description": "a synchronous prompt for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompt-sync@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/heapwolf/prompt-sync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompt-sync/-/prompt-sync-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06e133cdce73a6d3f92ec815e4c6444e30da29259f72197953d2ee8aef122a9ee26560f9b596a53b1bcd719470bfe776a61345afcc656f198535c44a7c93b327" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync" + } + ], + "components": [ + { + "type": "library", + "name": "strip-ansi", + "version": "5.2.0", + "bom-ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ee46cd6029b06ab0c288665adf7f096e83c30791c9e98ece553e62f53c087e980df45340d3a2d7c3674776514b17a4f98f98c309e96efbdcc680dc9fa56e258" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "4.1.1", + "bom-ref": "prompt-sync@4.2.0|ansi-regex@4.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b96fe24ff77fabdf4383a83f6006be2ace92d950f7c6442f593d15a423c5adcbd5a6c181bb930c074f3a9bdb1a7702d014d542b97e38cf316462bab565edee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/ansi-regex" + } + ] + } + ] + }, + { + "type": "library", + "name": "lodash.truncate", + "version": "4.4.2", + "bom-ref": "lodash.truncate@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.truncate` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.truncate@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8edb6645eedb46c7b9d8eb1620c0cb697c56a91026b4851c70043781aaef882a898da7d739f34c3b4c8c7cda5d0facdb19a4d4d0fe4dcfb7bb8004fa70a98947" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.truncate" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.2.3", + "bom-ref": "tmp@0.2.3", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d90fb9bd8823c2e60d2962671ac688182a08127cbb1dc65f287f743fa086ea0aa2cb20ef48005d065a35f5cfd3594473e25eff167b1e320c2699b20130d18f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "29.1.4", + "bom-ref": "ts-jest@29.1.4", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@29.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6221f00e14af0a222da0082c2ada0b142b9a903cc3b09d432c39d2a2e4da4e674e70ec08912cdb2d776e690e8ce4345586e642fcd61a699fe6b476d632ffd2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest" + } + ], + "components": [ + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "ts-jest@29.1.4|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest/node_modules/yargs-parser" + } + ] + } + ] + }, + { + "type": "library", + "name": "remapping", + "group": "@ampproject", + "version": "2.3.0", + "bom-ref": "@ampproject/remapping@2.3.0", + "author": "Justin Ridgewell", + "description": "Remap sequential sourcemaps through transformations to point at the original source code", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40ampproject/remapping@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ampproject/remapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ampproject/remapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ampproject/remapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df4899b403e0cfe2d3218a1e8afa98a3ce777f4da305849de6e1a71a9905574337c4eb7d68def77ab920600999538df1e157ea7272f15bd2a98374792c2e1863" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ampproject/remapping" + } + ] + }, + { + "type": "library", + "name": "js-tokens", + "version": "4.0.0", + "bom-ref": "js-tokens@4.0.0", + "author": "Simon Lydell", + "description": "A regex that tokenizes JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-tokens@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/lydell/js-tokens.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lydell/js-tokens#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lydell/js-tokens/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45d2547e5704ddc5332a232a420b02bb4e853eef5474824ed1b7986cf84737893a6a9809b627dca02b53f5b7313a9601b690f690233a49bce0e026aeb16fcf29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-tokens" + } + ] + }, + { + "type": "library", + "name": "helper-compilation-targets", + "group": "@babel", + "version": "7.23.6", + "bom-ref": "@babel/helper-compilation-targets@7.23.6", + "author": "The Babel Team", + "description": "Helper functions on Babel compilation targets", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-compilation-targets@7.23.6#packages/babel-helper-compilation-targets", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-compilation-targets", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f49079e3c199a10566ceb160a7ca3b2b17609131a6eb1b3d0d6d28fcf8a6ef65038f3af939b510e99cd83ea03e83d3934b66c142872d2c9ae4cb444308059181" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "compat-data", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/compat-data@7.24.4", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/compat-data@7.24.4#packages/babel-compat-data", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-compat-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be0f068a1d8c2cafa43a41c9a788011089326888b4d23816a2dd83f503a699f2c2f2320d48ece608bb5ae81bf3fc94810aa9de815d0bf348e1c64a25e4658d7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/compat-data" + } + ] + }, + { + "type": "library", + "name": "helper-validator-option", + "group": "@babel", + "version": "7.23.5", + "bom-ref": "@babel/helper-validator-option@7.23.5", + "author": "The Babel Team", + "description": "Validate plugin/preset options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-option@7.23.5#packages/babel-helper-validator-option", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-option", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39b6d00e30bb2be775605e44db931f2803a6137d3e2aeff1f35d22c46268dc49324f30f42dbead410fbf41c9ea79c4c5186c64731290ec8d47f7772a79e082b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-option" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "5.1.1", + "bom-ref": "lru-cache@5.1.1", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@5.1.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a9340450037230bfe8d3034bad51555bae1f8996baf516fd1ee7a186cc014e5cdedd93f16f89a0d6f0b1e62b9d8395c1f858fda7ea023cbcdd5a7ac045828f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "3.1.1", + "bom-ref": "yallist@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b850641a58f1f9f663975189c01b67b09dc412e22e05e374efdc9a0033eb365430264bd36c2bc1a90cc2eb0873e4b054fb8772ba4cea14367da96fb4685f1e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yallist" + } + ] + }, + { + "type": "library", + "name": "helper-module-transforms", + "group": "@babel", + "version": "7.23.3", + "bom-ref": "@babel/helper-module-transforms@7.23.3", + "author": "The Babel Team", + "description": "Babel helper functions for implementing ES6 module transformations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-transforms@7.23.3#packages/babel-helper-module-transforms", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-transforms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-transforms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edb06ce040fd3a6b3075f0f3a73e0ca56812ad5ec55e5737cc86a0bcb1634b91fe324ed29ebdb5bd0e90c2bb2808631f342e1ee0b40f76850b12de32933d1245" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-transforms" + } + ] + }, + { + "type": "library", + "name": "helper-environment-visitor", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-environment-visitor@7.22.20", + "author": "The Babel Team", + "description": "Helper visitor to only visit nodes in the current 'this' context", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-environment-visitor@7.22.20#packages/babel-helper-environment-visitor", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-environment-visitor", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-environment-visitor", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdf79d488cc585ab7f8058567c7b605af95e7349ea07d604215ae9bb08ebb8b9577d44a703c7090749a21cac2a0e743b777d9a2a8db1b7cf3fc59a6dc316df84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-environment-visitor" + } + ] + }, + { + "type": "library", + "name": "helper-module-imports", + "group": "@babel", + "version": "7.24.3", + "bom-ref": "@babel/helper-module-imports@7.24.3", + "author": "The Babel Team", + "description": "Babel helper functions for inserting module loads", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-imports@7.24.3#packages/babel-helper-module-imports", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-imports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-imports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be229bd05f5fdacd01092db6412177d3ccfffb5616295ffbea6c2deb5341cd2e62ccccc33f076ad694ebcdff8b8b79e90565fd29d41b91e0add6348033b959aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-imports" + } + ] + }, + { + "type": "library", + "name": "helper-simple-access", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-simple-access@7.22.5", + "author": "The Babel Team", + "description": "Babel helper for ensuring that access to a given value is performed through simple accesses", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-simple-access@7.22.5#packages/babel-helper-simple-access", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-simple-access", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-simple-access", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f41fdf44fcaf818a46b7fbe58d2f5ecf3afa38aca599ee5644a7543e7d2b556d48bc9f13d01013a54e608ec56ff426c4b9e9228a43ea2301eda91ca247377e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-simple-access" + } + ] + }, + { + "type": "library", + "name": "helper-split-export-declaration", + "group": "@babel", + "version": "7.22.6", + "bom-ref": "@babel/helper-split-export-declaration@7.22.6", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-split-export-declaration@7.22.6#packages/babel-helper-split-export-declaration", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-split-export-declaration", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-split-export-declaration", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02c527c6e2e1458b22b0589a270be9d5017e2372a30f914ec6eb75e2afc6ce8bd47baa2b1cb7ac5b60bb77be789119b9de1e60aabcfab0597ab31738055b44fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-split-export-declaration" + } + ] + }, + { + "type": "library", + "name": "helpers", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/helpers@7.24.4", + "author": "The Babel Team", + "description": "Collection of helper functions used by Babel transforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helpers@7.24.4#packages/babel-helpers", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helpers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helpers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15ec1d9596d28b06951a5813d433c0343b821da0cc88ea3e0ff2036111588c73aebfaeb131227b7d0c30383c113403e400320eff3d44a05fe5d810969560010f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helpers" + } + ] + }, + { + "type": "library", + "name": "helper-function-name", + "group": "@babel", + "version": "7.23.0", + "bom-ref": "@babel/helper-function-name@7.23.0", + "author": "The Babel Team", + "description": "Helper function to change the property 'name' of every function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-function-name@7.23.0#packages/babel-helper-function-name", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-function-name", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-function-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "384ac4aacaf18d94c97226783a8f9ea19a9e5bd50888e72e60a449038640815f66c80fa93978619a97cd08a8c41ff6ae55f11854527acb54dce2bd1e200a6a8b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-function-name" + } + ] + }, + { + "type": "library", + "name": "helper-hoist-variables", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-hoist-variables@7.22.5", + "author": "The Babel Team", + "description": "Helper function to hoist variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-hoist-variables@7.22.5#packages/babel-helper-hoist-variables", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-hoist-variables", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-hoist-variables", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c068e4f50655cef92703ac8a2145116fccd8de0ad709c399b7effb59ccbc3b6b9cb7186996650f90e76582836199d55e7b673dd895db7f5c6932d54d6dfa3147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-hoist-variables" + } + ] + }, + { + "type": "library", + "name": "helper-string-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/helper-string-parser@7.24.1", + "author": "The Babel Team", + "description": "A utility package to parse strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-string-parser@7.24.1#packages/babel-helper-string-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-string-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-string-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "da87d10a39e703dcbec24f1bf4801112ba1e50fd36287a78df53769a12a78b2db22880caa5bac7bfd797c26f1c05e59061c266cefe6a282bbae4fe3b78217b09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-string-parser" + } + ] + }, + { + "type": "library", + "name": "to-fast-properties", + "version": "2.0.0", + "bom-ref": "to-fast-properties@2.0.0", + "author": "Sindre Sorhus", + "description": "Force V8 to use fast properties for an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-fast-properties@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/to-fast-properties.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fce68a2b4c58aecdc39b1458a8bff20dcf85c455156210e55cc8519afdf3f75e70d87175b67375a26077e788fc55418efe16d1cf20fa637b00eefec64bf71ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-fast-properties" + } + ] + }, + { + "type": "library", + "name": "gensync", + "version": "1.0.0-beta.2", + "bom-ref": "gensync@1.0.0-beta.2", + "author": "Logan Smyth", + "description": "Allows users to use generators in order to write common functions that can be both sync or async.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gensync@1.0.0-beta.2", + "externalReferences": [ + { + "url": "git+https://github.com/loganfsmyth/gensync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de137b35ab2462f3032d0639e609d6dcd43e99eb0401ea53aa583e5446e3ef3cea10c055361cdc19861ea85a3f4e5633e9e42215ca751dcb0264efa71a04bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gensync" + } + ] + }, + { + "type": "library", + "name": "resolve-uri", + "group": "@jridgewell", + "version": "3.1.2", + "bom-ref": "@jridgewell/resolve-uri@3.1.2", + "author": "Justin Ridgewell", + "description": "Resolve a URI relative to an optional base URI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/resolve-uri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d12128022233f6d3fb5b5923d63048b9e1054f45913192e0fd9492fe508c542adc15240f305b54eb6f58ccb354455e8d42053359ff98690bd42f98a59da292b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/resolve-uri" + } + ] + }, + { + "type": "library", + "name": "load-nyc-config", + "group": "@istanbuljs", + "version": "1.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0", + "description": "Utility function to load nyc configuration", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/load-nyc-config@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/load-nyc-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5637874a5233a6ffcdc83dcdd18b877d738f0c88b1700d6ad9957df30b0ca9c6253e6bf69f761bda560ff5730496768555783903b60b4de2eee95f38b900e399" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from" + } + ] + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "5.3.1", + "bom-ref": "camelcase@5.3.1", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@5.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f6f124c1d7bd27c164badd48ed944384ddd95d400a5a257664388d6e3057f37f7ad1b8f7a01da1deb3279ef98c50f96e92bd10d057a52b74e751891d79df026" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "test-exclude", + "version": "6.0.0", + "bom-ref": "test-exclude@6.0.0", + "author": "Ben Coe", + "description": "test for inclusion or exclusion of paths using globs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/test-exclude@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/test-exclude.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/test-exclude/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7001963c8c8e1d4eb396683cf23c26ed54725e730dee257af0e1806d80e4fcc87fc42fe9cd53e542d63a9e0a081ffe7fb5c8ae8467ef11253c1ab1eb7310f9eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "test-exclude@6.0.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "babel__generator", + "group": "@types", + "version": "7.6.8", + "bom-ref": "@types/babel__generator@7.6.8", + "description": "TypeScript definitions for @babel/generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__generator@7.6.8#types/babel__generator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012b23fada440ec12216bd5aad6ae537a57799d7e344c66de8bb4afd5a7f92b7852e7af9407e7e0e1bc3e6720d6195f3c09bd7786abed398945dc03356ba96b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__generator" + } + ] + }, + { + "type": "library", + "name": "babel__template", + "group": "@types", + "version": "7.4.4", + "bom-ref": "@types/babel__template@7.4.4", + "description": "TypeScript definitions for @babel/template", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__template@7.4.4#types/babel__template", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "87f354692c86e44cb1048a7c611c68e1131edbfa9082fca8c11c1533385884108e35b5bc3d4b20e2590532b86066151ee73dcbdcc88b0eebf227f09a3dad80f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__template" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "29.6.3", + "bom-ref": "babel-preset-jest@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@29.6.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d01ddb87147ab27597259b51fd19621d30cf4609f5b0d1ce474c95b6afc8890172b8e563152fb0ba2a3f478812364c9898a989078c0666fd8d65a9e62a64e734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "29.6.3", + "bom-ref": "babel-plugin-jest-hoist@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@29.6.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11201cfd126f193144cd1c0e4d3e3e94d0e4fc634732429b373b2f4f4a8a45f0f2c984ec931079ae75369e3203615c570811c7108d5cd18c07a1bdd6698ba33a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "ts-mocha", + "version": "10.0.0", + "bom-ref": "ts-mocha@10.0.0", + "author": "Piotr Witek", + "description": "Mocha thin wrapper that allows running TypeScript tests with TypeScript runtime (ts-node) to get rid of compilation complexity", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-mocha@10.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/piotrwitek/ts-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-mocha/-/ts-mocha-10.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5517e00cefa28ae24594d075f2dcce7f2a49db5c67db16ee6720ef26faa94db5a0900803d7b38d1abf2df9397cadc06d3817635e9e5efd193e777f5fed704747" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ts-node", + "version": "7.0.1", + "bom-ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@7.0.1", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "055c156cf251b29ccd876c9fb25c93d4f49b979b88934dc46656f8f7744a1cde2a7a3fc3d3a9f570486394e246ebda05b04ece4fc5e3a5351c61fea92932cc87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/ts-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arrify", + "version": "1.0.1", + "bom-ref": "ts-mocha@10.0.0|arrify@1.0.1", + "author": "Sindre Sorhus", + "description": "Convert a value to an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arrify@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/arrify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/arrify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/arrify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc26337b1f4cf451908c218c1b28baff7d5cf0625b81bd2a1b2af1e475b13ddd1a0b0878701d988cc6f65dff54ba8a20accae53bd713aa7079ac8e461d94dc50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/arrify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "3.5.0", + "bom-ref": "ts-mocha@10.0.0|diff@3.5.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@3.5.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "038eaab4581dfa0ee90d98a7a67c22449b716c2d61a607f4bb33f7886f3db1c1e4d00502ec0d531b17f93a288e52ffc931947c18eb7c84bf74d215746cecb9c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "0.5.6", + "bom-ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "author": "James Halliday", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@0.5.6", + "externalReferences": [ + { + "url": "git+https://github.com/substack/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14ffa9f1107c396a45dd86410ab3f982d0039ad5c0a41e4030b9febddc80f8fcb10a3ac2b34d268f2528cecb0edf77300de4f7c0d19d2f127933ffd8aad1c027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "2.0.0", + "bom-ref": "ts-mocha@10.0.0|yn@2.0.0", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b93bfc27fc225938144e0fbdbcb4e2fff95e525e6f0d04baba28bf7a67936f6b2c63bbe5e9059fd9f15b2081a39e18ef6dd2a553479ded03e063586d4c2f3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/yn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "buffer-from", + "version": "1.1.2", + "bom-ref": "buffer-from@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer-from@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/LinusU/buffer-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/LinusU/buffer-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/LinusU/buffer-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "13e5d0091c126da6a20a1b6fea4e83c2073e6f1f81b3abee2891c7979928c7f05a29b8625f3a903b02b870edb6c84946a763829a3c15853dc79b18323c69c97d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-from" + } + ] + }, + { + "type": "library", + "name": "tsconfig-paths", + "version": "3.15.0", + "bom-ref": "tsconfig-paths@3.15.0", + "author": "Jonas Kello", + "description": "Load node modules according to tsconfig paths, in run-time or via API.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsconfig-paths@3.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/dividab/tsconfig-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80736460cc37bf727e3c1af39edccfa8f36a4415ec03dd43dbca85071dd29ab07c092a376ce1f2d759ffd4c799004c128ddb4a1a146bbe8db125a75a68b349a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "json5", + "version": "1.0.2", + "bom-ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "author": "Aseem Kishore", + "description": "JSON for humans.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83531630b062cfc14a8b57b8c3453254bdf0fa225c7960050406819e718a3a935ae5ff132e4b646eb7b5facea8202c9d5809be1d15064e623efffc6fda1bd760" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "3.0.0", + "bom-ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdabc03115ce80154d17a9f210498bdc304ad7d891a437282305beb3043e09b1a2bbb963bbab7e264940d4c1f07a85ad69d82de0849552c5cbc83ab7e1d75cc0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/strip-bom" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "json5", + "group": "@types", + "version": "0.0.29", + "bom-ref": "@types/json5@0.0.29", + "author": "Jason Swearingen", + "description": "TypeScript definitions for JSON5", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json5@0.0.29", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7512e30961d8838a1a03bedcc4eeb8a0efbb2700b09c8ce464f76bac2ef58d0990b6584ce79ea9c0aa396d4ceabd99dd9156de14b2088bef530b8d09345e6135" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "group": "@cspotcode", + "version": "0.8.1", + "bom-ref": "@cspotcode/source-map-support@0.8.1", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40cspotcode/source-map-support@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21c84d7fa74de2d1e8305227ffb384f0b599d7d63aabfebb0667fabe719112ff1149b0556fd2cf27111c9f0adcc17ea2c52bda886a2898052fbb8612c57ad583" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support" + } + ], + "components": [ + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.9", + "bom-ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.9", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc17a5b7ab5d73c6cf800b5b72676d349962ad5a139846f97b6802f783e7930116f6323a0801d47a81bce6d8d63f95aabaa7dabe832d330886e0ff76e9928ab9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support/node_modules/@jridgewell/trace-mapping" + } + ] + } + ] + }, + { + "type": "library", + "name": "node10", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node10@1.0.11", + "description": "A base TSConfig for working with Node 10.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node10@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0dc4630c2ba32bf90293f7147bc5f3f194a99bc992de634da6d6be8c6080e944840df92d94dbe6d7e22e67d7937036cd938d411f0a471de5be37594a0b3e333b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node10" + } + ] + }, + { + "type": "library", + "name": "node12", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node12@1.0.11", + "description": "A base TSConfig for working with Node 12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node12@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72a79fb91b21d76a56c86b08a0128903d96e16ede6471080f8e459bc0e24b4b4b322e094b56571188b978a01303b9ff2c1614c67640418a5af9191b5cc33136a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node12" + } + ] + }, + { + "type": "library", + "name": "node14", + "group": "@tsconfig", + "version": "1.0.3", + "bom-ref": "@tsconfig/node14@1.0.3", + "description": "A base TSConfig for working with Node 14.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node14@1.0.3#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cac4fc9a1762c562ba1f0de2d55d80791a99e567d78351b8de6aa86253369dceb7f3c16ae63717cabe6646ca9588bc7f18961da0bd1b7d70fc9e617e667fc8a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node14" + } + ] + }, + { + "type": "library", + "name": "node16", + "group": "@tsconfig", + "version": "1.0.4", + "bom-ref": "@tsconfig/node16@1.0.4", + "description": "A base TSConfig for working with Node 16.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node16@1.0.4#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf1854cb827c9727b28a71fb033975a5d778dc6261647fed3f6c1e37c4e7b506e5398f80d176d3f03264d7fa023ee38eca0fc96bbe7bac6d028077160bc39f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node16" + } + ] + }, + { + "type": "library", + "name": "acorn-walk", + "version": "8.3.2", + "bom-ref": "acorn-walk@8.3.2", + "description": "ECMAScript (ESTree) AST walker", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-walk@8.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "723932bf83ad34221eaa11eb7d2f354165e80813c4c51fc9eb6a3212a7a9570f16690792aa95b6ba1b8b3e1d66f5e5a10ee3a8fe35175539627ef7ac396a7fe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-walk" + } + ] + }, + { + "type": "library", + "name": "create-require", + "version": "1.1.1", + "bom-ref": "create-require@1.1.1", + "description": "Polyfill for Node.js module.createRequire (<= v12.2.0)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-require@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/nuxt-contrib/create-require.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "75c2855f78e7d0ca486978e2b2846f7b12095442b36aaef3dab64ac5ff8c4abf5391d9879ac5389b695c2e88eb8ff14797c9a4e55c4c99803e7ed4643ffde829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-require" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "4.0.2", + "bom-ref": "diff@4.0.2", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@4.0.2", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c966c4a480e013722f3f871cc53394e129834f4557e7afe9931edef262860771ce073067c5681043e600b0991bd2e6a9f56834c30aa6db48613546eae0d8ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache-lib", + "version": "3.0.1", + "bom-ref": "v8-compile-cache-lib@3.0.1", + "author": "Andrew Bradley", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache-lib@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/v8-compile-cache-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1aed88f25067cd667808fefb4ad141c037e9600c2c413c2ca55571a9d33bb9f45cf96a21ad3576aadc3848a2fd3adcca2b07e55fb9f2e1dc9945d8a7532b7c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache-lib" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "3.1.1", + "bom-ref": "yn@3.1.1", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "531e328065acbb673b8ac1567bc62ed5896e266a95871a8ad9c2d735003901c0b741f6c636933b7eed18f1bff3d7aa572e7171658bd685dddf84163d0cb982e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yn" + } + ] + }, + { + "type": "library", + "name": "tsimportlib", + "version": "0.0.5", + "bom-ref": "tsimportlib@0.0.5", + "author": "Andrew Bradley", + "purl": "pkg:npm/tsimportlib@0.0.5", + "externalReferences": [ + { + "url": "https://github.com/cspotcode/tsimportlib", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/tsimportlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsimportlib/-/tsimportlib-0.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9642ffc2dd80783f08fbed9d8794e45fcb912c58771262deba55094c334c5988a5f0b687b54b17e9ce61d7eb6b1d260cd4e9eb2b046b72448971e8ed8e14fad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsimportlib" + } + ] + }, + { + "type": "library", + "name": "colors", + "group": "@colors", + "version": "1.6.0", + "bom-ref": "@colors/colors@1.6.0", + "author": "DABH", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40colors/colors@1.6.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/DABH/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DABH/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DABH/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@colors/colors/-/colors-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "22bf803a26eaceb22c2fa6a3b77473dcbb2407b3a23151ea96d666b296d6fd326e4d5bb238c8ab56a0248df63a2484a22c783236a89c002f00c871c6ccd77f74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@colors/colors" + } + ] + }, + { + "type": "library", + "name": "diagnostics", + "group": "@dabh", + "version": "2.0.3", + "bom-ref": "@dabh/diagnostics@2.0.3", + "author": "Arnout Kazemier", + "description": "Tools for debugging your node.js modules and event loop", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40dabh/diagnostics@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/diagnostics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@dabh/diagnostics/-/diagnostics-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "86b9503888bb8407f3b0caa519217256e72bc77f0efa3eb088639ffff1f679cbc812a60de000c1492da22cc879505c83ba708d9e25083e4feadeb885bf8e7144" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@dabh/diagnostics" + } + ] + }, + { + "type": "library", + "name": "colorspace", + "version": "1.1.4", + "bom-ref": "colorspace@1.1.4", + "author": "Arnout Kazemier", + "description": "Generate HEX colors for a given namespace.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colorspace@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/colorspace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colorspace/-/colorspace-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "060bca262b95bb58a00541769048d10995e897ac228866d8e62a4bfe854fc26d012fdb08a4c23333c20aeefc2ec48233397315dc4cb9c3ebf1866d2b47f4cdf3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace" + } + ], + "components": [ + { + "type": "library", + "name": "color", + "version": "3.2.1", + "bom-ref": "colorspace@1.1.4|color@3.2.1", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68197b75923d10d37a7d4182ee65a93133cd1e659448d6a7f6db9637a6a187964b364f5b68b24e9d2325ad090772b7c5833dbf462823515023771dfa55c7a628" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "colorspace@1.1.4|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "colorspace@1.1.4|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-name" + } + ] + } + ] + }, + { + "type": "library", + "name": "text-hex", + "version": "1.0.0", + "bom-ref": "text-hex@1.0.0", + "author": "Arnout Kazemier", + "description": "Generate a hex color from the given text", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-hex@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/text-hex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-hex/-/text-hex-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae546356ce0278ca145a3528ae6cf63b3a3212c38b30e04e54bf4c1b8e9f8ecdc6e6554febb13f2e8e07172619fdca9cec82be6f973a4fa8ff8c04129c1af6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-hex" + } + ] + }, + { + "type": "library", + "name": "enabled", + "version": "2.0.0", + "bom-ref": "enabled@2.0.0", + "author": "Arnout Kazemier", + "description": "Check if a certain debug flag is enabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enabled@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/enabled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enabled/-/enabled-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00aacdf7c92ec0eccc21d022cd7188f3a505068a36e822f6d5433beb7cb587f18c489e3f38753d936625b26069c92705a3fc1b2f35902413025b8f883b7ffe39" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enabled" + } + ] + }, + { + "type": "library", + "name": "kuler", + "version": "2.0.0", + "bom-ref": "kuler@2.0.0", + "author": "Arnout Kazemier", + "description": "Color your terminal using CSS/hex color codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kuler@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/kuler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kuler/-/kuler-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eaf671fb2a559999702da1d5c30d113bbece8353581353ccd80c70e258b4a2a78e44830ab7a652c7ccf9f6ecd82fccbdabd4b30f0b5bddaa1f7cb10c6daa3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kuler" + } + ] + }, + { + "type": "library", + "name": "logform", + "version": "2.6.0", + "bom-ref": "logform@2.6.0", + "author": "Charlie Robbins", + "description": "An mutable object-based log format designed for chaining & objectMode streams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/logform@2.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/logform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/logform#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/logform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/logform/-/logform-2.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6e94778d3e9ea4fcb0fc1fdd68ed56050678398b504313b1e82b155b66218589d4b5463eb9a9ccb02f15fea557c03e840912345dbca72eb0ac0eba91c254e55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/logform" + } + ] + }, + { + "type": "library", + "name": "fecha", + "version": "4.2.3", + "bom-ref": "fecha@4.2.3", + "author": "Taylor Hakes", + "description": "Date formatting and parsing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fecha@4.2.3", + "externalReferences": [ + { + "url": "git+https://taylorhakes@github.com/taylorhakes/fecha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/taylorhakes/fecha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/taylorhakes/fecha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fecha/-/fecha-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38fd88514e877982898b78b4cf8035f641cc4282d5b381dcf833eaab123687f0cf6474e6fef8ec7c2e8fd1be2308ccb5e178b32c1aaf9dd43e522943efbd3b27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fecha" + } + ] + }, + { + "type": "library", + "name": "safe-stable-stringify", + "version": "2.4.3", + "bom-ref": "safe-stable-stringify@2.4.3", + "author": "Ruben Bridgewater", + "description": "Deterministic and safely JSON.stringify to quickly serialize JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-stable-stringify@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/BridgeAR/safe-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b66c30365894f4c31b1e55de25b033f8fb738d5fa1e931741ad5984543b494f868ef3910a64a16c2325b6bb480df9188551eb39c3ed8fe2a198305d3dd643d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "version": "1.4.1", + "bom-ref": "triple-beam@1.4.1", + "author": "Charlie Robbins", + "description": "Definitions of levels for logging purposes & shareable Symbol constants.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/triple-beam@1.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/triple-beam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/triple-beam/-/triple-beam-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6996e056266b83540d706f8b50b6bb9e16692536522e6fe65e71d79db01b8e63796926b4cbb57ec2fbfafb859a06da48489cd384acbe3c83f173536ad4427d9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/triple-beam" + } + ] + }, + { + "type": "library", + "name": "one-time", + "version": "1.0.0", + "bom-ref": "one-time@1.0.0", + "author": "Arnout Kazemier", + "description": "Run the supplied function exactly one time (once)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/one-time@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/one-time.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/one-time/-/one-time-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e435ce8912b0b9211c43f974906085e90de37000c5bf9b52991689724fceaa454570eceeb41d77e0a4527c5d310eb2f7f4c367ab16c705b51472364885381bda" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/one-time" + } + ] + }, + { + "type": "library", + "name": "fn.name", + "version": "1.1.0", + "bom-ref": "fn.name@1.1.0", + "author": "Arnout Kazemier", + "description": "Extract names from functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fn.name@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/fn.name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fn.name/-/fn.name-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1919e607980fc89a4085341d4994d2a7db9a3d2be5d3d2a861c310b6c07dad0a0e9b3b3d747e9f7de71c1fe67e72fe8febc1eee5b0ba263461e0087f98748d47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fn.name" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.3.0", + "bom-ref": "string_decoder@1.3.0", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "864457f14d568c915df0bb03276c90ff0596c5aa2912c0015355df90cf00fa3d3ef392401a9a6dd7a72bd56860e8a21b6f8a2453a32a97a04e8febaea7fc0a78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "stack-trace", + "version": "0.0.10", + "bom-ref": "stack-trace@0.0.10", + "author": "Felix Geisendörfer", + "description": "Get v8 stack traces as an array of CallSite objects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-trace@0.0.10", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-stack-trace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-trace/-/stack-trace-0.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "286cda85cee9b942a4cf232df88a807a9f9354d6ca3fe9362e6c21b9bdfd9b502c4d291a0eeb71e7a6830a8f872c3cdffc3dba0481d32563624c6d4a0098900a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-trace" + } + ] + }, + { + "type": "library", + "name": "winston-transport", + "version": "4.7.0", + "bom-ref": "winston-transport@4.7.0", + "author": "Charlie Robbins", + "description": "Base stream implementations for winston@3 and up.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston-transport@4.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/winstonjs/winston-transport.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston-transport/-/winston-transport-4.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a3063eb92b923b75e9f37abd88616ebed9b34856a2c60c7a83c373b0f0e861faf756fabbf8319e9e883bc7a0a85f2456766aec8df1bc9789e0c327de9588e36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston-transport" + } + ] + }, + { + "type": "library", + "name": "xlsx-populate", + "version": "1.21.0", + "bom-ref": "xlsx-populate@1.21.0", + "author": "Dave T. Johnson", + "description": "Excel XLSX parser/generator written in JavaScript with Node.js and browser support, jQuery/d3-style method chaining, and a focus on keeping existing workbook features and styles in tact.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xlsx-populate@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/dtjohnson/xlsx-populate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xlsx-populate/-/xlsx-populate-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2fd869bc05e857a3a2d4eca4fcd364285d33e4618d522a4e55f20fd4b98667341dc9cd7aae77f3fdf4fc6bdb25de2b2b7eb0a9426ad9a2773ea340d89ed6147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate" + } + ], + "components": [ + { + "type": "library", + "name": "sax", + "version": "1.3.0", + "bom-ref": "xlsx-populate@1.21.0|sax@1.3.0", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2cfa8026c3dccb975575712f41b5937b240774716e5ed101f85b72d610ae9ae0b68b100d8e4e919858363ee976ac04bb73eb0926deed71470f79991b89e7d58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate/node_modules/sax" + } + ] + } + ] + }, + { + "type": "library", + "name": "cfb", + "version": "1.2.2", + "bom-ref": "cfb@1.2.2", + "author": "sheetjs", + "description": "Compound File Binary File Format extractor", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/cfb@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-cfb.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-cfb/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "29f75466c48ec35f7f39b1166acbc13ff01ce2b799bc019ab9986ce92fe0a8d857848edc2b0be51fbba58fe74e1189dc6b86e6e121a8f02d5b4c042f9d38e040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cfb" + } + ] + }, + { + "type": "library", + "name": "adler-32", + "version": "1.3.1", + "bom-ref": "adler-32@1.3.1", + "author": "sheetjs", + "description": "Pure-JS ADLER-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/adler-32@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-adler32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/opensource", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-adler32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca7678c3f9d452fe6baec47c5141a87b5542f61663e95e6153d430d4794c0c9184270e52ed37d312b5938cccace8ceefaf461670faacdea02be2cb349c37cff8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/adler-32" + } + ] + }, + { + "type": "library", + "name": "crc-32", + "version": "1.2.2", + "bom-ref": "crc-32@1.2.2", + "author": "sheetjs", + "description": "Pure-JS CRC-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/crc-32@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44e9b308aad39cec326cf709029000e960568a3db71d57c654d2aaaab669bb264e1ea2b60b01d2be91aecadfd434dbda22311df17e48146a78321f887b520725" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/crc-32" + } + ] + }, + { + "type": "library", + "name": "jszip", + "version": "3.10.1", + "bom-ref": "jszip@3.10.1", + "author": "Stuart Knightley", + "description": "Create, read and edit .zip files with JavaScript http://stuartk.com/jszip", + "licenses": [ + { + "expression": "(MIT OR GPL-3.0-or-later)" + } + ], + "purl": "pkg:npm/jszip@3.10.1", + "externalReferences": [ + { + "url": "git+https://github.com/Stuk/jszip.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Stuk/jszip#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Stuk/jszip/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c570ef79cc93a462eba85aef92b512a31c5f248e401fb53ccf1c6d55c969b14b4c0aae09436f742d8f005b973b1a09ebfd8fe82be6d031ba8adaa9ad937a4de2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip" + } + ], + "components": [ + { + "type": "library", + "name": "readable-stream", + "version": "2.3.8", + "bom-ref": "jszip@3.10.1|readable-stream@2.3.8", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@2.3.8", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f29d00524e173838087b04a2d25f04a63b3e1159d688aecda03204194d07844efe67263c0f520c63ba1dbb9951ac55c683bd4bd79286f10acf9ae9b8e514ed74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.1.2", + "bom-ref": "jszip@3.10.1|safe-buffer@5.1.2", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.1.2", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19dd94641243917958ec66c9c5fb04f3f9ef2a45045351b7f1cd6c88de903fa6bd3d3f4c98707c1a7a6c71298c252a05f0b388aedf2e77fc0fb688f2b381bafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.1.1", + "bom-ref": "jszip@3.10.1|string_decoder@1.1.1", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ff4a19ef0e2e851db6d57ef8aba3e5a88e2173bfeb3c30f30705ccd578f7d4a4324bc282d3d21b759786300426e2f29240bde104767907c8fc933ff9b345fc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/string_decoder" + } + ] + } + ] + }, + { + "type": "library", + "name": "lie", + "version": "3.3.0", + "bom-ref": "lie@3.3.0", + "description": "A basic but performant promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lie@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/lie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51a88c27379646512e8f302ec392e8918d4be5e70d41864a7e6c99f4bef00c76ffa797ad29ac5786884172bc341186f2f86fcd039daf452378377f5dc47008c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lie" + } + ] + }, + { + "type": "library", + "name": "immediate", + "version": "3.0.6", + "bom-ref": "immediate@3.0.6", + "description": "A cross browser microtask library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/immediate@3.0.6", + "externalReferences": [ + { + "url": "git://github.com/calvinmetcalf/immediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d7385b72a838cd0c043155f631b85ee0f4897f21b5a69a5420d8c60a387f04c484f5aa0eb1738cf24b71da10401382cd5bb5fcf1ab5e5c894898ee08d25d119" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/immediate" + } + ] + }, + { + "type": "library", + "name": "pako", + "version": "1.0.11", + "bom-ref": "pako@1.0.11", + "description": "zlib port to javascript - fast, modularized, with browser support", + "licenses": [ + { + "expression": "(MIT AND Zlib)" + } + ], + "purl": "pkg:npm/pako@1.0.11", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/pako.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/pako", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/pako/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e212c1f0fcb8cd971ee6ce3277d5f3a29ab056fff218d855d4197c353982ab5efadc778adbe130553bfe95e19e2f5dc39e1db07dbaa8c153d70883b4cf8b5a63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pako" + } + ] + }, + { + "type": "library", + "name": "core-util-is", + "version": "1.0.3", + "bom-ref": "core-util-is@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "The `util.is*` functions introduced in Node v0.12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-util-is@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/core-util-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/core-util-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/core-util-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65006f8b50dca49e060ea6a78ee719d878f7c043b9a590d2f3d0566e472bbddc64b09a2bc140c365a997f65745929f5ac369660432e090e6c40380d6349f4561" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-util-is" + } + ] + }, + { + "type": "library", + "name": "isarray", + "version": "1.0.0", + "bom-ref": "isarray@1.0.0", + "author": "Julian Gruber", + "description": "Array#isArray for older browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/isarray@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/isarray.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/isarray", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/isarray/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54b82121634ce842d0ce8ef3c26720d0d99357258a623bc878cf37ca3a74c110d39949eb33aefc7d06dc281a3a9f6089105d2cce81bfff2b60f932a56bcf402d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isarray" + } + ] + }, + { + "type": "library", + "name": "process-nextick-args", + "version": "2.0.1", + "bom-ref": "process-nextick-args@2.0.1", + "description": "process.nextTick but always with args", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/process-nextick-args@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/process-nextick-args.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de8b943a9421b60adb39ad7b27bfaec4e4e92136166863fbfc0868477f80fbfd5ef6c92bcde9468bf757cc4632bdbc6e6c417a5a7db2a6c7132a22891459f56a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/process-nextick-args" + } + ] + }, + { + "type": "library", + "name": "setimmediate", + "version": "1.0.5", + "bom-ref": "setimmediate@1.0.5", + "author": "YuzuJS", + "description": "A shim for the setImmediate efficient script yielding API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/setimmediate@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/YuzuJS/setImmediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3004c9759a7cb0ba8397febc2df4266cff3328f2d0355e81219a0882bb1c14343e46cbcafc1c5e0d03a0cb128aa21d32ffc87706a5459c2a90fe077eade8885c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setimmediate" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.2.1", + "bom-ref": "sax@1.2.1", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d9adcba2f1d33a99bb355e723b23bc207aa056c7cae3e52ec92ad753c617912457ee4ea1095f5bdc7ae4282af79cca608fed1b9a871a2495a9be9d6873b64" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "xmlbuilder", + "version": "11.0.1", + "bom-ref": "xmlbuilder@11.0.1", + "author": "Ozgur Ozcitak", + "description": "An XML builder for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlbuilder@11.0.1", + "externalReferences": [ + { + "url": "git://github.com/oozcitak/xmlbuilder-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c396c23f905131ee02ef6de71cd3fa212c6e747ee810a7caf21f3313b96f6f49ad462745d858a9e1b14c7ba227b71bdf3eaf9e9a4d0214078921b78d91dc9bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlbuilder" + } + ] + }, + { + "type": "library", + "name": "zip-lib", + "version": "1.0.4", + "bom-ref": "zip-lib@1.0.4", + "author": "fpsqdb", + "description": "zip and unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/zip-lib@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/fpsqdb/zip-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/zip-lib/-/zip-lib-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b5cc0c2d4b13fddc60110330c685add0148fdd054af6f57faf0ece46452f1ba4045bc1a06550d3873844f050de44e0f4beb306f500c52eb789f5e4ce61ce7a4f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/zip-lib" + } + ] + }, + { + "type": "library", + "name": "yauzl", + "version": "3.1.3", + "bom-ref": "yauzl@3.1.3", + "author": "Josh Wolfe", + "description": "yet another unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yauzl@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yauzl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yauzl/-/yauzl-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "24209d9a52495afecbd2afcaca539e93245a52b744a14c5691655c828ae8b1344e0855a24bda7634d3c4f586fdd5a93b6f53794b1019125896a6ca5b65c722bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yauzl" + } + ] + }, + { + "type": "library", + "name": "buffer-crc32", + "version": "0.2.13", + "bom-ref": "buffer-crc32@0.2.13", + "author": "Brian J. Brennan", + "description": "A pure javascript CRC32 algorithm that plays nice with binary data", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/brianloveswords/buffer-crc32/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/buffer-crc32@0.2.13", + "externalReferences": [ + { + "url": "git://github.com/brianloveswords/buffer-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54ef47b7ffa9dd237b48a5aa72b804ce319b4522584f1f90d694d00b4c2b5aa1f1d2fa49ada43a1ad1f1f2dbdc835ae52b56f2854e6071cc603a08fb0744c391" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-crc32" + } + ] + }, + { + "type": "library", + "name": "pend", + "version": "1.2.0", + "bom-ref": "pend@1.2.0", + "author": "Andrew Kelley", + "description": "dead-simple optimistic async helper", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pend@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/andrewrk/node-pend.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andrewrk/node-pend#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andrewrk/node-pend/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1776acbf8d94b97721773b7ec57a9f5b538695505efa6c5ada6a88d29839c801d93ef16663763a76b49ffc643503ce9681610df4ace1fd6ae029aea219c1d72e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pend" + } + ] + }, + { + "type": "library", + "name": "yazl", + "version": "2.5.1", + "bom-ref": "yazl@2.5.1", + "author": "Josh Wolfe", + "description": "yet another zip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yazl@2.5.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yazl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yazl/-/yazl-2.5.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6110d8b63cb8879c76fa401568b7e7499da019d31a2c8fba777d697ece7223043967308d8fb19089677d3a04f4c539a1dfe6a743108f31e6a16b48e04de6faf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yazl" + } + ] + } + ], + "dependencies": [ + { + "ref": "@mitre/saf@1.4.7", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@aws-sdk/client-securityhub@3.590.0", + "@e965/xlsx@0.20.1", + "@mitre/emass_client@3.10.0", + "@mitre/hdf-converters@2.10.8", + "@mitre/heimdall-lite@2.10.9", + "@mitre/inspec-objects@1.0.1", + "@oclif/core@3.26.9", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-plugins@5.2.2", + "@oclif/plugin-version@2.2.2", + "@oclif/plugin-warn-if-update-available@3.1.4", + "@oclif/test@3.2.15", + "@smithy/node-http-handler@3.0.0", + "@types/chai@4.3.14", + "@types/express@4.17.21", + "@types/flat@5.0.5", + "@types/fs-extra@11.0.4", + "@types/get-installed-path@4.0.3", + "@types/jest@29.5.12", + "@types/js-yaml@4.0.9", + "@types/lodash@4.17.4", + "@types/mocha@10.0.6", + "@types/mock-fs@4.13.4", + "@types/mustache@4.2.5", + "@types/node@20.14.1", + "@types/objects-to-csv@1.3.3", + "@types/prompt-sync@4.2.3", + "@types/tmp@0.2.6", + "@types/uuid@9.0.8", + "@types/xml2js@0.4.14", + "@typescript-eslint/eslint-plugin@7.12.0", + "accurate-search@1.2.15", + "ajv@8.16.0", + "axios@1.7.2", + "chai@4.4.1", + "colors@1.4.0", + "csv-parse@4.16.3", + "dotenv@16.4.5", + "eslint-config-oclif-typescript@1.0.3", + "eslint-config-oclif@4.0.0", + "eslint-plugin-unicorn@52.0.0", + "eslint@8.57.0", + "express@4.19.2", + "fast-xml-parser@4.4.0", + "flat@5.0.2", + "form-data@4.0.0", + "fs-extra@11.2.0", + "get-installed-path@4.0.8", + "htmlparser2@9.1.0", + "https@1.0.0", + "inquirer-file-tree-selection-prompt@2.0.2", + "inquirer@8.0.0", + "inspecjs@2.10.8", + "jest-mock@29.7.0", + "jest@29.7.0", + "js-yaml@4.1.0", + "json-colorizer@2.2.2", + "lodash@4.17.21", + "markdown-diff@2.0.0", + "markdown-table-ts@1.0.3", + "marked@12.0.2", + "mocha@10.4.0", + "mock-fs@5.2.0", + "moment@2.30.1", + "mustache@4.2.0", + "objects-to-csv@1.3.6", + "oclif@4.13.0", + "open@10.1.0", + "prompt-sync@4.2.0", + "run-script-os@1.1.6", + "table@6.8.2", + "tmp@0.2.3", + "ts-jest@29.1.4", + "ts-mocha@10.0.0", + "ts-node@10.9.2", + "tsimportlib@0.0.5", + "tslib@2.6.3", + "typescript@5.1.6", + "uuid@9.0.1", + "winston@3.13.0", + "xlsx-populate@1.21.0", + "xml2js@0.6.2", + "yaml@2.4.3", + "zip-lib@1.0.4" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0", + "dependsOn": [ + "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/util@3.0.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/util@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/util@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/types@3.577.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-utf8-browser@3.259.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-locate-window@3.535.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "tslib@2.6.3" + }, + { + "ref": "@aws-sdk/middleware-host-header@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-logger@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/config-resolver@3.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/core@2.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/fetch-http-handler@3.0.1", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/invalid-dependency@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-content-length@3.0.0", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-endpoint@3.0.1", + "dependsOn": [ + "@smithy/middleware-serde@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-retry@3.0.3", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/service-error-classification@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "tslib@2.6.3", + "uuid@9.0.1" + ] + }, + { + "ref": "@smithy/middleware-serde@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-stack@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-config-provider@3.1.0", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-http-handler@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/protocol-http@4.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/smithy-client@3.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-stack@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/types@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/url-parser@3.0.0", + "dependsOn": [ + "@smithy/querystring-parser@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-base64@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-browser@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-node@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-browser@3.0.3", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-node@3.0.3", + "dependsOn": [ + "@smithy/config-resolver@3.0.1", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-endpoints@2.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-middleware@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-retry@3.0.0", + "dependsOn": [ + "@smithy/service-error-classification@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-utf8@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/signature-v4@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/is-array-buffer@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-hex-encoding@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-uri-escape@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "strnum@1.0.5" + }, + { + "ref": "@smithy/property-provider@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-stream@3.0.1", + "dependsOn": [ + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/credential-provider-imds@3.1.0", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/shared-ini-file-loader@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-config-provider@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "bowser@2.11.0" + }, + { + "ref": "@smithy/querystring-builder@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-buffer-from@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/service-error-classification@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0" + ] + }, + { + "ref": "uuid@9.0.1" + }, + { + "ref": "@smithy/querystring-parser@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@e965/xlsx@0.20.1" + }, + { + "ref": "@mitre/emass_client@3.10.0", + "dependsOn": [ + "@mitre/emass_client@3.10.0|axios@0.21.4" + ] + }, + { + "ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "dependsOn": [ + "follow-redirects@1.15.6" + ] + }, + { + "ref": "follow-redirects@1.15.6" + }, + { + "ref": "@mitre/hdf-converters@2.10.8", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@e965/xlsx@0.20.1", + "@mdi/js@7.4.47", + "@mitre/jsonix@3.0.7", + "@smithy/node-http-handler@3.0.0", + "@types/csv2json@1.4.5", + "@types/ms@0.7.34", + "@types/mustache@4.2.5", + "@types/papaparse@5.3.14", + "@types/revalidator@0.3.12", + "@types/triple-beam@1.3.5", + "@types/validator@13.12.0", + "@types/xml2js@0.4.14", + "axios@1.7.2", + "compare-versions@6.1.0", + "csv2json@2.0.2", + "fast-xml-parser@4.4.0", + "html-entities@2.5.2", + "htmlparser2@9.1.0", + "inspecjs@2.10.8", + "lodash@4.17.21", + "moment@2.30.1", + "ms@2.1.3", + "mustache@4.2.0", + "papaparse@5.4.1", + "revalidator@0.3.1", + "run-script-os@1.1.6", + "semver@7.6.2", + "tailwindcss@3.4.3", + "tw-elements@1.1.0", + "validator@13.12.0", + "winston@3.13.0", + "xml-formatter@3.6.2", + "xml-parser-xo@4.1.1", + "xml2js@0.6.2", + "yaml@2.4.3" + ] + }, + { + "ref": "@mdi/js@7.4.47" + }, + { + "ref": "@mitre/jsonix@3.0.7", + "dependsOn": [ + "@xmldom/xmldom@0.8.10", + "amdefine@0.0.4", + "xmlhttprequest@1.8.0" + ] + }, + { + "ref": "@xmldom/xmldom@0.8.10" + }, + { + "ref": "amdefine@0.0.4" + }, + { + "ref": "xmlhttprequest@1.8.0" + }, + { + "ref": "@types/csv2json@1.4.5", + "dependsOn": [ + "@types/pumpify@1.4.4" + ] + }, + { + "ref": "@types/pumpify@1.4.4", + "dependsOn": [ + "@types/duplexify@3.6.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/duplexify@3.6.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/node@20.14.1", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/ms@0.7.34" + }, + { + "ref": "@types/mustache@4.2.5" + }, + { + "ref": "@types/papaparse@5.3.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/revalidator@0.3.12" + }, + { + "ref": "@types/triple-beam@1.3.5" + }, + { + "ref": "@types/validator@13.12.0" + }, + { + "ref": "@types/xml2js@0.4.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "axios@1.7.2", + "dependsOn": [ + "follow-redirects@1.15.6", + "form-data@4.0.0", + "proxy-from-env@1.1.0" + ] + }, + { + "ref": "compare-versions@6.1.0" + }, + { + "ref": "csv2json@2.0.2", + "dependsOn": [ + "csv-parser@2.3.5", + "exec-promise@0.7.0", + "minimist@1.2.8", + "promise-toolbox@0.14.0", + "pump@3.0.0", + "pumpify@2.0.1", + "strip-bom-stream@4.0.0", + "through2@3.0.2" + ] + }, + { + "ref": "csv-parser@2.3.5", + "dependsOn": [ + "minimist@1.2.8", + "through2@3.0.2" + ] + }, + { + "ref": "minimist@1.2.8" + }, + { + "ref": "through2@3.0.2", + "dependsOn": [ + "inherits@2.0.4", + "readable-stream@3.6.2" + ] + }, + { + "ref": "exec-promise@0.7.0", + "dependsOn": [ + "log-symbols@1.0.2" + ] + }, + { + "ref": "log-symbols@1.0.2", + "dependsOn": [ + "log-symbols@1.0.2|chalk@1.1.3" + ] + }, + { + "ref": "log-symbols@1.0.2|chalk@1.1.3", + "dependsOn": [ + "log-symbols@1.0.2|ansi-styles@2.2.1", + "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "has-ansi@2.0.0", + "log-symbols@1.0.2|strip-ansi@3.0.1", + "log-symbols@1.0.2|supports-color@2.0.0" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-styles@2.2.1" + }, + { + "ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "log-symbols@1.0.2|ansi-regex@2.1.1" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-regex@2.1.1" + }, + { + "ref": "log-symbols@1.0.2|supports-color@2.0.0" + }, + { + "ref": "has-ansi@2.0.0", + "dependsOn": [ + "has-ansi@2.0.0|ansi-regex@2.1.1" + ] + }, + { + "ref": "has-ansi@2.0.0|ansi-regex@2.1.1" + }, + { + "ref": "promise-toolbox@0.14.0", + "dependsOn": [ + "make-error@1.3.6" + ] + }, + { + "ref": "make-error@1.3.6" + }, + { + "ref": "pump@3.0.0", + "dependsOn": [ + "end-of-stream@1.4.4", + "once@1.4.0" + ] + }, + { + "ref": "end-of-stream@1.4.4", + "dependsOn": [ + "once@1.4.0" + ] + }, + { + "ref": "once@1.4.0", + "dependsOn": [ + "wrappy@1.0.2" + ] + }, + { + "ref": "pumpify@2.0.1", + "dependsOn": [ + "duplexify@4.1.3", + "inherits@2.0.4", + "pump@3.0.0" + ] + }, + { + "ref": "duplexify@4.1.3", + "dependsOn": [ + "end-of-stream@1.4.4", + "inherits@2.0.4", + "readable-stream@3.6.2", + "stream-shift@1.0.3" + ] + }, + { + "ref": "inherits@2.0.4" + }, + { + "ref": "readable-stream@3.6.2", + "dependsOn": [ + "inherits@2.0.4", + "string_decoder@1.3.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "stream-shift@1.0.3" + }, + { + "ref": "strip-bom-stream@4.0.0", + "dependsOn": [ + "first-chunk-stream@3.0.0", + "strip-bom-buf@2.0.0" + ] + }, + { + "ref": "first-chunk-stream@3.0.0" + }, + { + "ref": "strip-bom-buf@2.0.0", + "dependsOn": [ + "is-utf8@0.2.1" + ] + }, + { + "ref": "is-utf8@0.2.1" + }, + { + "ref": "fast-xml-parser@4.4.0", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "html-entities@2.5.2" + }, + { + "ref": "htmlparser2@9.1.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "domutils@3.1.0", + "entities@4.5.0" + ] + }, + { + "ref": "inspecjs@2.10.8" + }, + { + "ref": "lodash@4.17.21" + }, + { + "ref": "moment@2.30.1" + }, + { + "ref": "ms@2.1.3" + }, + { + "ref": "mustache@4.2.0" + }, + { + "ref": "papaparse@5.4.1" + }, + { + "ref": "revalidator@0.3.1" + }, + { + "ref": "run-script-os@1.1.6" + }, + { + "ref": "semver@7.6.2" + }, + { + "ref": "tailwindcss@3.4.3", + "dependsOn": [ + "@alloc/quick-lru@5.2.0", + "arg@5.0.2", + "chokidar@3.5.3", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "postcss-import@15.1.0", + "postcss-js@4.0.1", + "postcss-load-config@4.0.2", + "postcss-nested@6.0.1", + "postcss-selector-parser@6.0.16", + "postcss@8.4.38", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "@alloc/quick-lru@5.2.0" + }, + { + "ref": "arg@5.0.2" + }, + { + "ref": "chokidar@3.5.3", + "dependsOn": [ + "anymatch@3.1.3", + "braces@3.0.2", + "fsevents@2.3.3", + "chokidar@3.5.3|glob-parent@5.1.2", + "is-binary-path@2.1.0", + "is-glob@4.0.3", + "normalize-path@3.0.0", + "readdirp@3.6.0" + ] + }, + { + "ref": "chokidar@3.5.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "didyoumean@1.2.2" + }, + { + "ref": "dlv@1.1.3" + }, + { + "ref": "fast-glob@3.3.2", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "@nodelib/fs.walk@1.2.8", + "fast-glob@3.3.2|glob-parent@5.1.2", + "merge2@1.4.1", + "micromatch@4.0.5" + ] + }, + { + "ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "@nodelib/fs.stat@2.0.5" + }, + { + "ref": "@nodelib/fs.walk@1.2.8", + "dependsOn": [ + "@nodelib/fs.scandir@2.1.5", + "fastq@1.17.1" + ] + }, + { + "ref": "is-glob@4.0.3", + "dependsOn": [ + "is-extglob@2.1.1" + ] + }, + { + "ref": "merge2@1.4.1" + }, + { + "ref": "micromatch@4.0.5", + "dependsOn": [ + "braces@3.0.2", + "picomatch@2.3.1" + ] + }, + { + "ref": "glob-parent@6.0.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "jiti@1.21.0" + }, + { + "ref": "lilconfig@2.1.0" + }, + { + "ref": "braces@3.0.2", + "dependsOn": [ + "fill-range@7.0.1" + ] + }, + { + "ref": "picomatch@2.3.1" + }, + { + "ref": "normalize-path@3.0.0" + }, + { + "ref": "object-hash@3.0.0" + }, + { + "ref": "picocolors@1.0.0" + }, + { + "ref": "postcss-import@15.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "postcss-value-parser@4.2.0" + }, + { + "ref": "postcss@8.4.38", + "dependsOn": [ + "nanoid@3.3.7", + "picocolors@1.0.0", + "source-map-js@1.2.0" + ] + }, + { + "ref": "read-cache@1.0.0", + "dependsOn": [ + "pify@2.3.0" + ] + }, + { + "ref": "pify@2.3.0" + }, + { + "ref": "resolve@1.22.8", + "dependsOn": [ + "is-core-module@2.13.1", + "path-parse@1.0.7", + "supports-preserve-symlinks-flag@1.0.0" + ] + }, + { + "ref": "postcss-js@4.0.1", + "dependsOn": [ + "camelcase-css@2.0.1", + "postcss@8.4.38" + ] + }, + { + "ref": "camelcase-css@2.0.1" + }, + { + "ref": "postcss-load-config@4.0.2", + "dependsOn": [ + "postcss-load-config@4.0.2|lilconfig@3.1.1", + "postcss@8.4.38", + "ts-node@10.9.2", + "yaml@2.4.3" + ] + }, + { + "ref": "postcss-load-config@4.0.2|lilconfig@3.1.1" + }, + { + "ref": "ts-node@10.9.2", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1", + "@tsconfig/node10@1.0.11", + "@tsconfig/node12@1.0.11", + "@tsconfig/node14@1.0.3", + "@tsconfig/node16@1.0.4", + "@types/node@20.14.1", + "acorn-walk@8.3.2", + "acorn@8.11.3", + "ts-node@10.9.2|arg@4.1.3", + "create-require@1.1.1", + "diff@4.0.2", + "make-error@1.3.6", + "typescript@5.1.6", + "v8-compile-cache-lib@3.0.1", + "yn@3.1.1" + ] + }, + { + "ref": "ts-node@10.9.2|arg@4.1.3" + }, + { + "ref": "yaml@2.4.3" + }, + { + "ref": "postcss-nested@6.0.1", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "postcss-selector-parser@6.0.16", + "dependsOn": [ + "cssesc@3.0.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "cssesc@3.0.0" + }, + { + "ref": "util-deprecate@1.0.2" + }, + { + "ref": "nanoid@3.3.7" + }, + { + "ref": "source-map-js@1.2.0" + }, + { + "ref": "is-core-module@2.13.1", + "dependsOn": [ + "hasown@2.0.2" + ] + }, + { + "ref": "path-parse@1.0.7" + }, + { + "ref": "supports-preserve-symlinks-flag@1.0.0" + }, + { + "ref": "sucrase@3.35.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "sucrase@3.35.0|commander@4.1.1", + "sucrase@3.35.0|glob@10.3.12", + "lines-and-columns@1.2.4", + "mz@2.7.0", + "pirates@4.0.6", + "ts-interface-checker@0.1.13" + ] + }, + { + "ref": "sucrase@3.35.0|commander@4.1.1" + }, + { + "ref": "sucrase@3.35.0|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "sucrase@3.35.0|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "sucrase@3.35.0|minipass@7.0.4" + }, + { + "ref": "@jridgewell/gen-mapping@0.3.5", + "dependsOn": [ + "@jridgewell/set-array@1.2.1", + "@jridgewell/sourcemap-codec@1.4.15", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "@jridgewell/set-array@1.2.1" + }, + { + "ref": "@jridgewell/sourcemap-codec@1.4.15" + }, + { + "ref": "@jridgewell/trace-mapping@0.3.25", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "foreground-child@3.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "foreground-child@3.1.1|signal-exit@4.1.0" + ] + }, + { + "ref": "foreground-child@3.1.1|signal-exit@4.1.0" + }, + { + "ref": "cross-spawn@7.0.3", + "dependsOn": [ + "path-key@3.1.1", + "shebang-command@2.0.0", + "which@2.0.2" + ] + }, + { + "ref": "jackspeak@2.3.6", + "dependsOn": [ + "@isaacs/cliui@8.0.2", + "@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2", + "dependsOn": [ + "string-width@4.2.3", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.5h3h9846p8.g5nk6qdc128", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "wrap-ansi@7.0.0", + "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "eastasianwidth@0.2.0", + "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1" + }, + { + "ref": "string-width@4.2.3", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "emoji-regex@8.0.0" + }, + { + "ref": "is-fullwidth-code-point@3.0.0" + }, + { + "ref": "strip-ansi@6.0.1", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "ansi-regex@5.0.1" + }, + { + "ref": "wrap-ansi@7.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-styles@4.3.0", + "dependsOn": [ + "color-convert@2.0.1" + ] + }, + { + "ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@pkgjs/parseargs@0.11.0" + }, + { + "ref": "minimatch@9.0.4", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "path-scurry@1.10.2", + "dependsOn": [ + "path-scurry@1.10.2|lru-cache@10.2.0", + "path-scurry@1.10.2|minipass@7.0.4" + ] + }, + { + "ref": "path-scurry@1.10.2|lru-cache@10.2.0" + }, + { + "ref": "path-scurry@1.10.2|minipass@7.0.4" + }, + { + "ref": "lines-and-columns@1.2.4" + }, + { + "ref": "mz@2.7.0", + "dependsOn": [ + "any-promise@1.3.0", + "object-assign@4.1.1", + "thenify-all@1.6.0" + ] + }, + { + "ref": "any-promise@1.3.0" + }, + { + "ref": "object-assign@4.1.1" + }, + { + "ref": "thenify-all@1.6.0", + "dependsOn": [ + "thenify@3.3.1" + ] + }, + { + "ref": "thenify@3.3.1", + "dependsOn": [ + "any-promise@1.3.0" + ] + }, + { + "ref": "pirates@4.0.6" + }, + { + "ref": "ts-interface-checker@0.1.13" + }, + { + "ref": "tw-elements@1.1.0", + "dependsOn": [ + "@popperjs/core@2.11.8", + "chart.js@3.9.1", + "chartjs-plugin-datalabels@2.2.0", + "deepmerge@4.3.1", + "detect-autofill@1.1.4", + "perfect-scrollbar@1.5.5", + "tw-elements@1.1.0|tailwindcss@3.3.0" + ] + }, + { + "ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "dependsOn": [ + "arg@5.0.2", + "chokidar@3.5.3", + "color-name@1.1.4", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "tw-elements@1.1.0|postcss-import@14.1.0", + "postcss-js@4.0.1", + "tw-elements@1.1.0|postcss-load-config@3.1.4", + "tw-elements@1.1.0|postcss-nested@6.0.0", + "postcss-selector-parser@6.0.16", + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "quick-lru@5.1.1", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "dependsOn": [ + "lilconfig@2.1.0", + "postcss@8.4.38", + "ts-node@10.9.2", + "tw-elements@1.1.0|yaml@1.10.2" + ] + }, + { + "ref": "tw-elements@1.1.0|yaml@1.10.2" + }, + { + "ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "@popperjs/core@2.11.8" + }, + { + "ref": "chart.js@3.9.1" + }, + { + "ref": "chartjs-plugin-datalabels@2.2.0", + "dependsOn": [ + "chart.js@3.9.1" + ] + }, + { + "ref": "deepmerge@4.3.1" + }, + { + "ref": "detect-autofill@1.1.4", + "dependsOn": [ + "custom-event-polyfill@1.0.7" + ] + }, + { + "ref": "custom-event-polyfill@1.0.7" + }, + { + "ref": "perfect-scrollbar@1.5.5" + }, + { + "ref": "color-name@1.1.4" + }, + { + "ref": "quick-lru@5.1.1" + }, + { + "ref": "validator@13.12.0" + }, + { + "ref": "winston@3.13.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@dabh/diagnostics@2.0.3", + "async@3.2.5", + "is-stream@2.0.1", + "logform@2.6.0", + "one-time@1.0.0", + "readable-stream@3.6.2", + "safe-stable-stringify@2.4.3", + "stack-trace@0.0.10", + "triple-beam@1.4.1", + "winston-transport@4.7.0" + ] + }, + { + "ref": "xml-formatter@3.6.2", + "dependsOn": [ + "xml-parser-xo@4.1.1" + ] + }, + { + "ref": "xml-parser-xo@4.1.1" + }, + { + "ref": "xml2js@0.6.2", + "dependsOn": [ + "sax@1.2.1", + "xmlbuilder@11.0.1" + ] + }, + { + "ref": "@mitre/heimdall-lite@2.10.9", + "dependsOn": [ + "express@4.19.2" + ] + }, + { + "ref": "express@4.19.2", + "dependsOn": [ + "accepts@1.3.8", + "array-flatten@1.1.1", + "body-parser@1.20.2", + "content-disposition@0.5.4", + "content-type@1.0.5", + "cookie-signature@1.0.6", + "cookie@0.6.0", + "express@4.19.2|debug@2.6.9", + "depd@2.0.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "finalhandler@1.2.0", + "fresh@0.5.2", + "http-errors@2.0.0", + "merge-descriptors@1.0.1", + "methods@1.1.2", + "on-finished@2.4.1", + "parseurl@1.3.3", + "path-to-regexp@0.1.7", + "proxy-addr@2.0.7", + "qs@6.11.0", + "range-parser@1.2.1", + "safe-buffer@5.2.1", + "send@0.18.0", + "serve-static@1.15.0", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "type-is@1.6.18", + "utils-merge@1.0.1", + "vary@1.1.2" + ] + }, + { + "ref": "express@4.19.2|debug@2.6.9", + "dependsOn": [ + "express@4.19.2|ms@2.0.0" + ] + }, + { + "ref": "express@4.19.2|ms@2.0.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1", + "dependsOn": [ + "@types/flat@5.0.5", + "@types/he@1.2.3", + "@types/json-diff@0.7.0", + "@types/jstoxml@2.0.4", + "@types/lodash@4.17.4", + "@types/mustache@4.2.5", + "@types/pretty@2.0.3", + "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "flat@5.0.2", + "he@1.2.0", + "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "inspecjs@2.10.8", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json-diff@0.9.1", + "jstoxml@3.2.10", + "lodash@4.17.21", + "mustache@4.2.0", + "pretty@2.0.0", + "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "winston@3.13.0", + "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "@mitre/inspec-objects@1.0.1|entities@3.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "rimraf@3.0.2", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "terminal-link@2.1.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "dependsOn": [ + "@types/node@20.14.1", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "dependsOn": [ + "execa@5.1.1", + "p-limit@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "micromatch@4.0.5", + "parse-json@5.2.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "is-generator-fn@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "p-limit@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/babel__traverse@7.20.5", + "@types/prettier@2.7.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "natural-compare@1.4.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "semver@7.6.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "ansi-regex@5.0.1", + "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "execa@5.1.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "jest-pnp-resolver@1.2.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "leven@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "string-length@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "prompts@2.4.2", + "yargs@17.7.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + }, + { + "ref": "@types/flat@5.0.5" + }, + { + "ref": "@types/he@1.2.3" + }, + { + "ref": "@types/json-diff@0.7.0" + }, + { + "ref": "@types/jstoxml@2.0.4" + }, + { + "ref": "@types/lodash@4.17.4" + }, + { + "ref": "@types/pretty@2.0.3" + }, + { + "ref": "flat@5.0.2" + }, + { + "ref": "he@1.2.0" + }, + { + "ref": "domelementtype@2.3.0" + }, + { + "ref": "chalk@4.1.2", + "dependsOn": [ + "ansi-styles@4.3.0", + "chalk@4.1.2|supports-color@7.2.0" + ] + }, + { + "ref": "chalk@4.1.2|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "slash@3.0.0" + }, + { + "ref": "@bcoe/v8-coverage@0.2.3" + }, + { + "ref": "collect-v8-coverage@1.0.2" + }, + { + "ref": "exit@0.1.2" + }, + { + "ref": "glob@7.2.3", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "glob@7.2.3|minimatch@3.1.2", + "once@1.4.0", + "path-is-absolute@1.0.1" + ] + }, + { + "ref": "glob@7.2.3|minimatch@3.1.2", + "dependsOn": [ + "glob@7.2.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "glob@7.2.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "graceful-fs@4.2.11" + }, + { + "ref": "istanbul-lib-coverage@3.2.2" + }, + { + "ref": "@babel/core@7.24.4", + "dependsOn": [ + "@ampproject/remapping@2.3.0", + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-compilation-targets@7.23.6", + "@babel/helper-module-transforms@7.23.3", + "@babel/helpers@7.24.4", + "@babel/parser@7.24.4", + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "convert-source-map@2.0.0", + "debug@4.3.4", + "gensync@1.0.0-beta.2", + "json5@2.2.3", + "@babel/core@7.24.4|semver@6.3.1" + ] + }, + { + "ref": "@babel/core@7.24.4|semver@6.3.1" + }, + { + "ref": "@babel/parser@7.24.4" + }, + { + "ref": "@istanbuljs/schema@0.1.3" + }, + { + "ref": "istanbul-lib-report@3.0.1", + "dependsOn": [ + "istanbul-lib-coverage@3.2.2", + "make-dir@4.0.0", + "istanbul-lib-report@3.0.1|supports-color@7.2.0" + ] + }, + { + "ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "istanbul-lib-source-maps@4.0.1", + "dependsOn": [ + "debug@4.3.4", + "istanbul-lib-coverage@3.2.2", + "source-map@0.6.1" + ] + }, + { + "ref": "istanbul-reports@3.1.7", + "dependsOn": [ + "html-escaper@2.0.2", + "istanbul-lib-report@3.0.1" + ] + }, + { + "ref": "merge-stream@2.0.0" + }, + { + "ref": "supports-color@8.1.1", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "string-length@4.0.2", + "dependsOn": [ + "char-regex@1.0.2", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "terminal-link@2.1.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "supports-hyperlinks@2.3.0" + ] + }, + { + "ref": "ansi-escapes@4.3.2", + "dependsOn": [ + "type-fest@0.21.3" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0", + "dependsOn": [ + "has-flag@4.0.0", + "supports-hyperlinks@2.3.0|supports-color@7.2.0" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "v8-to-istanbul@9.2.0", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "@types/istanbul-lib-coverage@2.0.6", + "convert-source-map@2.0.0" + ] + }, + { + "ref": "@types/istanbul-lib-coverage@2.0.6" + }, + { + "ref": "babel-plugin-istanbul@6.1.1", + "dependsOn": [ + "@babel/helper-plugin-utils@7.24.0", + "@istanbuljs/load-nyc-config@1.1.0", + "@istanbuljs/schema@0.1.3", + "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "test-exclude@6.0.0" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "babel-plugin-istanbul@6.1.1|semver@6.3.1" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1" + }, + { + "ref": "fast-json-stable-stringify@2.1.0" + }, + { + "ref": "write-file-atomic@4.0.2", + "dependsOn": [ + "imurmurhash@0.1.4", + "signal-exit@3.0.7" + ] + }, + { + "ref": "execa@5.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "get-stream@6.0.1", + "human-signals@2.1.0", + "is-stream@2.0.1", + "merge-stream@2.0.0", + "npm-run-path@4.0.1", + "onetime@5.1.2", + "signal-exit@3.0.7", + "strip-final-newline@2.0.0" + ] + }, + { + "ref": "p-limit@3.1.0", + "dependsOn": [ + "yocto-queue@0.1.0" + ] + }, + { + "ref": "co@4.6.0" + }, + { + "ref": "is-generator-fn@2.1.0" + }, + { + "ref": "stack-utils@2.0.6", + "dependsOn": [ + "stack-utils@2.0.6|escape-string-regexp@2.0.0" + ] + }, + { + "ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0" + }, + { + "ref": "parse-json@5.2.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "error-ex@1.3.2", + "json-parse-even-better-errors@2.3.1", + "lines-and-columns@1.2.4" + ] + }, + { + "ref": "strip-json-comments@3.1.1" + }, + { + "ref": "@types/graceful-fs@4.1.9", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "anymatch@3.1.3", + "dependsOn": [ + "normalize-path@3.0.0", + "picomatch@2.3.1" + ] + }, + { + "ref": "fb-watchman@2.0.2", + "dependsOn": [ + "bser@2.1.1" + ] + }, + { + "ref": "fsevents@2.3.3" + }, + { + "ref": "walker@1.0.8", + "dependsOn": [ + "makeerror@1.0.12" + ] + }, + { + "ref": "@babel/code-frame@7.24.2", + "dependsOn": [ + "@babel/highlight@7.24.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "@types/stack-utils@2.0.3" + }, + { + "ref": "jest-pnp-resolver@1.2.3", + "dependsOn": [ + "jest-resolve@29.7.0" + ] + }, + { + "ref": "detect-newline@3.1.0" + }, + { + "ref": "source-map-support@0.5.13", + "dependsOn": [ + "buffer-from@1.1.2", + "source-map@0.6.1" + ] + }, + { + "ref": "type-detect@4.0.8" + }, + { + "ref": "callsites@3.1.0" + }, + { + "ref": "cjs-module-lexer@1.2.3" + }, + { + "ref": "strip-bom@4.0.0" + }, + { + "ref": "@babel/generator@7.24.4", + "dependsOn": [ + "@babel/types@7.24.0", + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25", + "@babel/generator@7.24.4|jsesc@2.5.2" + ] + }, + { + "ref": "@babel/generator@7.24.4|jsesc@2.5.2" + }, + { + "ref": "@babel/plugin-syntax-typescript@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-function-name@7.23.0", + "@babel/helper-hoist-variables@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "debug@4.3.4", + "@babel/traverse@7.24.1|globals@11.12.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1|globals@11.12.0" + }, + { + "ref": "@babel/types@7.24.0", + "dependsOn": [ + "@babel/helper-string-parser@7.24.1", + "@babel/helper-validator-identifier@7.22.20", + "to-fast-properties@2.0.0" + ] + }, + { + "ref": "@types/babel__traverse@7.20.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/prettier@2.7.3" + }, + { + "ref": "babel-preset-current-node-syntax@1.0.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/plugin-syntax-async-generators@7.8.4", + "@babel/plugin-syntax-bigint@7.8.3", + "@babel/plugin-syntax-class-properties@7.12.13", + "@babel/plugin-syntax-import-meta@7.10.4", + "@babel/plugin-syntax-json-strings@7.8.3", + "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "@babel/plugin-syntax-numeric-separator@7.10.4", + "@babel/plugin-syntax-object-rest-spread@7.8.3", + "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "@babel/plugin-syntax-optional-chaining@7.8.3", + "@babel/plugin-syntax-top-level-await@7.14.5" + ] + }, + { + "ref": "natural-compare@1.4.0" + }, + { + "ref": "leven@3.1.0" + }, + { + "ref": "react-is@18.2.0" + }, + { + "ref": "rimraf@3.0.2", + "dependsOn": [ + "glob@7.2.3" + ] + }, + { + "ref": "@types/istanbul-reports@3.0.4", + "dependsOn": [ + "@types/istanbul-lib-report@3.0.3" + ] + }, + { + "ref": "@types/yargs@17.0.32", + "dependsOn": [ + "@types/yargs-parser@21.0.3" + ] + }, + { + "ref": "import-local@3.1.0", + "dependsOn": [ + "pkg-dir@4.2.0", + "resolve-cwd@3.0.0" + ] + }, + { + "ref": "prompts@2.4.2", + "dependsOn": [ + "kleur@3.0.3", + "sisteransi@1.0.5" + ] + }, + { + "ref": "kleur@3.0.3" + }, + { + "ref": "sisteransi@1.0.5" + }, + { + "ref": "yargs@17.7.2", + "dependsOn": [ + "cliui@8.0.1", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs@17.7.2|yargs-parser@21.1.1" + ] + }, + { + "ref": "yargs@17.7.2|yargs-parser@21.1.1" + }, + { + "ref": "json-diff@0.9.1", + "dependsOn": [ + "cli-color@2.0.4", + "difflib@0.2.4", + "dreamopt@0.8.0" + ] + }, + { + "ref": "cli-color@2.0.4", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "memoizee@0.4.15", + "timers-ext@0.1.7" + ] + }, + { + "ref": "d@1.0.2", + "dependsOn": [ + "es5-ext@0.10.64", + "type@2.7.2" + ] + }, + { + "ref": "es5-ext@0.10.64", + "dependsOn": [ + "es6-iterator@2.0.3", + "es6-symbol@3.1.4", + "esniff@2.0.1", + "next-tick@1.1.0" + ] + }, + { + "ref": "type@2.7.2" + }, + { + "ref": "es6-iterator@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "es6-symbol@3.1.4", + "dependsOn": [ + "d@1.0.2", + "ext@1.7.0" + ] + }, + { + "ref": "ext@1.7.0", + "dependsOn": [ + "type@2.7.2" + ] + }, + { + "ref": "esniff@2.0.1", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "event-emitter@0.3.5", + "type@2.7.2" + ] + }, + { + "ref": "event-emitter@0.3.5", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64" + ] + }, + { + "ref": "next-tick@1.1.0" + }, + { + "ref": "memoizee@0.4.15", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-weak-map@2.0.3", + "event-emitter@0.3.5", + "is-promise@2.2.2", + "lru-queue@0.1.0", + "next-tick@1.1.0", + "timers-ext@0.1.7" + ] + }, + { + "ref": "es6-weak-map@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "is-promise@2.2.2" + }, + { + "ref": "lru-queue@0.1.0", + "dependsOn": [ + "es5-ext@0.10.64" + ] + }, + { + "ref": "timers-ext@0.1.7", + "dependsOn": [ + "es5-ext@0.10.64", + "next-tick@1.1.0" + ] + }, + { + "ref": "difflib@0.2.4", + "dependsOn": [ + "heap@0.2.7" + ] + }, + { + "ref": "heap@0.2.7" + }, + { + "ref": "dreamopt@0.8.0", + "dependsOn": [ + "wordwrap@1.0.0" + ] + }, + { + "ref": "wordwrap@1.0.0" + }, + { + "ref": "jstoxml@3.2.10" + }, + { + "ref": "pretty@2.0.0", + "dependsOn": [ + "condense-newlines@0.2.1", + "extend-shallow@2.0.1", + "js-beautify@1.15.1" + ] + }, + { + "ref": "condense-newlines@0.2.1", + "dependsOn": [ + "extend-shallow@2.0.1", + "is-whitespace@0.3.0", + "kind-of@3.2.2" + ] + }, + { + "ref": "extend-shallow@2.0.1", + "dependsOn": [ + "is-extendable@0.1.1" + ] + }, + { + "ref": "is-whitespace@0.3.0" + }, + { + "ref": "kind-of@3.2.2", + "dependsOn": [ + "is-buffer@1.1.6" + ] + }, + { + "ref": "is-buffer@1.1.6" + }, + { + "ref": "is-extendable@0.1.1" + }, + { + "ref": "js-beautify@1.15.1", + "dependsOn": [ + "config-chain@1.1.13", + "editorconfig@1.0.4", + "js-beautify@1.15.1|glob@10.3.12", + "js-cookie@3.0.5", + "nopt@7.2.0" + ] + }, + { + "ref": "js-beautify@1.15.1|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "js-beautify@1.15.1|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "js-beautify@1.15.1|minipass@7.0.4" + }, + { + "ref": "config-chain@1.1.13", + "dependsOn": [ + "ini@1.3.8", + "proto-list@1.2.4" + ] + }, + { + "ref": "ini@1.3.8" + }, + { + "ref": "proto-list@1.2.4" + }, + { + "ref": "editorconfig@1.0.4", + "dependsOn": [ + "@one-ini/wasm@0.1.1", + "commander@10.0.1", + "editorconfig@1.0.4|minimatch@9.0.1", + "semver@7.6.2" + ] + }, + { + "ref": "editorconfig@1.0.4|minimatch@9.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "@one-ini/wasm@0.1.1" + }, + { + "ref": "commander@10.0.1" + }, + { + "ref": "brace-expansion@2.0.1", + "dependsOn": [ + "balanced-match@1.0.2" + ] + }, + { + "ref": "js-cookie@3.0.5" + }, + { + "ref": "nopt@7.2.0", + "dependsOn": [ + "abbrev@2.0.0" + ] + }, + { + "ref": "abbrev@2.0.0" + }, + { + "ref": "@types/babel__core@7.20.5", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "@types/babel__generator@7.6.8", + "@types/babel__template@7.4.4", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@babel/template@7.24.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "bs-logger@0.2.6", + "dependsOn": [ + "fast-json-stable-stringify@2.1.0" + ] + }, + { + "ref": "json5@2.2.3" + }, + { + "ref": "lodash.memoize@4.1.2" + }, + { + "ref": "@oclif/core@3.26.9", + "dependsOn": [ + "@types/cli-progress@3.11.5", + "ansi-escapes@4.3.2", + "ansi-styles@4.3.0", + "cardinal@2.1.1", + "chalk@4.1.2", + "clean-stack@3.0.1", + "cli-progress@3.12.0", + "color@4.2.3", + "@oclif/core@3.26.9|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "hyperlinker@1.0.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "@oclif/core@3.26.9|js-yaml@3.14.1", + "minimatch@9.0.4", + "natural-orderby@2.0.3", + "object-treeify@1.1.33", + "password-prompt@1.1.3", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "supports-color@8.1.1", + "supports-hyperlinks@2.3.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/core@3.26.9|debug@4.3.5", + "dependsOn": [ + "@oclif/core@3.26.9|ms@2.1.2" + ] + }, + { + "ref": "@oclif/core@3.26.9|ms@2.1.2" + }, + { + "ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "dependsOn": [ + "@oclif/core@3.26.9|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@oclif/core@3.26.9|argparse@1.0.10", + "dependsOn": [ + "@oclif/core@3.26.9|sprintf-js@1.0.3" + ] + }, + { + "ref": "@oclif/core@3.26.9|sprintf-js@1.0.3" + }, + { + "ref": "@types/cli-progress@3.11.5", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "type-fest@0.21.3" + }, + { + "ref": "color-convert@2.0.1", + "dependsOn": [ + "color-name@1.1.4" + ] + }, + { + "ref": "cardinal@2.1.1", + "dependsOn": [ + "ansicolors@0.3.2", + "redeyed@2.1.1" + ] + }, + { + "ref": "ansicolors@0.3.2" + }, + { + "ref": "redeyed@2.1.1", + "dependsOn": [ + "esprima@4.0.1" + ] + }, + { + "ref": "esprima@4.0.1" + }, + { + "ref": "has-flag@4.0.0" + }, + { + "ref": "clean-stack@3.0.1", + "dependsOn": [ + "escape-string-regexp@4.0.0" + ] + }, + { + "ref": "escape-string-regexp@4.0.0" + }, + { + "ref": "cli-progress@3.12.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "color@4.2.3", + "dependsOn": [ + "color-convert@2.0.1", + "color-string@1.9.1" + ] + }, + { + "ref": "color-string@1.9.1", + "dependsOn": [ + "color-name@1.1.4", + "simple-swizzle@0.2.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2", + "dependsOn": [ + "simple-swizzle@0.2.2|is-arrayish@0.3.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2" + }, + { + "ref": "ejs@3.1.10", + "dependsOn": [ + "jake@10.8.7" + ] + }, + { + "ref": "jake@10.8.7", + "dependsOn": [ + "async@3.2.5", + "chalk@4.1.2", + "filelist@1.0.4", + "jake@10.8.7|minimatch@3.1.2" + ] + }, + { + "ref": "jake@10.8.7|minimatch@3.1.2", + "dependsOn": [ + "jake@10.8.7|brace-expansion@1.1.11" + ] + }, + { + "ref": "jake@10.8.7|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "async@3.2.5" + }, + { + "ref": "filelist@1.0.4", + "dependsOn": [ + "filelist@1.0.4|minimatch@5.1.6" + ] + }, + { + "ref": "filelist@1.0.4|minimatch@5.1.6", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "balanced-match@1.0.2" + }, + { + "ref": "concat-map@0.0.1" + }, + { + "ref": "get-package-type@0.1.0" + }, + { + "ref": "globby@11.1.0", + "dependsOn": [ + "array-union@2.1.0", + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "slash@3.0.0" + ] + }, + { + "ref": "array-union@2.1.0" + }, + { + "ref": "dir-glob@3.0.1", + "dependsOn": [ + "path-type@4.0.0" + ] + }, + { + "ref": "path-type@4.0.0" + }, + { + "ref": "ignore@5.3.1" + }, + { + "ref": "hyperlinker@1.0.0" + }, + { + "ref": "indent-string@4.0.0" + }, + { + "ref": "is-wsl@2.2.0", + "dependsOn": [ + "is-docker@2.2.1" + ] + }, + { + "ref": "is-docker@2.2.1" + }, + { + "ref": "natural-orderby@2.0.3" + }, + { + "ref": "object-treeify@1.1.33" + }, + { + "ref": "password-prompt@1.1.3", + "dependsOn": [ + "ansi-escapes@4.3.2", + "cross-spawn@7.0.3" + ] + }, + { + "ref": "slice-ansi@4.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "astral-regex@2.0.0", + "is-fullwidth-code-point@3.0.0" + ] + }, + { + "ref": "astral-regex@2.0.0" + }, + { + "ref": "widest-line@3.1.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0", + "dependsOn": [ + "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0" + }, + { + "ref": "ansis@3.2.0" + }, + { + "ref": "cli-spinners@2.9.2" + }, + { + "ref": "cosmiconfig@9.0.0", + "dependsOn": [ + "env-paths@2.2.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "parse-json@5.2.0", + "typescript@5.1.6" + ] + }, + { + "ref": "env-paths@2.2.1" + }, + { + "ref": "import-fresh@3.3.0", + "dependsOn": [ + "parent-module@1.0.1", + "resolve-from@4.0.0" + ] + }, + { + "ref": "js-yaml@4.1.0", + "dependsOn": [ + "argparse@2.0.1" + ] + }, + { + "ref": "error-ex@1.3.2", + "dependsOn": [ + "is-arrayish@0.2.1" + ] + }, + { + "ref": "json-parse-even-better-errors@2.3.1" + }, + { + "ref": "typescript@5.1.6" + }, + { + "ref": "debug@4.3.4", + "dependsOn": [ + "debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "debug@4.3.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "npm@10.8.0", + "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "semver@7.6.2", + "validate-npm-package-name@5.0.1", + "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2", + "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "semver@7.6.2", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + }, + { + "ref": "hosted-git-info@7.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2|lru-cache@10.2.2" + ] + }, + { + "ref": "hosted-git-info@7.0.2|lru-cache@10.2.2" + }, + { + "ref": "validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/config@8.3.2", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|abbrev@2.0.0", + "npm@10.8.0|archy@1.0.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|chalk@5.3.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|cli-columns@4.0.0", + "npm@10.8.0|fastest-levenshtein@1.0.16", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|init-package-json@6.0.3", + "npm@10.8.0|is-cidr@5.0.5", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|libnpmaccess@8.0.6", + "npm@10.8.0|libnpmdiff@6.1.2", + "npm@10.8.0|libnpmexec@8.1.1", + "npm@10.8.0|libnpmfund@5.0.10", + "npm@10.8.0|libnpmhook@10.0.5", + "npm@10.8.0|libnpmorg@6.0.6", + "npm@10.8.0|libnpmpack@7.0.2", + "npm@10.8.0|libnpmpublish@9.0.8", + "npm@10.8.0|libnpmsearch@7.0.5", + "npm@10.8.0|libnpmteam@6.0.5", + "npm@10.8.0|libnpmversion@6.0.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|ms@2.1.3", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-audit-report@5.0.0", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-profile@10.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|npm-user-validate@2.0.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|qrcode-terminal@0.12.0", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|spdx-expression-parse@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|supports-color@9.4.0", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|text-table@0.2.0", + "npm@10.8.0|tiny-relative-date@1.3.0", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|validate-npm-package-name@5.0.1", + "npm@10.8.0|which@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0" + }, + { + "ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/query@3.1.0", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|bin-links@4.0.4", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|common-ancestor-path@1.0.1", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|json-stringify-nice@1.1.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|proggy@2.0.0", + "npm@10.8.0|promise-all-reject-late@1.0.1", + "npm@10.8.0|promise-call-limit@3.0.1", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "dependsOn": [ + "npm@10.8.0|npm-bundled@3.0.1", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-bundled@3.0.1", + "dependsOn": [ + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|read-package-json-fast@3.0.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "dependsOn": [ + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|cacache@18.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass-collect@2.0.1", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|unique-filename@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2" + }, + { + "ref": "npm@10.8.0|pacote@18.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-packlist@8.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|proc-log@4.2.0" + }, + { + "ref": "npm@10.8.0|semver@7.6.2" + }, + { + "ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/query@3.1.0", + "dependsOn": [ + "npm@10.8.0|postcss-selector-parser@6.0.16" + ] + }, + { + "ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "dependsOn": [ + "npm@10.8.0|cssesc@3.0.0", + "npm@10.8.0|util-deprecate@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|cssesc@3.0.0" + }, + { + "ref": "npm@10.8.0|util-deprecate@1.0.2" + }, + { + "ref": "npm@10.8.0|@npmcli/redact@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|bin-links@4.0.4", + "dependsOn": [ + "npm@10.8.0|cmd-shim@6.0.3", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|read-cmd-shim@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|cmd-shim@6.0.3" + }, + { + "ref": "npm@10.8.0|read-cmd-shim@4.0.0" + }, + { + "ref": "npm@10.8.0|write-file-atomic@5.0.1", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|common-ancestor-path@1.0.1" + }, + { + "ref": "npm@10.8.0|hosted-git-info@7.0.2", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2" + ] + }, + { + "ref": "npm@10.8.0|json-stringify-nice@1.1.4" + }, + { + "ref": "npm@10.8.0|lru-cache@10.2.2" + }, + { + "ref": "npm@10.8.0|minimatch@9.0.4", + "dependsOn": [ + "npm@10.8.0|brace-expansion@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|nopt@7.2.1", + "dependsOn": [ + "npm@10.8.0|abbrev@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|npm-install-checks@6.3.0", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-package-arg@11.0.2", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "dependsOn": [ + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-json-stream@1.0.1", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|just-diff-apply@5.5.0", + "npm@10.8.0|just-diff@6.0.2" + ] + }, + { + "ref": "npm@10.8.0|proggy@2.0.0" + }, + { + "ref": "npm@10.8.0|promise-all-reject-late@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-call-limit@3.0.1" + }, + { + "ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ssri@10.0.6", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|treeverse@3.0.0" + }, + { + "ref": "npm@10.8.0|walk-up-path@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/config@8.3.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ci-info@4.0.0" + }, + { + "ref": "npm@10.8.0|ini@4.1.2" + }, + { + "ref": "npm@10.8.0|glob@10.3.15", + "dependsOn": [ + "npm@10.8.0|foreground-child@3.1.1", + "npm@10.8.0|jackspeak@2.3.6", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|path-scurry@1.11.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/git@5.0.7", + "dependsOn": [ + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-inflight@1.0.1", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "dependsOn": [ + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|promise-inflight@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-retry@2.0.1", + "dependsOn": [ + "npm@10.8.0|err-code@2.0.3", + "npm@10.8.0|retry@0.12.0" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0", + "dependsOn": [ + "npm@10.8.0|which@4.0.0|isexe@3.1.1" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1" + }, + { + "ref": "npm@10.8.0|normalize-package-data@6.0.1", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|is-core-module@2.13.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0", + "dependsOn": [ + "npm@10.8.0|env-paths@2.2.1", + "npm@10.8.0|exponential-backoff@3.1.1", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0" + }, + { + "ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|tuf-js@2.2.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + }, + { + "ref": "npm@10.8.0|tuf-js@2.2.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/models@2.0.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|make-fetch-happen@13.0.1" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/models@2.0.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0" + }, + { + "ref": "npm@10.8.0|debug@4.3.4", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2" + }, + { + "ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/agent@2.2.2", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|http-cache-semantics@4.1.1", + "npm@10.8.0|is-lambda@1.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|negotiator@0.6.3", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|abbrev@2.0.0" + }, + { + "ref": "npm@10.8.0|archy@1.0.0" + }, + { + "ref": "npm@10.8.0|fs-minipass@3.0.3", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass-collect@2.0.1", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass@7.1.1" + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5", + "dependsOn": [ + "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|yallist@4.0.0" + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "dependsOn": [ + "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|p-map@4.0.0", + "dependsOn": [ + "npm@10.8.0|aggregate-error@3.1.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1", + "dependsOn": [ + "npm@10.8.0|chownr@2.0.0", + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|mkdirp@1.0.4", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "dependsOn": [ + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0" + }, + { + "ref": "npm@10.8.0|unique-filename@3.0.0", + "dependsOn": [ + "npm@10.8.0|unique-slug@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|unique-slug@4.0.0", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4" + ] + }, + { + "ref": "npm@10.8.0|imurmurhash@0.1.4" + }, + { + "ref": "npm@10.8.0|chalk@5.3.0" + }, + { + "ref": "npm@10.8.0|cli-columns@4.0.0", + "dependsOn": [ + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|string-width@4.2.3", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|emoji-regex@8.0.0" + }, + { + "ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0" + }, + { + "ref": "npm@10.8.0|strip-ansi@6.0.1", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|ansi-regex@5.0.1" + }, + { + "ref": "npm@10.8.0|fastest-levenshtein@1.0.16" + }, + { + "ref": "npm@10.8.0|foreground-child@3.1.1", + "dependsOn": [ + "npm@10.8.0|cross-spawn@7.0.3", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3", + "dependsOn": [ + "npm@10.8.0|path-key@3.1.1", + "npm@10.8.0|shebang-command@2.0.0", + "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "dependsOn": [ + "npm@10.8.0|isexe@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|path-key@3.1.1" + }, + { + "ref": "npm@10.8.0|shebang-command@2.0.0", + "dependsOn": [ + "npm@10.8.0|shebang-regex@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|shebang-regex@3.0.0" + }, + { + "ref": "npm@10.8.0|isexe@2.0.0" + }, + { + "ref": "npm@10.8.0|signal-exit@4.1.0" + }, + { + "ref": "npm@10.8.0|jackspeak@2.3.6", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2", + "npm@10.8.0|@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "dependsOn": [ + "BomRef.6h760ft6oi8.7sr4bitkllo", + "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.uih8rvtlbdo.33q7f9m1mj", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "npm@10.8.0|wrap-ansi@7.0.0", + "npm@10.8.0|wrap-ansi@8.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "dependsOn": [ + "npm@10.8.0|color-convert@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|color-convert@2.0.1", + "dependsOn": [ + "npm@10.8.0|color-name@1.1.4" + ] + }, + { + "ref": "npm@10.8.0|color-name@1.1.4" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0", + "dependsOn": [ + "npm@10.8.0|ansi-styles@6.2.1", + "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + }, + { + "ref": "npm@10.8.0|ansi-styles@6.2.1" + }, + { + "ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0" + }, + { + "ref": "npm@10.8.0|path-scurry@1.11.1", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|graceful-fs@4.2.11" + }, + { + "ref": "npm@10.8.0|init-package-json@6.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|promzard@1.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|promzard@1.0.2", + "dependsOn": [ + "npm@10.8.0|read@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|read@3.0.1", + "dependsOn": [ + "npm@10.8.0|mute-stream@1.0.0" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0", + "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-exceptions@2.5.0" + }, + { + "ref": "npm@10.8.0|spdx-license-ids@3.0.17" + }, + { + "ref": "npm@10.8.0|validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0|is-cidr@5.0.5", + "dependsOn": [ + "npm@10.8.0|cidr-regex@4.0.5" + ] + }, + { + "ref": "npm@10.8.0|cidr-regex@4.0.5", + "dependsOn": [ + "npm@10.8.0|ip-regex@5.0.0" + ] + }, + { + "ref": "npm@10.8.0|ip-regex@5.0.0" + }, + { + "ref": "npm@10.8.0|libnpmaccess@8.0.6", + "dependsOn": [ + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmdiff@6.1.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|binary-extensions@2.3.0", + "npm@10.8.0|diff@5.2.0", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|binary-extensions@2.3.0" + }, + { + "ref": "npm@10.8.0|diff@5.2.0" + }, + { + "ref": "npm@10.8.0|libnpmexec@8.1.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmfund@5.0.10", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmhook@10.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|aproba@2.0.0" + }, + { + "ref": "npm@10.8.0|libnpmorg@6.0.6", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmpack@7.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6" + ] + }, + { + "ref": "npm@10.8.0|libnpmpublish@9.0.8", + "dependsOn": [ + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|sigstore@2.3.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|@sigstore/sign@2.3.1", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|@sigstore/verify@1.2.0" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/core@1.1.0" + }, + { + "ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmsearch@7.0.5", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmteam@6.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmversion@6.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|http-proxy-agent@7.0.2", + "npm@10.8.0|https-proxy-agent@7.0.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|socks-proxy-agent@8.0.3" + ] + }, + { + "ref": "npm@10.8.0|agent-base@7.1.1", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|socks@2.8.3" + ] + }, + { + "ref": "npm@10.8.0|socks@2.8.3", + "dependsOn": [ + "npm@10.8.0|ip-address@9.0.5", + "npm@10.8.0|smart-buffer@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|ip-address@9.0.5", + "dependsOn": [ + "npm@10.8.0|jsbn@1.1.0", + "npm@10.8.0|sprintf-js@1.1.3" + ] + }, + { + "ref": "npm@10.8.0|jsbn@1.1.0" + }, + { + "ref": "npm@10.8.0|sprintf-js@1.1.3" + }, + { + "ref": "npm@10.8.0|smart-buffer@4.2.0" + }, + { + "ref": "npm@10.8.0|http-cache-semantics@4.1.1" + }, + { + "ref": "npm@10.8.0|is-lambda@1.0.1" + }, + { + "ref": "npm@10.8.0|minipass-fetch@3.0.5", + "dependsOn": [ + "npm@10.8.0|encoding@0.1.13", + "npm@10.8.0|minipass-sized@1.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|encoding@0.1.13", + "dependsOn": [ + "npm@10.8.0|iconv-lite@0.6.3" + ] + }, + { + "ref": "npm@10.8.0|iconv-lite@0.6.3", + "dependsOn": [ + "npm@10.8.0|safer-buffer@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|safer-buffer@2.1.2" + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3", + "dependsOn": [ + "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2", + "dependsOn": [ + "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|negotiator@0.6.3" + }, + { + "ref": "npm@10.8.0|err-code@2.0.3" + }, + { + "ref": "npm@10.8.0|retry@0.12.0" + }, + { + "ref": "npm@10.8.0|brace-expansion@2.0.1", + "dependsOn": [ + "npm@10.8.0|balanced-match@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|balanced-match@1.0.2" + }, + { + "ref": "npm@10.8.0|ms@2.1.3" + }, + { + "ref": "npm@10.8.0|env-paths@2.2.1" + }, + { + "ref": "npm@10.8.0|exponential-backoff@3.1.1" + }, + { + "ref": "npm@10.8.0|is-core-module@2.13.1", + "dependsOn": [ + "npm@10.8.0|hasown@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|hasown@2.0.2", + "dependsOn": [ + "npm@10.8.0|function-bind@1.1.2" + ] + }, + { + "ref": "npm@10.8.0|function-bind@1.1.2" + }, + { + "ref": "npm@10.8.0|npm-audit-report@5.0.0" + }, + { + "ref": "npm@10.8.0|npm-profile@10.0.0", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "dependsOn": [ + "npm@10.8.0|jsonparse@1.3.1", + "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|jsonparse@1.3.1" + }, + { + "ref": "npm@10.8.0|npm-user-validate@2.0.1" + }, + { + "ref": "npm@10.8.0|aggregate-error@3.1.0", + "dependsOn": [ + "npm@10.8.0|clean-stack@2.2.0", + "npm@10.8.0|indent-string@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|clean-stack@2.2.0" + }, + { + "ref": "npm@10.8.0|indent-string@4.0.0" + }, + { + "ref": "npm@10.8.0|npm-packlist@8.0.2", + "dependsOn": [ + "npm@10.8.0|ignore-walk@6.0.5" + ] + }, + { + "ref": "npm@10.8.0|ignore-walk@6.0.5", + "dependsOn": [ + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|just-diff-apply@5.5.0" + }, + { + "ref": "npm@10.8.0|just-diff@6.0.2" + }, + { + "ref": "npm@10.8.0|qrcode-terminal@0.12.0" + }, + { + "ref": "npm@10.8.0|mute-stream@1.0.0" + }, + { + "ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|supports-color@9.4.0" + }, + { + "ref": "npm@10.8.0|chownr@2.0.0" + }, + { + "ref": "npm@10.8.0|mkdirp@1.0.4" + }, + { + "ref": "npm@10.8.0|text-table@0.2.0" + }, + { + "ref": "npm@10.8.0|tiny-relative-date@1.3.0" + }, + { + "ref": "@oclif/plugin-version@2.2.2", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "ansis@3.2.0" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-version@2.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "lodash@4.17.21" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "dependsOn": [ + "content-type@1.0.5", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "is-stream@2.0.1", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "dependsOn": [ + "error-ex@1.3.2", + "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "content-type@1.0.5" + }, + { + "ref": "is-stream@2.0.1" + }, + { + "ref": "is-arrayish@0.2.1" + }, + { + "ref": "safe-buffer@5.2.1" + }, + { + "ref": "@oclif/test@3.2.15", + "dependsOn": [ + "@oclif/core@3.26.9", + "chai@4.4.1", + "fancy-test@3.0.15" + ] + }, + { + "ref": "chai@4.4.1", + "dependsOn": [ + "assertion-error@1.1.0", + "check-error@1.0.3", + "deep-eql@4.1.3", + "get-func-name@2.0.2", + "loupe@2.3.7", + "pathval@1.1.1", + "type-detect@4.0.8" + ] + }, + { + "ref": "fancy-test@3.0.15", + "dependsOn": [ + "@types/chai@4.3.14", + "@types/lodash@4.17.4", + "@types/node@20.14.1", + "@types/sinon@17.0.3", + "lodash@4.17.21", + "mock-stdin@1.0.0", + "nock@13.5.4", + "sinon@16.1.3", + "stdout-stderr@0.1.13" + ] + }, + { + "ref": "@types/chai@4.3.14" + }, + { + "ref": "@types/sinon@17.0.3", + "dependsOn": [ + "@types/sinonjs__fake-timers@8.1.5" + ] + }, + { + "ref": "@types/sinonjs__fake-timers@8.1.5" + }, + { + "ref": "mock-stdin@1.0.0" + }, + { + "ref": "nock@13.5.4", + "dependsOn": [ + "debug@4.3.4", + "json-stringify-safe@5.0.1", + "propagate@2.0.1" + ] + }, + { + "ref": "json-stringify-safe@5.0.1" + }, + { + "ref": "propagate@2.0.1" + }, + { + "ref": "sinon@16.1.3", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "@sinonjs/fake-timers@10.3.0", + "@sinonjs/samsam@8.0.0", + "sinon@16.1.3|diff@5.2.0", + "nise@5.1.9", + "sinon@16.1.3|supports-color@7.2.0" + ] + }, + { + "ref": "sinon@16.1.3|diff@5.2.0" + }, + { + "ref": "sinon@16.1.3|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "@sinonjs/commons@3.0.1", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/fake-timers@10.3.0", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0", + "dependsOn": [ + "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "lodash.get@4.4.2", + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "lodash.get@4.4.2" + }, + { + "ref": "nise@5.1.9", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "@sinonjs/text-encoding@0.7.2", + "just-extend@6.2.0", + "nise@5.1.9|path-to-regexp@6.2.2" + ] + }, + { + "ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "nise@5.1.9|path-to-regexp@6.2.2" + }, + { + "ref": "@sinonjs/text-encoding@0.7.2" + }, + { + "ref": "just-extend@6.2.0" + }, + { + "ref": "stdout-stderr@0.1.13", + "dependsOn": [ + "debug@4.3.4", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@smithy/abort-controller@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@types/express@4.17.21", + "dependsOn": [ + "@types/body-parser@1.19.5", + "@types/express-serve-static-core@4.19.0", + "@types/qs@6.9.15", + "@types/serve-static@1.15.7" + ] + }, + { + "ref": "@types/body-parser@1.19.5", + "dependsOn": [ + "@types/connect@3.4.38", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/connect@3.4.38", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/express-serve-static-core@4.19.0", + "dependsOn": [ + "@types/node@20.14.1", + "@types/qs@6.9.15", + "@types/range-parser@1.2.7", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/qs@6.9.15" + }, + { + "ref": "@types/range-parser@1.2.7" + }, + { + "ref": "@types/send@0.17.4", + "dependsOn": [ + "@types/mime@1.3.5", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/mime@1.3.5" + }, + { + "ref": "@types/serve-static@1.15.7", + "dependsOn": [ + "@types/http-errors@2.0.4", + "@types/node@20.14.1", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/http-errors@2.0.4" + }, + { + "ref": "@types/fs-extra@11.0.4", + "dependsOn": [ + "@types/jsonfile@6.1.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/jsonfile@6.1.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/get-installed-path@4.0.3" + }, + { + "ref": "@types/jest@29.5.12", + "dependsOn": [ + "expect@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "expect@29.7.0", + "dependsOn": [ + "@jest/expect-utils@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/expect-utils@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3" + ] + }, + { + "ref": "jest-get-type@29.6.3" + }, + { + "ref": "jest-matcher-utils@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-diff@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "diff-sequences@29.6.3", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "diff-sequences@29.6.3" + }, + { + "ref": "pretty-format@29.7.0", + "dependsOn": [ + "@jest/schemas@29.6.3", + "pretty-format@29.7.0|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "pretty-format@29.7.0|ansi-styles@5.2.0" + }, + { + "ref": "jest-message-util@29.7.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@jest/types@29.6.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/types@29.6.3", + "dependsOn": [ + "@jest/schemas@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "jest-util@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-util@29.7.0|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "jest-util@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/schemas@29.6.3", + "dependsOn": [ + "@sinclair/typebox@0.27.8" + ] + }, + { + "ref": "@sinclair/typebox@0.27.8" + }, + { + "ref": "@types/js-yaml@4.0.9" + }, + { + "ref": "@types/mocha@10.0.6" + }, + { + "ref": "@types/mock-fs@4.13.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "@types/objects-to-csv@1.3.3" + }, + { + "ref": "@types/prompt-sync@4.2.3" + }, + { + "ref": "@types/tmp@0.2.6" + }, + { + "ref": "@types/uuid@9.0.8" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0", + "dependsOn": [ + "@eslint-community/regexpp@4.10.0", + "@typescript-eslint/parser@7.7.1", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/type-utils@7.12.0", + "@typescript-eslint/utils@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "eslint@8.57.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "natural-compare@1.4.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@eslint-community/regexpp@4.10.0" + }, + { + "ref": "@typescript-eslint/parser@7.7.1", + "dependsOn": [ + "@typescript-eslint/scope-manager@7.7.1", + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/typescript-estree@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/scope-manager@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1" + ] + }, + { + "ref": "@typescript-eslint/types@7.7.1" + }, + { + "ref": "@typescript-eslint/visitor-keys@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/typescript-estree@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "ts-api-utils@1.3.0", + "dependsOn": [ + "typescript@5.1.6" + ] + }, + { + "ref": "eslint-visitor-keys@3.4.3" + }, + { + "ref": "eslint@8.57.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@eslint-community/regexpp@4.10.0", + "@eslint/eslintrc@2.1.4", + "@eslint/js@8.57.0", + "@humanwhocodes/config-array@0.11.14", + "@humanwhocodes/module-importer@1.0.1", + "@nodelib/fs.walk@1.2.8", + "@ungap/structured-clone@1.2.0", + "eslint@8.57.0|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "escape-string-regexp@4.0.0", + "eslint-scope@7.2.2", + "eslint-visitor-keys@3.4.3", + "espree@9.6.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "find-up@5.0.0", + "glob-parent@6.0.2", + "globals@13.24.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "is-path-inside@3.0.3", + "js-yaml@4.1.0", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint@8.57.0|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "strip-ansi@6.0.1", + "text-table@0.2.0" + ] + }, + { + "ref": "eslint@8.57.0|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint@8.57.0|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint@8.57.0|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint@8.57.0|minimatch@3.1.2", + "dependsOn": [ + "eslint@8.57.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint@8.57.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "@typescript-eslint/utils@7.12.0", + "debug@4.3.4", + "eslint@8.57.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@eslint-community/eslint-utils@4.4.0", + "dependsOn": [ + "eslint-visitor-keys@3.4.3", + "eslint@8.57.0" + ] + }, + { + "ref": "graphemer@1.4.0" + }, + { + "ref": "accurate-search@1.2.15" + }, + { + "ref": "ajv@8.16.0", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "json-schema-traverse@1.0.0", + "require-from-string@2.0.2", + "uri-js@4.4.1" + ] + }, + { + "ref": "fast-deep-equal@3.1.3" + }, + { + "ref": "json-schema-traverse@1.0.0" + }, + { + "ref": "require-from-string@2.0.2" + }, + { + "ref": "uri-js@4.4.1", + "dependsOn": [ + "punycode@2.3.1" + ] + }, + { + "ref": "punycode@2.3.1" + }, + { + "ref": "form-data@4.0.0", + "dependsOn": [ + "asynckit@0.4.0", + "combined-stream@1.0.8", + "mime-types@2.1.35" + ] + }, + { + "ref": "proxy-from-env@1.1.0" + }, + { + "ref": "assertion-error@1.1.0" + }, + { + "ref": "check-error@1.0.3", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "get-func-name@2.0.2" + }, + { + "ref": "deep-eql@4.1.3", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "loupe@2.3.7", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "pathval@1.1.1" + }, + { + "ref": "colors@1.4.0" + }, + { + "ref": "csv-parse@4.16.3" + }, + { + "ref": "dotenv@16.4.5" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "functional-red-black-tree@1.0.1", + "ignore@5.3.1", + "regexpp@3.2.0", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "enquirer@2.4.1", + "escape-string-regexp@4.0.0", + "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "functional-red-black-tree@1.0.1", + "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "import-fresh@3.3.0", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "progress@2.0.3", + "regexpp@3.2.0", + "semver@7.6.2", + "strip-ansi@6.0.1", + "strip-json-comments@3.1.1", + "table@6.8.2", + "text-table@0.2.0", + "v8-compile-cache@2.4.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "dependsOn": [ + "@babel/highlight@7.24.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "import-fresh@3.3.0", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0", + "dependsOn": [ + "@types/json-schema@7.0.15", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "eslint-utils@3.0.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + }, + { + "ref": "@types/json-schema@7.0.15" + }, + { + "ref": "tsutils@3.21.0", + "dependsOn": [ + "tsutils@3.21.0|tslib@1.14.1", + "typescript@5.1.6" + ] + }, + { + "ref": "tsutils@3.21.0|tslib@1.14.1" + }, + { + "ref": "esrecurse@4.3.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "eslint-utils@3.0.0", + "dependsOn": [ + "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/highlight@7.24.2", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@babel/highlight@7.24.2|chalk@2.4.2", + "js-tokens@4.0.0", + "picocolors@1.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "dependsOn": [ + "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "@babel/highlight@7.24.2|supports-color@5.5.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "dependsOn": [ + "@babel/highlight@7.24.2|color-convert@1.9.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "dependsOn": [ + "@babel/highlight@7.24.2|color-name@1.1.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-name@1.1.3" + }, + { + "ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5" + }, + { + "ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "dependsOn": [ + "@babel/highlight@7.24.2|has-flag@3.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|has-flag@3.0.0" + }, + { + "ref": "globals@13.24.0", + "dependsOn": [ + "globals@13.24.0|type-fest@0.20.2" + ] + }, + { + "ref": "globals@13.24.0|type-fest@0.20.2" + }, + { + "ref": "doctrine@3.0.0", + "dependsOn": [ + "esutils@2.0.3" + ] + }, + { + "ref": "enquirer@2.4.1", + "dependsOn": [ + "ansi-colors@4.1.1", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-colors@4.1.1" + }, + { + "ref": "acorn-jsx@5.3.2", + "dependsOn": [ + "acorn@8.11.3" + ] + }, + { + "ref": "esquery@1.5.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "esutils@2.0.3" + }, + { + "ref": "file-entry-cache@6.0.1", + "dependsOn": [ + "flat-cache@3.2.0" + ] + }, + { + "ref": "functional-red-black-tree@1.0.1" + }, + { + "ref": "imurmurhash@0.1.4" + }, + { + "ref": "json-stable-stringify-without-jsonify@1.0.1" + }, + { + "ref": "levn@0.4.1", + "dependsOn": [ + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "lodash.merge@4.6.2" + }, + { + "ref": "optionator@0.9.3", + "dependsOn": [ + "@aashutoshrathi/word-wrap@1.2.6", + "deep-is@0.1.4", + "optionator@0.9.3|fast-levenshtein@2.0.6", + "levn@0.4.1", + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "optionator@0.9.3|fast-levenshtein@2.0.6" + }, + { + "ref": "progress@2.0.3" + }, + { + "ref": "regexpp@3.2.0" + }, + { + "ref": "table@6.8.2", + "dependsOn": [ + "ajv@8.16.0", + "lodash.truncate@4.4.2", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "text-table@0.2.0" + }, + { + "ref": "v8-compile-cache@2.4.0" + }, + { + "ref": "confusing-browser-globals@1.0.10" + }, + { + "ref": "eslint-plugin-mocha@9.0.0", + "dependsOn": [ + "eslint-utils@3.0.0", + "eslint@8.57.0", + "ramda@0.27.2" + ] + }, + { + "ref": "ramda@0.27.2" + }, + { + "ref": "eslint-plugin-node@11.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1", + "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "eslint@8.57.0", + "ignore@5.3.1", + "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "resolve@1.22.8", + "eslint-plugin-node@11.1.0|semver@6.3.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "dependsOn": [ + "eslint-plugin-node@11.1.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|semver@6.3.1" + }, + { + "ref": "eslint-plugin-es@3.0.1", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "eslint@8.57.0", + "regexpp@3.2.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif@4.0.0", + "dependsOn": [ + "eslint-config-xo-space@0.27.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0", + "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "clean-regexp@1.0.0", + "eslint-template-visitor@2.3.2", + "eslint-utils@3.0.0", + "eslint@8.57.0", + "is-builtin-module@3.2.1", + "lodash@4.17.21", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "safe-regex@2.1.1", + "semver@7.6.2" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0" + }, + { + "ref": "eslint-config-xo-space@0.27.0", + "dependsOn": [ + "eslint-config-xo@0.35.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-config-xo@0.35.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint@8.57.0" + ] + }, + { + "ref": "@babel/helper-validator-identifier@7.22.20" + }, + { + "ref": "clean-regexp@1.0.0", + "dependsOn": [ + "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + }, + { + "ref": "eslint-template-visitor@2.3.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/eslint-parser@7.24.1", + "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "esquery@1.5.0", + "multimap@1.1.0" + ] + }, + { + "ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "@babel/eslint-parser@7.24.1|semver@6.3.1" + ] + }, + { + "ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1|semver@6.3.1" + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "dependsOn": [ + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + }, + { + "ref": "multimap@1.1.0" + }, + { + "ref": "is-builtin-module@3.2.1", + "dependsOn": [ + "builtin-modules@3.3.0" + ] + }, + { + "ref": "pluralize@8.0.0" + }, + { + "ref": "read-pkg-up@7.0.1", + "dependsOn": [ + "read-pkg-up@7.0.1|find-up@4.1.0", + "read-pkg@5.2.0", + "read-pkg-up@7.0.1|type-fest@0.8.1" + ] + }, + { + "ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-locate@4.1.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-limit@2.3.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|type-fest@0.8.1" + }, + { + "ref": "regexp-tree@0.1.27" + }, + { + "ref": "safe-regex@2.1.1", + "dependsOn": [ + "regexp-tree@0.1.27" + ] + }, + { + "ref": "eslint-plugin-unicorn@52.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@eslint-community/eslint-utils@4.4.0", + "@eslint/eslintrc@2.1.4", + "ci-info@4.0.0", + "clean-regexp@1.0.0", + "core-js-compat@3.37.0", + "eslint@8.57.0", + "esquery@1.5.0", + "indent-string@4.0.0", + "is-builtin-module@3.2.1", + "jsesc@3.0.2", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "regjsparser@0.10.0", + "semver@7.6.2", + "strip-indent@3.0.0" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "debug@4.3.4", + "espree@9.6.1", + "globals@13.24.0", + "ignore@5.3.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1" + }, + { + "ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "espree@9.6.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "acorn@8.11.3", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "parent-module@1.0.1", + "dependsOn": [ + "callsites@3.1.0" + ] + }, + { + "ref": "resolve-from@4.0.0" + }, + { + "ref": "ci-info@4.0.0" + }, + { + "ref": "core-js-compat@3.37.0", + "dependsOn": [ + "browserslist@4.23.0" + ] + }, + { + "ref": "browserslist@4.23.0", + "dependsOn": [ + "caniuse-lite@1.0.30001612", + "electron-to-chromium@1.4.747", + "node-releases@2.0.14", + "update-browserslist-db@1.0.13" + ] + }, + { + "ref": "caniuse-lite@1.0.30001612" + }, + { + "ref": "electron-to-chromium@1.4.747" + }, + { + "ref": "node-releases@2.0.14" + }, + { + "ref": "update-browserslist-db@1.0.13", + "dependsOn": [ + "browserslist@4.23.0", + "escalade@3.1.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "escalade@3.1.2" + }, + { + "ref": "estraverse@5.3.0" + }, + { + "ref": "builtin-modules@3.3.0" + }, + { + "ref": "jsesc@3.0.2" + }, + { + "ref": "p-try@2.2.0" + }, + { + "ref": "path-exists@4.0.0" + }, + { + "ref": "read-pkg@5.2.0", + "dependsOn": [ + "@types/normalize-package-data@2.4.4", + "read-pkg@5.2.0|normalize-package-data@2.5.0", + "parse-json@5.2.0", + "read-pkg@5.2.0|type-fest@0.6.0" + ] + }, + { + "ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "dependsOn": [ + "read-pkg@5.2.0|hosted-git-info@2.8.9", + "resolve@1.22.8", + "read-pkg@5.2.0|semver@5.7.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "read-pkg@5.2.0|hosted-git-info@2.8.9" + }, + { + "ref": "read-pkg@5.2.0|semver@5.7.2" + }, + { + "ref": "read-pkg@5.2.0|type-fest@0.6.0" + }, + { + "ref": "@types/normalize-package-data@2.4.4" + }, + { + "ref": "validate-npm-package-license@3.0.4", + "dependsOn": [ + "spdx-correct@3.2.0", + "spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "regjsparser@0.10.0", + "dependsOn": [ + "regjsparser@0.10.0|jsesc@0.5.0" + ] + }, + { + "ref": "regjsparser@0.10.0|jsesc@0.5.0" + }, + { + "ref": "strip-indent@3.0.0", + "dependsOn": [ + "min-indent@1.0.1" + ] + }, + { + "ref": "min-indent@1.0.1" + }, + { + "ref": "@eslint/js@8.57.0" + }, + { + "ref": "@humanwhocodes/config-array@0.11.14", + "dependsOn": [ + "@humanwhocodes/object-schema@2.0.3", + "debug@4.3.4", + "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "dependsOn": [ + "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@humanwhocodes/object-schema@2.0.3" + }, + { + "ref": "@humanwhocodes/module-importer@1.0.1" + }, + { + "ref": "@nodelib/fs.scandir@2.1.5", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "run-parallel@1.2.0" + ] + }, + { + "ref": "run-parallel@1.2.0", + "dependsOn": [ + "queue-microtask@1.2.3" + ] + }, + { + "ref": "queue-microtask@1.2.3" + }, + { + "ref": "fastq@1.17.1", + "dependsOn": [ + "reusify@1.0.4" + ] + }, + { + "ref": "reusify@1.0.4" + }, + { + "ref": "@ungap/structured-clone@1.2.0" + }, + { + "ref": "path-key@3.1.1" + }, + { + "ref": "shebang-command@2.0.0", + "dependsOn": [ + "shebang-regex@3.0.0" + ] + }, + { + "ref": "shebang-regex@3.0.0" + }, + { + "ref": "which@2.0.2", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "isexe@2.0.0" + }, + { + "ref": "eslint-scope@7.2.2", + "dependsOn": [ + "esrecurse@4.3.0", + "estraverse@5.3.0" + ] + }, + { + "ref": "acorn@8.11.3" + }, + { + "ref": "flat-cache@3.2.0", + "dependsOn": [ + "flatted@3.3.1", + "keyv@4.5.4", + "rimraf@3.0.2" + ] + }, + { + "ref": "flatted@3.3.1" + }, + { + "ref": "keyv@4.5.4", + "dependsOn": [ + "json-buffer@3.0.1" + ] + }, + { + "ref": "json-buffer@3.0.1" + }, + { + "ref": "find-up@5.0.0", + "dependsOn": [ + "locate-path@6.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "locate-path@6.0.0", + "dependsOn": [ + "p-locate@5.0.0" + ] + }, + { + "ref": "p-locate@5.0.0", + "dependsOn": [ + "p-limit@3.1.0" + ] + }, + { + "ref": "is-extglob@2.1.1" + }, + { + "ref": "is-path-inside@3.0.3" + }, + { + "ref": "prelude-ls@1.2.1" + }, + { + "ref": "type-check@0.4.0", + "dependsOn": [ + "prelude-ls@1.2.1" + ] + }, + { + "ref": "@aashutoshrathi/word-wrap@1.2.6" + }, + { + "ref": "deep-is@0.1.4" + }, + { + "ref": "accepts@1.3.8", + "dependsOn": [ + "mime-types@2.1.35", + "negotiator@0.6.3" + ] + }, + { + "ref": "mime-types@2.1.35", + "dependsOn": [ + "mime-db@1.52.0" + ] + }, + { + "ref": "negotiator@0.6.3" + }, + { + "ref": "array-flatten@1.1.1" + }, + { + "ref": "body-parser@1.20.2", + "dependsOn": [ + "bytes@3.1.2", + "content-type@1.0.5", + "body-parser@1.20.2|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "on-finished@2.4.1", + "qs@6.11.0", + "raw-body@2.5.2", + "type-is@1.6.18", + "unpipe@1.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|debug@2.6.9", + "dependsOn": [ + "body-parser@1.20.2|ms@2.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|ms@2.0.0" + }, + { + "ref": "bytes@3.1.2" + }, + { + "ref": "depd@2.0.0" + }, + { + "ref": "destroy@1.2.0" + }, + { + "ref": "http-errors@2.0.0", + "dependsOn": [ + "depd@2.0.0", + "inherits@2.0.4", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "toidentifier@1.0.1" + ] + }, + { + "ref": "iconv-lite@0.4.24", + "dependsOn": [ + "safer-buffer@2.1.2" + ] + }, + { + "ref": "safer-buffer@2.1.2" + }, + { + "ref": "on-finished@2.4.1", + "dependsOn": [ + "ee-first@1.1.1" + ] + }, + { + "ref": "qs@6.11.0", + "dependsOn": [ + "side-channel@1.0.6" + ] + }, + { + "ref": "raw-body@2.5.2", + "dependsOn": [ + "bytes@3.1.2", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "unpipe@1.0.0" + ] + }, + { + "ref": "unpipe@1.0.0" + }, + { + "ref": "type-is@1.6.18", + "dependsOn": [ + "media-typer@0.3.0", + "mime-types@2.1.35" + ] + }, + { + "ref": "content-disposition@0.5.4", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "cookie-signature@1.0.6" + }, + { + "ref": "cookie@0.6.0" + }, + { + "ref": "encodeurl@1.0.2" + }, + { + "ref": "escape-html@1.0.3" + }, + { + "ref": "etag@1.8.1" + }, + { + "ref": "finalhandler@1.2.0", + "dependsOn": [ + "finalhandler@1.2.0|debug@2.6.9", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "on-finished@2.4.1", + "parseurl@1.3.3", + "statuses@2.0.1", + "unpipe@1.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|debug@2.6.9", + "dependsOn": [ + "finalhandler@1.2.0|ms@2.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|ms@2.0.0" + }, + { + "ref": "parseurl@1.3.3" + }, + { + "ref": "statuses@2.0.1" + }, + { + "ref": "fresh@0.5.2" + }, + { + "ref": "setprototypeof@1.2.0" + }, + { + "ref": "toidentifier@1.0.1" + }, + { + "ref": "merge-descriptors@1.0.1" + }, + { + "ref": "methods@1.1.2" + }, + { + "ref": "ee-first@1.1.1" + }, + { + "ref": "path-to-regexp@0.1.7" + }, + { + "ref": "proxy-addr@2.0.7", + "dependsOn": [ + "forwarded@0.2.0", + "ipaddr.js@1.9.1" + ] + }, + { + "ref": "forwarded@0.2.0" + }, + { + "ref": "ipaddr.js@1.9.1" + }, + { + "ref": "side-channel@1.0.6", + "dependsOn": [ + "call-bind@1.0.7", + "es-errors@1.3.0", + "get-intrinsic@1.2.4", + "object-inspect@1.13.1" + ] + }, + { + "ref": "call-bind@1.0.7", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "set-function-length@1.2.2" + ] + }, + { + "ref": "es-define-property@1.0.0", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "get-intrinsic@1.2.4", + "dependsOn": [ + "es-errors@1.3.0", + "function-bind@1.1.2", + "has-proto@1.0.3", + "has-symbols@1.0.3", + "hasown@2.0.2" + ] + }, + { + "ref": "es-errors@1.3.0" + }, + { + "ref": "function-bind@1.1.2" + }, + { + "ref": "set-function-length@1.2.2", + "dependsOn": [ + "define-data-property@1.1.4", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "gopd@1.0.1", + "has-property-descriptors@1.0.2" + ] + }, + { + "ref": "define-data-property@1.1.4", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "gopd@1.0.1" + ] + }, + { + "ref": "gopd@1.0.1", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "has-property-descriptors@1.0.2", + "dependsOn": [ + "es-define-property@1.0.0" + ] + }, + { + "ref": "has-proto@1.0.3" + }, + { + "ref": "has-symbols@1.0.3" + }, + { + "ref": "hasown@2.0.2", + "dependsOn": [ + "function-bind@1.1.2" + ] + }, + { + "ref": "object-inspect@1.13.1" + }, + { + "ref": "range-parser@1.2.1" + }, + { + "ref": "send@0.18.0", + "dependsOn": [ + "send@0.18.0|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "fresh@0.5.2", + "http-errors@2.0.0", + "mime@1.6.0", + "ms@2.1.3", + "on-finished@2.4.1", + "range-parser@1.2.1", + "statuses@2.0.1" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9", + "dependsOn": [ + "send@0.18.0|debug@2.6.9|ms@2.0.0" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9|ms@2.0.0" + }, + { + "ref": "mime@1.6.0" + }, + { + "ref": "serve-static@1.15.0", + "dependsOn": [ + "encodeurl@1.0.2", + "escape-html@1.0.3", + "parseurl@1.3.3", + "send@0.18.0" + ] + }, + { + "ref": "media-typer@0.3.0" + }, + { + "ref": "utils-merge@1.0.1" + }, + { + "ref": "vary@1.1.2" + }, + { + "ref": "asynckit@0.4.0" + }, + { + "ref": "combined-stream@1.0.8", + "dependsOn": [ + "delayed-stream@1.0.0" + ] + }, + { + "ref": "delayed-stream@1.0.0" + }, + { + "ref": "mime-db@1.52.0" + }, + { + "ref": "fs-extra@11.2.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "jsonfile@6.1.0", + "universalify@2.0.1" + ] + }, + { + "ref": "jsonfile@6.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "universalify@2.0.1" + ] + }, + { + "ref": "universalify@2.0.1" + }, + { + "ref": "get-installed-path@4.0.8", + "dependsOn": [ + "global-modules@1.0.0" + ] + }, + { + "ref": "global-modules@1.0.0", + "dependsOn": [ + "global-prefix@1.0.2", + "is-windows@1.0.2", + "resolve-dir@1.0.1" + ] + }, + { + "ref": "global-prefix@1.0.2", + "dependsOn": [ + "expand-tilde@2.0.2", + "homedir-polyfill@1.0.3", + "ini@1.3.8", + "is-windows@1.0.2", + "global-prefix@1.0.2|which@1.3.1" + ] + }, + { + "ref": "global-prefix@1.0.2|which@1.3.1", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "expand-tilde@2.0.2", + "dependsOn": [ + "homedir-polyfill@1.0.3" + ] + }, + { + "ref": "homedir-polyfill@1.0.3", + "dependsOn": [ + "parse-passwd@1.0.0" + ] + }, + { + "ref": "parse-passwd@1.0.0" + }, + { + "ref": "is-windows@1.0.2" + }, + { + "ref": "resolve-dir@1.0.1", + "dependsOn": [ + "expand-tilde@2.0.2", + "global-modules@1.0.0" + ] + }, + { + "ref": "domhandler@5.0.3", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "domutils@3.1.0", + "dependsOn": [ + "dom-serializer@2.0.0", + "domelementtype@2.3.0", + "domhandler@5.0.3" + ] + }, + { + "ref": "dom-serializer@2.0.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "entities@4.5.0" + ] + }, + { + "ref": "entities@4.5.0" + }, + { + "ref": "https@1.0.0" + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2", + "dependsOn": [ + "chalk@4.1.2", + "cli-cursor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1" + ] + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "cli-cursor@3.1.0", + "dependsOn": [ + "restore-cursor@3.1.0" + ] + }, + { + "ref": "restore-cursor@3.1.0", + "dependsOn": [ + "onetime@5.1.2", + "signal-exit@3.0.7" + ] + }, + { + "ref": "onetime@5.1.2", + "dependsOn": [ + "mimic-fn@2.1.0" + ] + }, + { + "ref": "mimic-fn@2.1.0" + }, + { + "ref": "signal-exit@3.0.7" + }, + { + "ref": "figures@3.2.0", + "dependsOn": [ + "figures@3.2.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "figures@3.2.0|escape-string-regexp@1.0.5" + }, + { + "ref": "inquirer@8.0.0", + "dependsOn": [ + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-cursor@3.1.0", + "cli-width@3.0.0", + "external-editor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "mute-stream@0.0.8", + "run-async@2.4.1", + "rxjs@6.6.7", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "through@2.3.8" + ] + }, + { + "ref": "cli-width@3.0.0" + }, + { + "ref": "external-editor@3.1.0", + "dependsOn": [ + "chardet@0.7.0", + "iconv-lite@0.4.24", + "external-editor@3.1.0|tmp@0.0.33" + ] + }, + { + "ref": "external-editor@3.1.0|tmp@0.0.33", + "dependsOn": [ + "os-tmpdir@1.0.2" + ] + }, + { + "ref": "chardet@0.7.0" + }, + { + "ref": "os-tmpdir@1.0.2" + }, + { + "ref": "mute-stream@0.0.8" + }, + { + "ref": "run-async@2.4.1" + }, + { + "ref": "rxjs@6.6.7", + "dependsOn": [ + "rxjs@6.6.7|tslib@1.14.1" + ] + }, + { + "ref": "rxjs@6.6.7|tslib@1.14.1" + }, + { + "ref": "through@2.3.8" + }, + { + "ref": "jest-mock@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-util@29.7.0" + ] + }, + { + "ref": "@types/istanbul-lib-report@3.0.3", + "dependsOn": [ + "@types/istanbul-lib-coverage@2.0.6" + ] + }, + { + "ref": "@types/yargs-parser@21.0.3" + }, + { + "ref": "jest@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/types@29.6.3", + "import-local@3.1.0", + "jest-cli@29.7.0" + ] + }, + { + "ref": "@jest/core@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/reporters@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@jest/core@29.7.0|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-changed-files@29.7.0", + "jest-config@29.7.0", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve-dependencies@29.7.0", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "jest-watcher@29.7.0", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@jest/core@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/console@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "@jest/reporters@29.7.0", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@jest/console@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "istanbul-lib-instrument@6.0.2", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@jest/test-result@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/types@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@jest/transform@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "convert-source-map@2.0.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "fs.realpath@1.0.0" + }, + { + "ref": "inflight@1.0.6", + "dependsOn": [ + "once@1.4.0", + "wrappy@1.0.2" + ] + }, + { + "ref": "path-is-absolute@1.0.1" + }, + { + "ref": "istanbul-lib-instrument@6.0.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "semver@7.6.2" + ] + }, + { + "ref": "make-dir@4.0.0", + "dependsOn": [ + "semver@7.6.2" + ] + }, + { + "ref": "source-map@0.6.1" + }, + { + "ref": "html-escaper@2.0.2" + }, + { + "ref": "jest-worker@29.7.0", + "dependsOn": [ + "@types/node@20.14.1", + "jest-util@29.7.0", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "char-regex@1.0.2" + }, + { + "ref": "convert-source-map@2.0.0" + }, + { + "ref": "jest-changed-files@29.7.0", + "dependsOn": [ + "execa@5.1.1", + "jest-util@29.7.0", + "p-limit@3.1.0" + ] + }, + { + "ref": "get-stream@6.0.1" + }, + { + "ref": "human-signals@2.1.0" + }, + { + "ref": "npm-run-path@4.0.1", + "dependsOn": [ + "path-key@3.1.1" + ] + }, + { + "ref": "strip-final-newline@2.0.0" + }, + { + "ref": "yocto-queue@0.1.0" + }, + { + "ref": "jest-config@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/test-sequencer@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "babel-jest@29.7.0", + "chalk@4.1.2", + "jest-config@29.7.0|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-circus@29.7.0", + "jest-environment-node@29.7.0", + "jest-get-type@29.6.3", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "micromatch@4.0.5", + "parse-json@5.2.0", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "jest-config@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/test-sequencer@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "jest-haste-map@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "babel-jest@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "babel-preset-jest@29.6.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "jest-circus@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "dedent@1.5.3", + "is-generator-fn@2.1.0", + "jest-each@29.7.0", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "p-limit@3.1.0", + "pretty-format@29.7.0", + "pure-rand@6.1.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/environment@29.7.0", + "dependsOn": [ + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/expect@29.7.0", + "dependsOn": [ + "expect@29.7.0", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "jest-snapshot@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-jsx@7.24.1", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/types@7.24.0", + "@jest/expect-utils@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "expect@29.7.0", + "graceful-fs@4.2.11", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "natural-compare@1.4.0", + "pretty-format@29.7.0", + "semver@7.6.2" + ] + }, + { + "ref": "dedent@1.5.3" + }, + { + "ref": "jest-each@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "jest-util@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-runtime@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/globals@29.7.0", + "@jest/source-map@29.6.3", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "pure-rand@6.1.0" + }, + { + "ref": "jest-environment-node@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/fake-timers@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@sinonjs/fake-timers@10.3.0", + "@types/node@20.14.1", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "jest-regex-util@29.6.3" + }, + { + "ref": "jest-resolve@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-pnp-resolver@1.2.3", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "resolve.exports@2.0.2", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "jest-runner@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/environment@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "emittery@0.13.1", + "graceful-fs@4.2.11", + "jest-docblock@29.7.0", + "jest-environment-node@29.7.0", + "jest-haste-map@29.7.0", + "jest-leak-detector@29.7.0", + "jest-message-util@29.7.0", + "jest-resolve@29.7.0", + "jest-runtime@29.7.0", + "jest-util@29.7.0", + "jest-watcher@29.7.0", + "jest-worker@29.7.0", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "jest-validate@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "jest-validate@29.7.0|camelcase@6.3.0", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "leven@3.1.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-validate@29.7.0|camelcase@6.3.0" + }, + { + "ref": "bser@2.1.1", + "dependsOn": [ + "node-int64@0.4.0" + ] + }, + { + "ref": "node-int64@0.4.0" + }, + { + "ref": "makeerror@1.0.12", + "dependsOn": [ + "tmpl@1.0.5" + ] + }, + { + "ref": "tmpl@1.0.5" + }, + { + "ref": "jest-resolve-dependencies@29.7.0", + "dependsOn": [ + "jest-regex-util@29.6.3", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "resolve.exports@2.0.2" + }, + { + "ref": "emittery@0.13.1" + }, + { + "ref": "jest-docblock@29.7.0", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "jest-leak-detector@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-watcher@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "emittery@0.13.1", + "jest-util@29.7.0", + "string-length@4.0.2" + ] + }, + { + "ref": "@jest/globals@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/types@29.6.3", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/source-map@29.6.3", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@babel/plugin-syntax-jsx@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/helper-plugin-utils@7.24.0" + }, + { + "ref": "@babel/plugin-syntax-async-generators@7.8.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-bigint@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-class-properties@7.12.13", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-import-meta@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-json-strings@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "pkg-dir@4.2.0", + "dependsOn": [ + "pkg-dir@4.2.0|find-up@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|find-up@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-locate@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-limit@2.3.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0", + "dependsOn": [ + "resolve-cwd@3.0.0|resolve-from@5.0.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0|resolve-from@5.0.0" + }, + { + "ref": "jest-cli@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "chalk@4.1.2", + "create-jest@29.7.0", + "exit@0.1.2", + "import-local@3.1.0", + "jest-config@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "yargs@17.7.2" + ] + }, + { + "ref": "create-jest@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-config@29.7.0", + "jest-util@29.7.0", + "prompts@2.4.2" + ] + }, + { + "ref": "cliui@8.0.1", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "get-caller-file@2.0.5" + }, + { + "ref": "require-directory@2.1.1" + }, + { + "ref": "y18n@5.0.8" + }, + { + "ref": "argparse@2.0.1" + }, + { + "ref": "json-colorizer@2.2.2", + "dependsOn": [ + "json-colorizer@2.2.2|chalk@2.4.2", + "lodash.get@4.4.2" + ] + }, + { + "ref": "json-colorizer@2.2.2|chalk@2.4.2", + "dependsOn": [ + "json-colorizer@2.2.2|ansi-styles@3.2.1", + "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "json-colorizer@2.2.2|supports-color@5.5.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "dependsOn": [ + "json-colorizer@2.2.2|color-convert@1.9.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "dependsOn": [ + "json-colorizer@2.2.2|color-name@1.1.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-name@1.1.3" + }, + { + "ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5" + }, + { + "ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "dependsOn": [ + "json-colorizer@2.2.2|has-flag@3.0.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|has-flag@3.0.0" + }, + { + "ref": "markdown-diff@2.0.0", + "dependsOn": [ + "markdown-diff@2.0.0|diff@5.2.0", + "marked@12.0.2" + ] + }, + { + "ref": "markdown-diff@2.0.0|diff@5.2.0" + }, + { + "ref": "marked@12.0.2" + }, + { + "ref": "markdown-table-ts@1.0.3" + }, + { + "ref": "mocha@10.4.0", + "dependsOn": [ + "ansi-colors@4.1.1", + "browser-stdout@1.3.1", + "chokidar@3.5.3", + "debug@4.3.4", + "mocha@10.4.0|diff@5.0.0", + "escape-string-regexp@4.0.0", + "find-up@5.0.0", + "mocha@10.4.0|glob@8.1.0", + "he@1.2.0", + "js-yaml@4.1.0", + "mocha@10.4.0|log-symbols@4.1.0", + "mocha@10.4.0|minimatch@5.0.1", + "ms@2.1.3", + "serialize-javascript@6.0.0", + "strip-json-comments@3.1.1", + "supports-color@8.1.1", + "workerpool@6.2.1", + "yargs-parser@20.2.4", + "yargs-unparser@2.0.0", + "mocha@10.4.0|yargs@16.2.0" + ] + }, + { + "ref": "mocha@10.4.0|diff@5.0.0" + }, + { + "ref": "mocha@10.4.0|glob@8.1.0", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "mocha@10.4.0|minimatch@5.0.1", + "once@1.4.0" + ] + }, + { + "ref": "mocha@10.4.0|minimatch@5.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "mocha@10.4.0|log-symbols@4.1.0", + "dependsOn": [ + "chalk@4.1.2", + "is-unicode-supported@0.1.0" + ] + }, + { + "ref": "mocha@10.4.0|yargs@16.2.0", + "dependsOn": [ + "mocha@10.4.0|cliui@7.0.4", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs-parser@20.2.4" + ] + }, + { + "ref": "mocha@10.4.0|cliui@7.0.4", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "browser-stdout@1.3.1" + }, + { + "ref": "fill-range@7.0.1", + "dependsOn": [ + "to-regex-range@5.0.1" + ] + }, + { + "ref": "to-regex-range@5.0.1", + "dependsOn": [ + "is-number@7.0.0" + ] + }, + { + "ref": "is-number@7.0.0" + }, + { + "ref": "is-binary-path@2.1.0", + "dependsOn": [ + "binary-extensions@2.3.0" + ] + }, + { + "ref": "binary-extensions@2.3.0" + }, + { + "ref": "readdirp@3.6.0", + "dependsOn": [ + "picomatch@2.3.1" + ] + }, + { + "ref": "wrappy@1.0.2" + }, + { + "ref": "is-unicode-supported@0.1.0" + }, + { + "ref": "serialize-javascript@6.0.0", + "dependsOn": [ + "randombytes@2.1.0" + ] + }, + { + "ref": "randombytes@2.1.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "workerpool@6.2.1" + }, + { + "ref": "yargs-parser@20.2.4" + }, + { + "ref": "yargs-unparser@2.0.0", + "dependsOn": [ + "yargs-unparser@2.0.0|camelcase@6.3.0", + "decamelize@4.0.0", + "flat@5.0.2", + "is-plain-obj@2.1.0" + ] + }, + { + "ref": "yargs-unparser@2.0.0|camelcase@6.3.0" + }, + { + "ref": "decamelize@4.0.0" + }, + { + "ref": "is-plain-obj@2.1.0" + }, + { + "ref": "mock-fs@5.2.0" + }, + { + "ref": "objects-to-csv@1.3.6", + "dependsOn": [ + "async-csv@2.1.3" + ] + }, + { + "ref": "async-csv@2.1.3", + "dependsOn": [ + "csv@5.5.3" + ] + }, + { + "ref": "csv@5.5.3", + "dependsOn": [ + "csv-generate@3.4.3", + "csv-parse@4.16.3", + "csv-stringify@5.6.5", + "stream-transform@2.1.3" + ] + }, + { + "ref": "csv-generate@3.4.3" + }, + { + "ref": "csv-stringify@5.6.5" + }, + { + "ref": "stream-transform@2.1.3", + "dependsOn": [ + "mixme@0.5.10" + ] + }, + { + "ref": "mixme@0.5.10" + }, + { + "ref": "oclif@4.13.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0", + "@aws-sdk/client-s3@3.583.0", + "@inquirer/confirm@3.1.9", + "@inquirer/input@2.1.9", + "@inquirer/select@2.3.5", + "oclif@4.13.0|@oclif/core@4.0.1", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-not-found@3.2.1", + "@oclif/plugin-warn-if-update-available@3.1.4", + "async-retry@1.3.3", + "chalk@4.1.2", + "change-case@4.1.2", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "find-yarn-workspace-root@2.0.0", + "oclif@4.13.0|fs-extra@8.1.0", + "github-slugger@2.0.0", + "got@13.0.0", + "lodash@4.17.21", + "normalize-package-data@6.0.1", + "semver@7.6.2", + "sort-package-json@2.10.0", + "tiny-jsonc@1.0.1", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "oclif@4.13.0|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "oclif@4.13.0|debug@4.3.5", + "dependsOn": [ + "oclif@4.13.0|ms@2.1.2" + ] + }, + { + "ref": "oclif@4.13.0|ms@2.1.2" + }, + { + "ref": "oclif@4.13.0|fs-extra@8.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "oclif@4.13.0|jsonfile@4.0.0", + "oclif@4.13.0|universalify@0.1.2" + ] + }, + { + "ref": "oclif@4.13.0|jsonfile@4.0.0", + "dependsOn": [ + "graceful-fs@4.2.11" + ] + }, + { + "ref": "oclif@4.13.0|universalify@0.1.2" + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/xml-builder@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-waiter@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0", + "dependsOn": [ + "@aws-crypto/sha1-browser@3.0.0", + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "@aws-sdk/middleware-expect-continue@3.577.0", + "@aws-sdk/middleware-flexible-checksums@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-location-constraint@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/middleware-signing@3.577.0", + "@aws-sdk/middleware-ssec@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/signature-v4-multi-region@3.582.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/eventstream-serde-browser@3.0.0", + "@smithy/eventstream-serde-config-resolver@3.0.0", + "@smithy/eventstream-serde-node@3.0.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-blob-browser@3.0.0", + "@smithy/hash-node@3.0.0", + "@smithy/hash-stream-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/md5-js@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/region-config-resolver@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-node@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-env@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-process@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/token-providers@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso-oidc@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sts@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/credential-provider-node@3.577.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-http@3.577.0", + "@aws-sdk/credential-provider-ini@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-user-agent@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-endpoints@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-http@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-ini@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-sso@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso@3.577.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-arn-parser@3.568.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@aws-crypto/crc32c@3.0.0", + "@aws-sdk/types@3.577.0", + "@smithy/is-array-buffer@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/crc32c@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-signing@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-ssec@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "dependsOn": [ + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-browser@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-universal@3.0.0", + "dependsOn": [ + "@smithy/eventstream-codec@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-codec@3.0.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-node@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-blob-browser@3.0.0", + "dependsOn": [ + "@smithy/chunked-blob-reader-native@3.0.0", + "@smithy/chunked-blob-reader@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader-native@3.0.0", + "dependsOn": [ + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-stream-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/md5-js@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@inquirer/confirm@3.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/core@8.2.2", + "dependsOn": [ + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "@types/mute-stream@0.0.4", + "@types/node@20.14.1", + "@types/wrap-ansi@3.0.0", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-spinners@2.9.2", + "@inquirer/core@8.2.2|cli-width@4.1.0", + "@inquirer/core@8.2.2|mute-stream@1.0.0", + "@inquirer/core@8.2.2|signal-exit@4.1.0", + "strip-ansi@6.0.1", + "@inquirer/core@8.2.2|wrap-ansi@6.2.0" + ] + }, + { + "ref": "@inquirer/core@8.2.2|cli-width@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|mute-stream@1.0.0" + }, + { + "ref": "@inquirer/core@8.2.2|signal-exit@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@inquirer/figures@1.0.3" + }, + { + "ref": "@inquirer/type@1.3.3" + }, + { + "ref": "@types/mute-stream@0.0.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/wrap-ansi@3.0.0" + }, + { + "ref": "@inquirer/input@2.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/select@2.3.5", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "ansi-escapes@4.3.2", + "chalk@4.1.2" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1", + "dependsOn": [ + "@inquirer/confirm@3.1.9", + "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "ansis@3.2.0", + "fast-levenshtein@3.0.0" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "fast-levenshtein@3.0.0", + "dependsOn": [ + "fastest-levenshtein@1.0.16" + ] + }, + { + "ref": "fastest-levenshtein@1.0.16" + }, + { + "ref": "async-retry@1.3.3", + "dependsOn": [ + "retry@0.13.1" + ] + }, + { + "ref": "retry@0.13.1" + }, + { + "ref": "change-case@4.1.2", + "dependsOn": [ + "camel-case@4.1.2", + "capital-case@1.0.4", + "constant-case@3.0.4", + "dot-case@3.0.4", + "header-case@2.0.4", + "no-case@3.0.4", + "param-case@3.0.4", + "pascal-case@3.1.2", + "path-case@3.0.4", + "sentence-case@3.0.4", + "snake-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "camel-case@4.1.2", + "dependsOn": [ + "pascal-case@3.1.2", + "tslib@2.6.3" + ] + }, + { + "ref": "pascal-case@3.1.2", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "capital-case@1.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "no-case@3.0.4", + "dependsOn": [ + "lower-case@2.0.2", + "tslib@2.6.3" + ] + }, + { + "ref": "upper-case-first@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "constant-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case@2.0.2" + ] + }, + { + "ref": "upper-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "dot-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "header-case@2.0.4", + "dependsOn": [ + "capital-case@1.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "lower-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "param-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "path-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "sentence-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "snake-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "find-yarn-workspace-root@2.0.0", + "dependsOn": [ + "micromatch@4.0.5" + ] + }, + { + "ref": "github-slugger@2.0.0" + }, + { + "ref": "got@13.0.0", + "dependsOn": [ + "@sindresorhus/is@5.6.0", + "@szmarczak/http-timer@5.0.1", + "cacheable-lookup@7.0.0", + "cacheable-request@10.2.14", + "decompress-response@6.0.0", + "form-data-encoder@2.1.4", + "get-stream@6.0.1", + "http2-wrapper@2.2.1", + "lowercase-keys@3.0.0", + "p-cancelable@3.0.0", + "responselike@3.0.0" + ] + }, + { + "ref": "@sindresorhus/is@5.6.0" + }, + { + "ref": "@szmarczak/http-timer@5.0.1", + "dependsOn": [ + "defer-to-connect@2.0.1" + ] + }, + { + "ref": "defer-to-connect@2.0.1" + }, + { + "ref": "cacheable-lookup@7.0.0" + }, + { + "ref": "cacheable-request@10.2.14", + "dependsOn": [ + "@types/http-cache-semantics@4.0.4", + "get-stream@6.0.1", + "http-cache-semantics@4.1.1", + "keyv@4.5.4", + "mimic-response@4.0.0", + "normalize-url@8.0.1", + "responselike@3.0.0" + ] + }, + { + "ref": "@types/http-cache-semantics@4.0.4" + }, + { + "ref": "http-cache-semantics@4.1.1" + }, + { + "ref": "mimic-response@4.0.0" + }, + { + "ref": "normalize-url@8.0.1" + }, + { + "ref": "responselike@3.0.0", + "dependsOn": [ + "lowercase-keys@3.0.0" + ] + }, + { + "ref": "decompress-response@6.0.0", + "dependsOn": [ + "decompress-response@6.0.0|mimic-response@3.1.0" + ] + }, + { + "ref": "decompress-response@6.0.0|mimic-response@3.1.0" + }, + { + "ref": "form-data-encoder@2.1.4" + }, + { + "ref": "http2-wrapper@2.2.1", + "dependsOn": [ + "quick-lru@5.1.1", + "resolve-alpn@1.2.1" + ] + }, + { + "ref": "resolve-alpn@1.2.1" + }, + { + "ref": "lowercase-keys@3.0.0" + }, + { + "ref": "p-cancelable@3.0.0" + }, + { + "ref": "normalize-package-data@6.0.1", + "dependsOn": [ + "hosted-git-info@7.0.2", + "is-core-module@2.13.1", + "semver@7.6.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "spdx-correct@3.2.0", + "dependsOn": [ + "spdx-expression-parse@3.0.1", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-expression-parse@3.0.1", + "dependsOn": [ + "spdx-exceptions@2.5.0", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-license-ids@3.0.17" + }, + { + "ref": "spdx-exceptions@2.5.0" + }, + { + "ref": "sort-package-json@2.10.0", + "dependsOn": [ + "detect-indent@7.0.1", + "sort-package-json@2.10.0|detect-newline@4.0.1", + "get-stdin@9.0.0", + "git-hooks-list@3.1.0", + "sort-package-json@2.10.0|globby@13.2.2", + "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "semver@7.6.2", + "sort-object-keys@1.1.3" + ] + }, + { + "ref": "sort-package-json@2.10.0|detect-newline@4.0.1" + }, + { + "ref": "sort-package-json@2.10.0|globby@13.2.2", + "dependsOn": [ + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "sort-package-json@2.10.0|slash@4.0.0" + ] + }, + { + "ref": "sort-package-json@2.10.0|slash@4.0.0" + }, + { + "ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0" + }, + { + "ref": "detect-indent@7.0.1" + }, + { + "ref": "get-stdin@9.0.0" + }, + { + "ref": "git-hooks-list@3.1.0" + }, + { + "ref": "sort-object-keys@1.1.3" + }, + { + "ref": "tiny-jsonc@1.0.1" + }, + { + "ref": "open@10.1.0", + "dependsOn": [ + "default-browser@5.2.1", + "define-lazy-prop@3.0.0", + "is-inside-container@1.0.0", + "open@10.1.0|is-wsl@3.1.0" + ] + }, + { + "ref": "open@10.1.0|is-wsl@3.1.0", + "dependsOn": [ + "is-inside-container@1.0.0" + ] + }, + { + "ref": "default-browser@5.2.1", + "dependsOn": [ + "bundle-name@4.1.0", + "default-browser-id@5.0.0" + ] + }, + { + "ref": "bundle-name@4.1.0", + "dependsOn": [ + "run-applescript@7.0.0" + ] + }, + { + "ref": "run-applescript@7.0.0" + }, + { + "ref": "default-browser-id@5.0.0" + }, + { + "ref": "define-lazy-prop@3.0.0" + }, + { + "ref": "is-inside-container@1.0.0", + "dependsOn": [ + "is-inside-container@1.0.0|is-docker@3.0.0" + ] + }, + { + "ref": "is-inside-container@1.0.0|is-docker@3.0.0" + }, + { + "ref": "prompt-sync@4.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|strip-ansi@5.2.0" + ] + }, + { + "ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|ansi-regex@4.1.1" + ] + }, + { + "ref": "prompt-sync@4.2.0|ansi-regex@4.1.1" + }, + { + "ref": "lodash.truncate@4.4.2" + }, + { + "ref": "tmp@0.2.3" + }, + { + "ref": "ts-jest@29.1.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-jest@29.7.0", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "jest-util@29.7.0", + "jest@29.7.0", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "typescript@5.1.6", + "ts-jest@29.1.4|yargs-parser@21.1.1" + ] + }, + { + "ref": "ts-jest@29.1.4|yargs-parser@21.1.1" + }, + { + "ref": "@ampproject/remapping@2.3.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "js-tokens@4.0.0" + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6", + "dependsOn": [ + "@babel/compat-data@7.24.4", + "@babel/helper-validator-option@7.23.5", + "browserslist@4.23.0", + "lru-cache@5.1.1", + "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + ] + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + }, + { + "ref": "@babel/compat-data@7.24.4" + }, + { + "ref": "@babel/helper-validator-option@7.23.5" + }, + { + "ref": "lru-cache@5.1.1", + "dependsOn": [ + "yallist@3.1.1" + ] + }, + { + "ref": "yallist@3.1.1" + }, + { + "ref": "@babel/helper-module-transforms@7.23.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-module-imports@7.24.3", + "@babel/helper-simple-access@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/helper-validator-identifier@7.22.20" + ] + }, + { + "ref": "@babel/helper-environment-visitor@7.22.20" + }, + { + "ref": "@babel/helper-module-imports@7.24.3", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-simple-access@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-split-export-declaration@7.22.6", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helpers@7.24.4", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-function-name@7.23.0", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-hoist-variables@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-string-parser@7.24.1" + }, + { + "ref": "to-fast-properties@2.0.0" + }, + { + "ref": "gensync@1.0.0-beta.2" + }, + { + "ref": "@jridgewell/resolve-uri@3.1.2" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0", + "dependsOn": [ + "camelcase@5.3.1", + "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "get-package-type@0.1.0", + "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + }, + { + "ref": "camelcase@5.3.1" + }, + { + "ref": "test-exclude@6.0.0", + "dependsOn": [ + "@istanbuljs/schema@0.1.3", + "glob@7.2.3", + "test-exclude@6.0.0|minimatch@3.1.2" + ] + }, + { + "ref": "test-exclude@6.0.0|minimatch@3.1.2", + "dependsOn": [ + "test-exclude@6.0.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@types/babel__generator@7.6.8", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/babel__template@7.4.4", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "babel-preset-jest@29.6.3", + "dependsOn": [ + "@babel/core@7.24.4", + "babel-plugin-jest-hoist@29.6.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "babel-plugin-jest-hoist@29.6.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "ts-mocha@10.0.0", + "dependsOn": [ + "mocha@10.4.0", + "ts-mocha@10.0.0|ts-node@7.0.1", + "tsconfig-paths@3.15.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "dependsOn": [ + "ts-mocha@10.0.0|arrify@1.0.1", + "buffer-from@1.1.2", + "ts-mocha@10.0.0|diff@3.5.0", + "make-error@1.3.6", + "minimist@1.2.8", + "ts-mocha@10.0.0|mkdirp@0.5.6", + "source-map-support@0.5.13", + "ts-mocha@10.0.0|yn@2.0.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|arrify@1.0.1" + }, + { + "ref": "ts-mocha@10.0.0|diff@3.5.0" + }, + { + "ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "ts-mocha@10.0.0|yn@2.0.0" + }, + { + "ref": "buffer-from@1.1.2" + }, + { + "ref": "tsconfig-paths@3.15.0", + "dependsOn": [ + "@types/json5@0.0.29", + "tsconfig-paths@3.15.0|json5@1.0.2", + "minimist@1.2.8", + "tsconfig-paths@3.15.0|strip-bom@3.0.0" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0" + }, + { + "ref": "@types/json5@0.0.29" + }, + { + "ref": "@cspotcode/source-map-support@0.8.1", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9" + ] + }, + { + "ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "@tsconfig/node10@1.0.11" + }, + { + "ref": "@tsconfig/node12@1.0.11" + }, + { + "ref": "@tsconfig/node14@1.0.3" + }, + { + "ref": "@tsconfig/node16@1.0.4" + }, + { + "ref": "acorn-walk@8.3.2" + }, + { + "ref": "create-require@1.1.1" + }, + { + "ref": "diff@4.0.2" + }, + { + "ref": "v8-compile-cache-lib@3.0.1" + }, + { + "ref": "yn@3.1.1" + }, + { + "ref": "tsimportlib@0.0.5" + }, + { + "ref": "@colors/colors@1.6.0" + }, + { + "ref": "@dabh/diagnostics@2.0.3", + "dependsOn": [ + "colorspace@1.1.4", + "enabled@2.0.0", + "kuler@2.0.0" + ] + }, + { + "ref": "colorspace@1.1.4", + "dependsOn": [ + "colorspace@1.1.4|color@3.2.1", + "text-hex@1.0.0" + ] + }, + { + "ref": "colorspace@1.1.4|color@3.2.1", + "dependsOn": [ + "colorspace@1.1.4|color-convert@1.9.3", + "color-string@1.9.1" + ] + }, + { + "ref": "colorspace@1.1.4|color-convert@1.9.3", + "dependsOn": [ + "colorspace@1.1.4|color-name@1.1.3" + ] + }, + { + "ref": "colorspace@1.1.4|color-name@1.1.3" + }, + { + "ref": "text-hex@1.0.0" + }, + { + "ref": "enabled@2.0.0" + }, + { + "ref": "kuler@2.0.0" + }, + { + "ref": "logform@2.6.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@types/triple-beam@1.3.5", + "fecha@4.2.3", + "ms@2.1.3", + "safe-stable-stringify@2.4.3", + "triple-beam@1.4.1" + ] + }, + { + "ref": "fecha@4.2.3" + }, + { + "ref": "safe-stable-stringify@2.4.3" + }, + { + "ref": "triple-beam@1.4.1" + }, + { + "ref": "one-time@1.0.0", + "dependsOn": [ + "fn.name@1.1.0" + ] + }, + { + "ref": "fn.name@1.1.0" + }, + { + "ref": "string_decoder@1.3.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "stack-trace@0.0.10" + }, + { + "ref": "winston-transport@4.7.0", + "dependsOn": [ + "logform@2.6.0", + "readable-stream@3.6.2", + "triple-beam@1.4.1" + ] + }, + { + "ref": "xlsx-populate@1.21.0", + "dependsOn": [ + "cfb@1.2.2", + "jszip@3.10.1", + "lodash@4.17.21", + "xlsx-populate@1.21.0|sax@1.3.0" + ] + }, + { + "ref": "xlsx-populate@1.21.0|sax@1.3.0" + }, + { + "ref": "cfb@1.2.2", + "dependsOn": [ + "adler-32@1.3.1", + "crc-32@1.2.2" + ] + }, + { + "ref": "adler-32@1.3.1" + }, + { + "ref": "crc-32@1.2.2" + }, + { + "ref": "jszip@3.10.1", + "dependsOn": [ + "lie@3.3.0", + "pako@1.0.11", + "jszip@3.10.1|readable-stream@2.3.8", + "setimmediate@1.0.5" + ] + }, + { + "ref": "jszip@3.10.1|readable-stream@2.3.8", + "dependsOn": [ + "core-util-is@1.0.3", + "inherits@2.0.4", + "isarray@1.0.0", + "process-nextick-args@2.0.1", + "jszip@3.10.1|safe-buffer@5.1.2", + "jszip@3.10.1|string_decoder@1.1.1", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "jszip@3.10.1|safe-buffer@5.1.2" + }, + { + "ref": "jszip@3.10.1|string_decoder@1.1.1", + "dependsOn": [ + "jszip@3.10.1|safe-buffer@5.1.2" + ] + }, + { + "ref": "lie@3.3.0", + "dependsOn": [ + "immediate@3.0.6" + ] + }, + { + "ref": "immediate@3.0.6" + }, + { + "ref": "pako@1.0.11" + }, + { + "ref": "core-util-is@1.0.3" + }, + { + "ref": "isarray@1.0.0" + }, + { + "ref": "process-nextick-args@2.0.1" + }, + { + "ref": "setimmediate@1.0.5" + }, + { + "ref": "sax@1.2.1" + }, + { + "ref": "xmlbuilder@11.0.1" + }, + { + "ref": "zip-lib@1.0.4", + "dependsOn": [ + "yauzl@3.1.3", + "yazl@2.5.1" + ] + }, + { + "ref": "yauzl@3.1.3", + "dependsOn": [ + "buffer-crc32@0.2.13", + "pend@1.2.0" + ] + }, + { + "ref": "buffer-crc32@0.2.13" + }, + { + "ref": "pend@1.2.0" + }, + { + "ref": "yazl@2.5.1", + "dependsOn": [ + "buffer-crc32@0.2.13" + ] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json b/test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json new file mode 100644 index 000000000..92a1bbc8d --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/spdx-to-cyclonedx.json @@ -0,0 +1,550 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "metadata": { + "timestamp": "2010-01-29T18:30:22Z", + "tools": [ + { + "name": "LicenseFind", + "version": "1.0" + } + ], + "authors": [ + { + "name": "ExampleCodeInspect", + "email": "" + }, + { + "name": "Jane Doe", + "email": "" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DOCUMENT" + }, + { + "name": "spdx:document:spdx-version", + "value": "SPDX-2.2" + }, + { + "name": "spdx:comment", + "value": "This document was created using SPDX 2.0 using licenses from the web site." + }, + { + "name": "spdx:document:name", + "value": "SPDX-Tools-v2.0" + }, + { + "name": "spdx:document:document-namespace", + "value": "http://spdx.org/spdxdocs/spdx-example-json-2.2-444504E0-4F89-41D3-9A0C-0305E82C3301" + }, + { + "name": "spdx:creation-info:comment", + "value": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries." + }, + { + "name": "spdx:creation-info:creators-organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:creation-info:license-list-version", + "value": "3.9" + }, + { + "name": "spdx:document:external-document-ref", + "value": "{\u0022ExternalDocumentId\u0022:\u0022DocumentRef-spdx-tool-1.2\u0022,\u0022Checksum\u0022:{\u0022Algorithm\u0022:1,\u0022ChecksumValue\u0022:\u0022d6a770ba38583ed4bb4525bd96e50461655d2759\u0022},\u0022SpdxDocument\u0022:\u0022http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301\u0022}" + }, + { + "name": "spdx:annotation", + "value": "{\u0022AnnotationDate\u0022:\u00222010-01-29T18:30:22Z\u0022,\u0022AnnotationType\u0022:0,\u0022Annotator\u0022:\u0022Person: Jane Doe ()\u0022,\u0022Comment\u0022:\u0022Document level annotation\u0022}" + }, + { + "name": "spdx:annotation", + "value": "{\u0022AnnotationDate\u0022:\u00222011-03-13T00:00:00Z\u0022,\u0022AnnotationType\u0022:1,\u0022Annotator\u0022:\u0022Person: Suzanne Reviewer\u0022,\u0022Comment\u0022:\u0022Another example reviewer.\u0022}" + }, + { + "name": "spdx:annotation", + "value": "{\u0022AnnotationDate\u0022:\u00222010-02-10T00:00:00Z\u0022,\u0022AnnotationType\u0022:1,\u0022Annotator\u0022:\u0022Person: Joe Reviewer\u0022,\u0022Comment\u0022:\u0022This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses\u0022}" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-File" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-Package" + } + ] + }, + "components": [ + { + "type": "library", + "supplier": { + "name": "Jane Doe", + "contact": [ + { + "email": "jane.doe@example.com" + } + ] + }, + "author": "ExampleCodeInspect", + "name": "glibc", + "version": "2.11.1", + "description": "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + }, + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-256", + "content": "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" + } + ], + "licenses": [ + { + "expression": "(LGPL-2.0-only AND LicenseRef-3)" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "externalReferences": [ + { + "url": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + "type": "distribution" + }, + { + "url": "http://ftp.gnu.org/gnu/glibc", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Package" + }, + { + "name": "spdx:annotation", + "value": "{\u0022AnnotationDate\u0022:\u00222011-01-29T18:30:22Z\u0022,\u0022AnnotationType\u0022:0,\u0022Annotator\u0022:\u0022Person: Package Commenter\u0022,\u0022Comment\u0022:\u0022Package level annotation\u0022}" + }, + { + "name": "spdx:files-analyzed", + "value": "true" + }, + { + "name": "spdx:license-comments", + "value": "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-3)" + }, + { + "name": "spdx:package:file-name", + "value": "glibc-2.11.1.tar.gz" + }, + { + "name": "spdx:package:verification-code:value", + "value": "d6a770ba38583ed4bb4525bd96e50461655d2758" + }, + { + "name": "spdx:package:verification-code:excluded-file", + "value": "./package.spdx" + }, + { + "name": "spdx:package:source-info", + "value": "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git." + }, + { + "name": "spdx:package:summary", + "value": "GNU C library." + }, + { + "name": "spdx:package:originator:organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:package:originator:email", + "value": "contact@example.com" + }, + { + "name": "spdx:external-reference:other:http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + "value": "acmecorp/acmenator/4.1.3-alpha This is the external ref for Acme" + }, + { + "name": "spdx:download-location", + "value": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz" + }, + { + "name": "spdx:homepage", + "value": "http://ftp.gnu.org/gnu/glibc" + } + ], + "evidence": { + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGhpcyBwYWNrYWdlIGluY2x1ZGVzIHRoZSBHUkRETCBwYXJzZXIgZGV2ZWxvcGVkIGJ5IEhld2xldHQgUGFja2FyZCB1bmRlciB0aGUgZm9sbG93aW5nIGxpY2Vuc2U6Cu\u002B/vSBDb3B5cmlnaHQgMjAwNyBIZXdsZXR0LVBhY2thcmQgRGV2ZWxvcG1lbnQgQ29tcGFueSwgTFAKClJlZGlzdHJpYnV0aW9uIGFuZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dCBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUgZm9sbG93aW5nIGNvbmRpdGlvbnMgYXJlIG1ldDogCgpSZWRpc3RyaWJ1dGlvbnMgb2Ygc291cmNlIGNvZGUgbXVzdCByZXRhaW4gdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIuIApSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIgaW4gdGhlIGRvY3VtZW50YXRpb24gYW5kL29yIG90aGVyIG1hdGVyaWFscyBwcm92aWRlZCB3aXRoIHRoZSBkaXN0cmlidXRpb24uIApUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uIApUSElTIFNPRlRXQVJFIElTIFBST1ZJREVEIEJZIFRIRSBBVVRIT1IgYGBBUyBJUycnIEFORCBBTlkgRVhQUkVTUyBPUiBJTVBMSUVEIFdBUlJBTlRJRVMsIElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBUSEUgSU1QTElFRCBXQVJSQU5USUVTIE9GIE1FUkNIQU5UQUJJTElUWSBBTkQgRklUTkVTUyBGT1IgQSBQQVJUSUNVTEFSIFBVUlBPU0UgQVJFIERJU0NMQUlNRUQuIElOIE5PIEVWRU5UIFNIQUxMIFRIRSBBVVRIT1IgQkUgTElBQkxFIEZPUiBBTlkgRElSRUNULCBJTkRJUkVDVCwgSU5DSURFTlRBTCwgU1BFQ0lBTCwgRVhFTVBMQVJZLCBPUiBDT05TRVFVRU5USUFMIERBTUFHRVMgKElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBQUk9DVVJFTUVOVCBPRiBTVUJTVElUVVRFIEdPT0RTIE9SIFNFUlZJQ0VTOyBMT1NTIE9GIFVTRSwgREFUQSwgT1IgUFJPRklUUzsgT1IgQlVTSU5FU1MgSU5URVJSVVBUSU9OKSBIT1dFVkVSIENBVVNFRCBBTkQgT04gQU5ZIFRIRU9SWSBPRiBMSUFCSUxJVFksIFdIRVRIRVIgSU4gQ09OVFJBQ1QsIFNUUklDVCBMSUFCSUxJVFksIE9SIFRPUlQgKElOQ0xVRElORyBORUdMSUdFTkNFIE9SIE9USEVSV0lTRSkgQVJJU0lORyBJTiBBTlkgV0FZIE9VVCBPRiBUSEUgVVNFIE9GIFRISVMgU09GVFdBUkUsIEVWRU4gSUYgQURWSVNFRCBPRiBUSEUgUE9TU0lCSUxJVFkgT0YgU1VDSCBEQU1BR0Uu" + } + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "LyoKICogKGMpIENvcHlyaWdodCAyMDAwLCAyMDAxLCAyMDAyLCAyMDAzLCAyMDA0LCAyMDA1LCAyMDA2LCAyMDA3LCAyMDA4LCAyMDA5IEhld2xldHQtUGFja2FyZCBEZXZlbG9wbWVudCBDb21wYW55LCBMUAogKiBBbGwgcmlnaHRzIHJlc2VydmVkLgogKgogKiBSZWRpc3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICogbW9kaWZpY2F0aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZyBjb25kaXRpb25zCiAqIGFyZSBtZXQ6CiAqIDEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29kZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0CiAqICAgIG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlvbnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KICogMi4gUmVkaXN0cmlidXRpb25zIGluIGJpbmFyeSBmb3JtIG11c3QgcmVwcm9kdWNlIHRoZSBhYm92ZSBjb3B5cmlnaHQKICogICAgbm90aWNlLCB0aGlzIGxpc3Qgb2YgY29uZGl0aW9ucyBhbmQgdGhlIGZvbGxvd2luZyBkaXNjbGFpbWVyIGluIHRoZQogKiAgICBkb2N1bWVudGF0aW9uIGFuZC9vciBvdGhlciBtYXRlcmlhbHMgcHJvdmlkZWQgd2l0aCB0aGUgZGlzdHJpYnV0aW9uLgogKiAzLiBUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMKICogICAgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uCiAqCiAqIFRISVMgU09GVFdBUkUgSVMgUFJPVklERUQgQlkgVEhFIEFVVEhPUiBgYEFTIElTJycgQU5EIEFOWSBFWFBSRVNTIE9SCiAqIElNUExJRUQgV0FSUkFOVElFUywgSU5DTFVESU5HLCBCVVQgTk9UIExJTUlURUQgVE8sIFRIRSBJTVBMSUVEIFdBUlJBTlRJRVMKICogT0YgTUVSQ0hBTlRBQklMSVRZIEFORCBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRSBBUkUgRElTQ0xBSU1FRC4KICogSU4gTk8gRVZFTlQgU0hBTEwgVEhFIEFVVEhPUiBCRSBMSUFCTEUgRk9SIEFOWSBESVJFQ1QsIElORElSRUNULAogKiBJTkNJREVOVEFMLCBTUEVDSUFMLCBFWEVNUExBUlksIE9SIENPTlNFUVVFTlRJQUwgREFNQUdFUyAoSU5DTFVESU5HLCBCVVQKICogTk9UIExJTUlURUQgVE8sIFBST0NVUkVNRU5UIE9GIFNVQlNUSVRVVEUgR09PRFMgT1IgU0VSVklDRVM7IExPU1MgT0YgVVNFLAogKiBEQVRBLCBPUiBQUk9GSVRTOyBPUiBCVVNJTkVTUyBJTlRFUlJVUFRJT04pIEhPV0VWRVIgQ0FVU0VEIEFORCBPTiBBTlkKICogVEhFT1JZIE9GIExJQUJJTElUWSwgV0hFVEhFUiBJTiBDT05UUkFDVCwgU1RSSUNUIExJQUJJTElUWSwgT1IgVE9SVAogKiAoSU5DTFVESU5HIE5FR0xJR0VOQ0UgT1IgT1RIRVJXSVNFKSBBUklTSU5HIElOIEFOWSBXQVkgT1VUIE9GIFRIRSBVU0UgT0YKICogVEhJUyBTT0ZUV0FSRSwgRVZFTiBJRiBBRFZJU0VEIE9GIFRIRSBQT1NTSUJJTElUWSBPRiBTVUNIIERBTUFHRS4KKi8=" + } + } + } + ], + "copyright": [ + { + "text": "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." + } + ] + } + }, + { + "type": "library", + "name": "Apache Commons Lang", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://commons.apache.org/proper/commons-lang/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-1" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://commons.apache.org/proper/commons-lang/" + } + ] + }, + { + "type": "library", + "name": "Jena", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://www.openjena.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-0" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://www.openjena.org/" + } + ] + }, + { + "type": "library", + "name": "Saxon", + "version": "8.8", + "description": "The Saxon package is a collection of tools for processing XML documents.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + } + ], + "licenses": [ + { + "expression": "MPL-1.0" + } + ], + "copyright": "Copyright Saxonica Ltd", + "externalReferences": [ + { + "url": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + "type": "distribution" + }, + { + "url": "http://saxon.sourceforge.net/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Saxon" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-comments", + "value": "Other versions available for a commercial license" + }, + { + "name": "spdx:license-concluded", + "value": "MPL-1.0" + }, + { + "name": "spdx:package:file-name", + "value": "saxonB-8.8.zip" + }, + { + "name": "spdx:download-location", + "value": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download" + }, + { + "name": "spdx:homepage", + "value": "http://saxon.sourceforge.net/" + } + ] + }, + { + "type": "file", + "name": "./src/org/spdx/parser/DOAPProject.java", + "hashes": [ + { + "alg": "SHA-1", + "content": "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" + } + ], + "copyright": "Copyright 2010, 2011 Source Auditor Inc.", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DoapSource" + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Protecode Inc." + }, + { + "name": "spdx:file:contributor", + "value": "SPDX Technical Team Members" + }, + { + "name": "spdx:file:contributor", + "value": "Open Logic Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Source Auditor Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Black Duck Software In.c" + } + ] + }, + { + "type": "file", + "name": "./lib-source/commons-lang3-3.1-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "Copyright 2001-2011 The Apache Software Foundation", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-CommonsLangSrc" + }, + { + "name": "spdx:comment", + "value": "This file is used by Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:notice-text", + "value": "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" + } + ] + }, + { + "type": "file", + "name": "./lib-source/jena-2.6.3-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-JenaLib" + }, + { + "name": "spdx:comment", + "value": "This file belongs to Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-comments", + "value": "This license is used by Jena" + }, + { + "name": "spdx:license-concluded", + "value": "LicenseRef-1" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:contributor", + "value": "Hewlett Packard Inc." + } + ] + }, + { + "type": "file", + "name": "./package/foo.c", + "hashes": [ + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-1", + "content": "d6a770ba38583ed4bb4525bd96e50461655d2758" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-File" + }, + { + "name": "spdx:comment", + "value": "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory." + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:annotation", + "value": "{\u0022AnnotationDate\u0022:\u00222011-01-29T18:30:22Z\u0022,\u0022AnnotationType\u0022:0,\u0022Annotator\u0022:\u0022Person: File Commenter\u0022,\u0022Comment\u0022:\u0022File level annotation\u0022}" + }, + { + "name": "spdx:license-comments", + "value": "The concluded license was taken from the package level that the file was included in." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-2)" + }, + { + "name": "spdx:file:contributor", + "value": "The Regents of the University of California" + }, + { + "name": "spdx:file:contributor", + "value": "Modified by Paul Mundt lethal@linux-sh.org" + }, + { + "name": "spdx:file:contributor", + "value": "IBM Corporation" + }, + { + "name": "spdx:file:notice-text", + "value": "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \uFFFDSoftware\uFFFD), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \uFFFDAS IS\u0027, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." + } + ] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json b/test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json new file mode 100644 index 000000000..591d08246 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/syft-scan-alpine-container.json @@ -0,0 +1,1115 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "serialNumber": "urn:uuid:600bf98a-94fb-4a9c-b7b5-0bae4f32aeb7", + "version": 1, + "metadata": { + "timestamp": "2024-08-19T08:25:05-04:00", + "tools": { + "components": [ + { + "type": "application", + "author": "anchore", + "name": "syft", + "version": "1.11.0" + } + ] + }, + "component": { + "bom-ref": "1d098408640ab242", + "type": "container", + "name": "alpine", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33" + } + }, + "components": [ + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:alpine-baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { "name": "syft:metadata:installedSize", "value": "331776" }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1zwvKMnYs1b6ZdPTBJ0Z7D5P3jyA=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "alpine-baselayout-data=3.4.3-r1" + }, + { "name": "syft:metadata:pullDependencies:1", "value": "/bin/sh" }, + { "name": "syft:metadata:size", "value": "8914" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout-data", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:alpine-baselayout-data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout-data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { "name": "syft:metadata:installedSize", "value": "77824" }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1YCAH7jdO2W816b85sUh9Z8av4Cc=" + }, + { "name": "syft:metadata:size", "value": "11705" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c3e1269ff75aa1d8", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-keys", + "version": "2.4-r1", + "description": "Public keys for Alpine Linux packages", + "licenses": [{ "license": { "id": "MIT" } }], + "cpe": "cpe:2.3:a:alpine-keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://alpinelinux.org", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "aab68f8c9ab434a46710de8e12fb3206e2930a59" + }, + { "name": "syft:metadata:installedSize", "value": "159744" }, + { "name": "syft:metadata:originPackage", "value": "alpine-keys" }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q17Do9XvTHoWjQlRYJe7MhnKd8FTQ=" + }, + { "name": "syft:metadata:size", "value": "13360" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "type": "library", + "publisher": "Natanael Copa ", + "name": "apk-tools", + "version": "2.14.0-r2", + "description": "Alpine Package Keeper - package manager for alpine", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/apk-tools", + "type": "distribution" + } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk-tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "cbaf845cd82388decc932885aa5b6d695bd8a306" + }, + { "name": "syft:metadata:installedSize", "value": "311296" }, + { "name": "syft:metadata:originPackage", "value": "apk-tools" }, + { + "name": "syft:metadata:provides:0", + "value": "so:libapk.so.2.14.0=2.14.0" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:apk=2.14.0-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1jN4l8jnr9pHNE1o5VOUZPBrCrhM=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl>=1.2.3_git20230424" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "ca-certificates-bundle" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:3", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:4", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:pullDependencies:5", + "value": "so:libz.so.1" + }, + { "name": "syft:metadata:size", "value": "125679" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox", + "version": "1.36.1-r2", + "description": "Size optimized toolbox of many common UNIX utilities", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:busybox:busybox:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://busybox.net/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { "name": "syft:metadata:installedSize", "value": "946176" }, + { "name": "syft:metadata:originPackage", "value": "busybox" }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1gQ/L3UBnSjgkFWEHQaUkUDubqdI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { "name": "syft:metadata:size", "value": "510086" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox-binsh", + "version": "1.36.1-r2", + "description": "busybox ash /bin/sh", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://busybox.net/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { "name": "syft:metadata:installedSize", "value": "8192" }, + { "name": "syft:metadata:originPackage", "value": "busybox" }, + { "name": "syft:metadata:provides:0", "value": "/bin/sh" }, + { "name": "syft:metadata:provides:1", "value": "cmd:sh=1.36.1-r2" }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1ng9K4zeuARW5It8leWhwxor0cRQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "busybox=1.36.1-r2" + }, + { "name": "syft:metadata:size", "value": "1543" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "type": "library", + "publisher": "Natanael Copa ", + "name": "ca-certificates-bundle", + "version": "20230506-r0", + "description": "Pre generated bundle of Mozilla certificates", + "licenses": [{ "expression": "MPL-2.0 AND MIT" }], + "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", + "type": "distribution" + } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "59534a02716a92a10d177a118c34066162eff4a6" + }, + { "name": "syft:metadata:installedSize", "value": "237568" }, + { + "name": "syft:metadata:originPackage", + "value": "ca-certificates" + }, + { + "name": "syft:metadata:provides:0", + "value": "ca-certificates-cacert=20230506-r0" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1R/SF0IZwqesh6/EOcK5l3EOrbD0=" + }, + { "name": "syft:metadata:size", "value": "126311" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "type": "library", + "publisher": "Natanael Copa ", + "name": "libc-utils", + "version": "0.7.2-r5", + "description": "Meta package to pull in correct libc", + "licenses": [{ "expression": "BSD-2-Clause AND BSD-3-Clause" }], + "cpe": "cpe:2.3:a:libc-utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://alpinelinux.org", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc-utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "988f183cc9d6699930c3e18ccf4a9e36010afb56" + }, + { "name": "syft:metadata:installedSize", "value": "4096" }, + { "name": "syft:metadata:originPackage", "value": "libc-dev" }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1Llna/ri8oHhlQIRsaG8SGug0ikI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl-utils" + }, + { "name": "syft:metadata:size", "value": "1484" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libcrypto3", + "version": "3.1.2-r0", + "description": "Crypto library from openssl", + "licenses": [{ "license": { "id": "Apache-2.0" } }], + "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://www.openssl.org/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto3:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { "name": "syft:metadata:installedSize", "value": "4575232" }, + { "name": "syft:metadata:originPackage", "value": "openssl" }, + { + "name": "syft:metadata:provides:0", + "value": "so:libcrypto.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1NsXXS8muNMooXArl1YhRLj5Rvno=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { "name": "syft:metadata:size", "value": "1740170" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libssl3", + "version": "3.1.2-r0", + "description": "SSL shared libraries", + "licenses": [{ "license": { "id": "Apache-2.0" } }], + "cpe": "cpe:2.3:a:libssl3:libssl3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://www.openssl.org/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl3:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { "name": "syft:metadata:installedSize", "value": "565248" }, + { "name": "syft:metadata:originPackage", "value": "openssl" }, + { "name": "syft:metadata:provides:0", "value": "so:libssl.so.3=3" }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q16d3kU5nHnWY7SeXMWOWZGiQjKcg=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { "name": "syft:metadata:size", "value": "236713" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [{ "license": { "id": "MIT" } }], + "cpe": "cpe:2.3:a:musl-libc:musl:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://musl.libc.org/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_libc:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { "name": "syft:metadata:installedSize", "value": "634880" }, + { "name": "syft:metadata:originPackage", "value": "musl" }, + { + "name": "syft:metadata:provides:0", + "value": "so:libc.musl-x86_64.so.1=1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q12qHLEadu7QpBuz8kHB5EDF3mKB4=" + }, + { "name": "syft:metadata:size", "value": "390477" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl-utils", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { "expression": "MIT AND BSD-2-Clause AND GPL-2.0-or-later" } + ], + "cpe": "cpe:2.3:a:musl-utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://musl.libc.org/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { "name": "syft:metadata:installedSize", "value": "135168" }, + { "name": "syft:metadata:originPackage", "value": "musl" }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:getconf=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:getent=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:2", + "value": "cmd:iconv=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:3", + "value": "cmd:ldconfig=1.2.4-r1" + }, + { "name": "syft:metadata:provides:4", "value": "cmd:ldd=1.2.4-r1" }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1x4sUHXjWjUzYP5FPvJL1HWBjL1M=" + }, + { "name": "syft:metadata:pullDependencies:0", "value": "scanelf" }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libc.musl-x86_64.so.1" + }, + { "name": "syft:metadata:size", "value": "36691" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "type": "library", + "publisher": "Natanael Copa ", + "name": "scanelf", + "version": "1.3.7-r1", + "description": "Scan ELF binaries for stuff", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:scanelf:scanelf:1.3.7-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities", + "type": "distribution" + } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { "name": "syft:metadata:installedSize", "value": "90112" }, + { "name": "syft:metadata:originPackage", "value": "pax-utils" }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:scanelf=1.3.7-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q14nq9o4+uo2NaLbTVDQB3UeooC0M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { "name": "syft:metadata:size", "value": "35664" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "type": "library", + "publisher": "Sören Tempel ", + "name": "ssl_client", + "version": "1.36.1-r2", + "description": "EXternal ssl_client for busybox wget", + "licenses": [{ "license": { "id": "GPL-2.0-only" } }], + "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://busybox.net/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl-client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { "name": "syft:metadata:installedSize", "value": "28672" }, + { "name": "syft:metadata:originPackage", "value": "busybox" }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:ssl_client=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1j6LHWpavmnFtpYjzQkH7apSIVOc=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libssl.so.3" + }, + { "name": "syft:metadata:size", "value": "4944" } + ] + }, + { + "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "type": "library", + "publisher": "Natanael Copa ", + "name": "zlib", + "version": "1.2.13-r1", + "description": "A compression/decompression Library", + "licenses": [{ "license": { "id": "Zlib" } }], + "cpe": "cpe:2.3:a:zlib:zlib:1.2.13-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { "url": "https://zlib.net/", "type": "distribution" } + ], + "properties": [ + { "name": "syft:package:foundBy", "value": "apk-db-cataloger" }, + { "name": "syft:package:type", "value": "apk" }, + { "name": "syft:package:metadataType", "value": "apk-db-entry" }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { "name": "syft:metadata:installedSize", "value": "110592" }, + { "name": "syft:metadata:originPackage", "value": "zlib" }, + { + "name": "syft:metadata:provides:0", + "value": "so:libz.so.1=1.2.13" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1JlboSJkrN4qkDcokr4zenpcWEXQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { "name": "syft:metadata:size", "value": "54253" } + ] + }, + { + "bom-ref": "os:alpine@3.18.3", + "type": "operating-system", + "name": "alpine", + "version": "3.18.3", + "description": "Alpine Linux v3.18", + "swid": { "tagId": "alpine", "name": "alpine", "version": "3.18.3" }, + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues", + "type": "issue-tracker" + }, + { "url": "https://alpinelinux.org/", "type": "website" } + ], + "properties": [ + { "name": "syft:distro:id", "value": "alpine" }, + { "name": "syft:distro:prettyName", "value": "Alpine Linux v3.18" }, + { "name": "syft:distro:versionID", "value": "3.18.3" } + ] + } + ], + "dependencies": [ + { + "ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "dependsOn": [ + "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca" + ] + }, + { + "ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "dependsOn": [ + "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc" + ] + }, + { + "ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "dependsOn": [ + "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5" + ] + }, + { + "ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "dependsOn": [ + "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6" + ] + }, + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970" + ] + }, + { + "ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + } + ] +} diff --git a/test/sample_data/cyclonedx_sbom/sample_input_report/vex.json b/test/sample_data/cyclonedx_sbom/sample_input_report/vex.json new file mode 100644 index 000000000..4ffca24f0 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sample_input_report/vex.json @@ -0,0 +1,99 @@ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "vulnerabilities": [ + { + "id": "CVE-2020-25649", + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649" + }, + "references": [ + { + "id": "SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302", + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + } + } + ], + "ratings": [ + { + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N&version=3.1" + }, + "score": 7.5, + "severity": "high", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + }, + { + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + }, + "score": 8.2, + "severity": "high", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + }, + { + "source": { + "name": "Acme Inc", + "url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N&version=3.1" + }, + "score": 0.0, + "severity": "none", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N" + } + ], + "cwes": [ + 611 + ], + "description": "com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.", + "detail": "XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\n\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.", + "recommendation": "Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.", + "advisories": [ + { + "title": "GitHub Commit", + "url": "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59" + }, + { + "title": "GitHub Issue", + "url": "https://github.com/FasterXML/jackson-databind/issues/2589" + }, + { + "title": "RedHat Bugzilla Bug", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664" + } + ], + "created": "2020-12-03T00:00:00.000Z", + "published": "2020-12-03T00:00:00.000Z", + "updated": "2021-10-26T00:00:00.000Z", + "credits": { + "individuals": [ + { + "name": "Bartosz Baranowski" + } + ] + }, + "analysis": { + "state": "not_affected", + "justification": "code_not_reachable", + "response": [ + "will_not_fix", + "update" + ], + "detail": "Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly." + }, + "affects": [ + { + "ref": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar" + } + ] + } + ] +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf-withraw.json new file mode 100644 index 000000000..cc5e99b8a --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf-withraw.json @@ -0,0 +1,1127 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report", + "title": "CycloneDX BOM Report", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "6ee2405d5989a8a247a146594423542db865fb915d4896a411a783460935e3d6" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "supplier": { + "name": "Jane Doe", + "contact": [ + { + "email": "jane.doe@example.com" + } + ] + }, + "author": "ExampleCodeInspect", + "name": "glibc", + "version": "2.11.1", + "description": "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + }, + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-256", + "content": "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" + } + ], + "licenses": [ + { + "expression": "(LGPL-2.0-only AND LicenseRef-3)" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "externalReferences": [ + { + "url": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + "type": "distribution" + }, + { + "url": "http://ftp.gnu.org/gnu/glibc", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Package" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Package Commenter\",\"Comment\":\"Package level annotation\"}" + }, + { + "name": "spdx:files-analyzed", + "value": "true" + }, + { + "name": "spdx:license-comments", + "value": "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-3)" + }, + { + "name": "spdx:package:file-name", + "value": "glibc-2.11.1.tar.gz" + }, + { + "name": "spdx:package:verification-code:value", + "value": "d6a770ba38583ed4bb4525bd96e50461655d2758" + }, + { + "name": "spdx:package:verification-code:excluded-file", + "value": "./package.spdx" + }, + { + "name": "spdx:package:source-info", + "value": "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git." + }, + { + "name": "spdx:package:summary", + "value": "GNU C library." + }, + { + "name": "spdx:package:originator:organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:package:originator:email", + "value": "contact@example.com" + }, + { + "name": "spdx:external-reference:other:http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + "value": "acmecorp/acmenator/4.1.3-alpha This is the external ref for Acme" + }, + { + "name": "spdx:download-location", + "value": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz" + }, + { + "name": "spdx:homepage", + "value": "http://ftp.gnu.org/gnu/glibc" + } + ], + "evidence": { + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGhpcyBwYWNrYWdlIGluY2x1ZGVzIHRoZSBHUkRETCBwYXJzZXIgZGV2ZWxvcGVkIGJ5IEhld2xldHQgUGFja2FyZCB1bmRlciB0aGUgZm9sbG93aW5nIGxpY2Vuc2U6Cu+/vSBDb3B5cmlnaHQgMjAwNyBIZXdsZXR0LVBhY2thcmQgRGV2ZWxvcG1lbnQgQ29tcGFueSwgTFAKClJlZGlzdHJpYnV0aW9uIGFuZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dCBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUgZm9sbG93aW5nIGNvbmRpdGlvbnMgYXJlIG1ldDogCgpSZWRpc3RyaWJ1dGlvbnMgb2Ygc291cmNlIGNvZGUgbXVzdCByZXRhaW4gdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIuIApSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIgaW4gdGhlIGRvY3VtZW50YXRpb24gYW5kL29yIG90aGVyIG1hdGVyaWFscyBwcm92aWRlZCB3aXRoIHRoZSBkaXN0cmlidXRpb24uIApUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uIApUSElTIFNPRlRXQVJFIElTIFBST1ZJREVEIEJZIFRIRSBBVVRIT1IgYGBBUyBJUycnIEFORCBBTlkgRVhQUkVTUyBPUiBJTVBMSUVEIFdBUlJBTlRJRVMsIElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBUSEUgSU1QTElFRCBXQVJSQU5USUVTIE9GIE1FUkNIQU5UQUJJTElUWSBBTkQgRklUTkVTUyBGT1IgQSBQQVJUSUNVTEFSIFBVUlBPU0UgQVJFIERJU0NMQUlNRUQuIElOIE5PIEVWRU5UIFNIQUxMIFRIRSBBVVRIT1IgQkUgTElBQkxFIEZPUiBBTlkgRElSRUNULCBJTkRJUkVDVCwgSU5DSURFTlRBTCwgU1BFQ0lBTCwgRVhFTVBMQVJZLCBPUiBDT05TRVFVRU5USUFMIERBTUFHRVMgKElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBQUk9DVVJFTUVOVCBPRiBTVUJTVElUVVRFIEdPT0RTIE9SIFNFUlZJQ0VTOyBMT1NTIE9GIFVTRSwgREFUQSwgT1IgUFJPRklUUzsgT1IgQlVTSU5FU1MgSU5URVJSVVBUSU9OKSBIT1dFVkVSIENBVVNFRCBBTkQgT04gQU5ZIFRIRU9SWSBPRiBMSUFCSUxJVFksIFdIRVRIRVIgSU4gQ09OVFJBQ1QsIFNUUklDVCBMSUFCSUxJVFksIE9SIFRPUlQgKElOQ0xVRElORyBORUdMSUdFTkNFIE9SIE9USEVSV0lTRSkgQVJJU0lORyBJTiBBTlkgV0FZIE9VVCBPRiBUSEUgVVNFIE9GIFRISVMgU09GVFdBUkUsIEVWRU4gSUYgQURWSVNFRCBPRiBUSEUgUE9TU0lCSUxJVFkgT0YgU1VDSCBEQU1BR0Uu" + } + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "LyoKICogKGMpIENvcHlyaWdodCAyMDAwLCAyMDAxLCAyMDAyLCAyMDAzLCAyMDA0LCAyMDA1LCAyMDA2LCAyMDA3LCAyMDA4LCAyMDA5IEhld2xldHQtUGFja2FyZCBEZXZlbG9wbWVudCBDb21wYW55LCBMUAogKiBBbGwgcmlnaHRzIHJlc2VydmVkLgogKgogKiBSZWRpc3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICogbW9kaWZpY2F0aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZyBjb25kaXRpb25zCiAqIGFyZSBtZXQ6CiAqIDEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29kZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0CiAqICAgIG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlvbnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KICogMi4gUmVkaXN0cmlidXRpb25zIGluIGJpbmFyeSBmb3JtIG11c3QgcmVwcm9kdWNlIHRoZSBhYm92ZSBjb3B5cmlnaHQKICogICAgbm90aWNlLCB0aGlzIGxpc3Qgb2YgY29uZGl0aW9ucyBhbmQgdGhlIGZvbGxvd2luZyBkaXNjbGFpbWVyIGluIHRoZQogKiAgICBkb2N1bWVudGF0aW9uIGFuZC9vciBvdGhlciBtYXRlcmlhbHMgcHJvdmlkZWQgd2l0aCB0aGUgZGlzdHJpYnV0aW9uLgogKiAzLiBUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMKICogICAgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uCiAqCiAqIFRISVMgU09GVFdBUkUgSVMgUFJPVklERUQgQlkgVEhFIEFVVEhPUiBgYEFTIElTJycgQU5EIEFOWSBFWFBSRVNTIE9SCiAqIElNUExJRUQgV0FSUkFOVElFUywgSU5DTFVESU5HLCBCVVQgTk9UIExJTUlURUQgVE8sIFRIRSBJTVBMSUVEIFdBUlJBTlRJRVMKICogT0YgTUVSQ0hBTlRBQklMSVRZIEFORCBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRSBBUkUgRElTQ0xBSU1FRC4KICogSU4gTk8gRVZFTlQgU0hBTEwgVEhFIEFVVEhPUiBCRSBMSUFCTEUgRk9SIEFOWSBESVJFQ1QsIElORElSRUNULAogKiBJTkNJREVOVEFMLCBTUEVDSUFMLCBFWEVNUExBUlksIE9SIENPTlNFUVVFTlRJQUwgREFNQUdFUyAoSU5DTFVESU5HLCBCVVQKICogTk9UIExJTUlURUQgVE8sIFBST0NVUkVNRU5UIE9GIFNVQlNUSVRVVEUgR09PRFMgT1IgU0VSVklDRVM7IExPU1MgT0YgVVNFLAogKiBEQVRBLCBPUiBQUk9GSVRTOyBPUiBCVVNJTkVTUyBJTlRFUlJVUFRJT04pIEhPV0VWRVIgQ0FVU0VEIEFORCBPTiBBTlkKICogVEhFT1JZIE9GIExJQUJJTElUWSwgV0hFVEhFUiBJTiBDT05UUkFDVCwgU1RSSUNUIExJQUJJTElUWSwgT1IgVE9SVAogKiAoSU5DTFVESU5HIE5FR0xJR0VOQ0UgT1IgT1RIRVJXSVNFKSBBUklTSU5HIElOIEFOWSBXQVkgT1VUIE9GIFRIRSBVU0UgT0YKICogVEhJUyBTT0ZUV0FSRSwgRVZFTiBJRiBBRFZJU0VEIE9GIFRIRSBQT1NTSUJJTElUWSBPRiBTVUNIIERBTUFHRS4KKi8=" + } + } + } + ], + "copyright": [ + { + "text": "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." + } + ] + } + }, + { + "type": "library", + "name": "Apache Commons Lang", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://commons.apache.org/proper/commons-lang/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-1" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://commons.apache.org/proper/commons-lang/" + } + ] + }, + { + "type": "library", + "name": "Jena", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://www.openjena.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-0" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://www.openjena.org/" + } + ] + }, + { + "type": "library", + "name": "Saxon", + "version": "8.8", + "description": "The Saxon package is a collection of tools for processing XML documents.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + } + ], + "licenses": [ + { + "expression": "MPL-1.0" + } + ], + "copyright": "Copyright Saxonica Ltd", + "externalReferences": [ + { + "url": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + "type": "distribution" + }, + { + "url": "http://saxon.sourceforge.net/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Saxon" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-comments", + "value": "Other versions available for a commercial license" + }, + { + "name": "spdx:license-concluded", + "value": "MPL-1.0" + }, + { + "name": "spdx:package:file-name", + "value": "saxonB-8.8.zip" + }, + { + "name": "spdx:download-location", + "value": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download" + }, + { + "name": "spdx:homepage", + "value": "http://saxon.sourceforge.net/" + } + ] + }, + { + "type": "file", + "name": "./src/org/spdx/parser/DOAPProject.java", + "hashes": [ + { + "alg": "SHA-1", + "content": "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" + } + ], + "copyright": "Copyright 2010, 2011 Source Auditor Inc.", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DoapSource" + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Protecode Inc." + }, + { + "name": "spdx:file:contributor", + "value": "SPDX Technical Team Members" + }, + { + "name": "spdx:file:contributor", + "value": "Open Logic Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Source Auditor Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Black Duck Software In.c" + } + ] + }, + { + "type": "file", + "name": "./lib-source/commons-lang3-3.1-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "Copyright 2001-2011 The Apache Software Foundation", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-CommonsLangSrc" + }, + { + "name": "spdx:comment", + "value": "This file is used by Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:notice-text", + "value": "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" + } + ] + }, + { + "type": "file", + "name": "./lib-source/jena-2.6.3-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-JenaLib" + }, + { + "name": "spdx:comment", + "value": "This file belongs to Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-comments", + "value": "This license is used by Jena" + }, + { + "name": "spdx:license-concluded", + "value": "LicenseRef-1" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:contributor", + "value": "Hewlett Packard Inc." + } + ] + }, + { + "type": "file", + "name": "./package/foo.c", + "hashes": [ + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-1", + "content": "d6a770ba38583ed4bb4525bd96e50461655d2758" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-File" + }, + { + "name": "spdx:comment", + "value": "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory." + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: File Commenter\",\"Comment\":\"File level annotation\"}" + }, + { + "name": "spdx:license-comments", + "value": "The concluded license was taken from the package level that the file was included in." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-2)" + }, + { + "name": "spdx:file:contributor", + "value": "The Regents of the University of California" + }, + { + "name": "spdx:file:contributor", + "value": "Modified by Paul Mundt lethal@linux-sh.org" + }, + { + "name": "spdx:file:contributor", + "value": "IBM Corporation" + }, + { + "name": "spdx:file:notice-text", + "value": "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." + } + ] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "metadata": { + "timestamp": "2010-01-29T18:30:22Z", + "tools": [ + { + "name": "LicenseFind", + "version": "1.0" + } + ], + "authors": [ + { + "name": "ExampleCodeInspect", + "email": "" + }, + { + "name": "Jane Doe", + "email": "" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DOCUMENT" + }, + { + "name": "spdx:document:spdx-version", + "value": "SPDX-2.2" + }, + { + "name": "spdx:comment", + "value": "This document was created using SPDX 2.0 using licenses from the web site." + }, + { + "name": "spdx:document:name", + "value": "SPDX-Tools-v2.0" + }, + { + "name": "spdx:document:document-namespace", + "value": "http://spdx.org/spdxdocs/spdx-example-json-2.2-444504E0-4F89-41D3-9A0C-0305E82C3301" + }, + { + "name": "spdx:creation-info:comment", + "value": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries." + }, + { + "name": "spdx:creation-info:creators-organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:creation-info:license-list-version", + "value": "3.9" + }, + { + "name": "spdx:document:external-document-ref", + "value": "{\"ExternalDocumentId\":\"DocumentRef-spdx-tool-1.2\",\"Checksum\":{\"Algorithm\":1,\"ChecksumValue\":\"d6a770ba38583ed4bb4525bd96e50461655d2759\"},\"SpdxDocument\":\"http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Jane Doe ()\",\"Comment\":\"Document level annotation\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-03-13T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Suzanne Reviewer\",\"Comment\":\"Another example reviewer.\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-02-10T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Joe Reviewer\",\"Comment\":\"This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses\"}" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-File" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-Package" + } + ] + } + } + } + ], + "raw": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "metadata": { + "timestamp": "2010-01-29T18:30:22Z", + "tools": [ + { + "name": "LicenseFind", + "version": "1.0" + } + ], + "authors": [ + { + "name": "ExampleCodeInspect", + "email": "" + }, + { + "name": "Jane Doe", + "email": "" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DOCUMENT" + }, + { + "name": "spdx:document:spdx-version", + "value": "SPDX-2.2" + }, + { + "name": "spdx:comment", + "value": "This document was created using SPDX 2.0 using licenses from the web site." + }, + { + "name": "spdx:document:name", + "value": "SPDX-Tools-v2.0" + }, + { + "name": "spdx:document:document-namespace", + "value": "http://spdx.org/spdxdocs/spdx-example-json-2.2-444504E0-4F89-41D3-9A0C-0305E82C3301" + }, + { + "name": "spdx:creation-info:comment", + "value": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries." + }, + { + "name": "spdx:creation-info:creators-organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:creation-info:license-list-version", + "value": "3.9" + }, + { + "name": "spdx:document:external-document-ref", + "value": "{\"ExternalDocumentId\":\"DocumentRef-spdx-tool-1.2\",\"Checksum\":{\"Algorithm\":1,\"ChecksumValue\":\"d6a770ba38583ed4bb4525bd96e50461655d2759\"},\"SpdxDocument\":\"http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Jane Doe ()\",\"Comment\":\"Document level annotation\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-03-13T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Suzanne Reviewer\",\"Comment\":\"Another example reviewer.\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-02-10T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Joe Reviewer\",\"Comment\":\"This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses\"}" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-File" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-Package" + } + ] + }, + "components": [ + { + "type": "library", + "supplier": { + "name": "Jane Doe", + "contact": [ + { + "email": "jane.doe@example.com" + } + ] + }, + "author": "ExampleCodeInspect", + "name": "glibc", + "version": "2.11.1", + "description": "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + }, + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-256", + "content": "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" + } + ], + "licenses": [ + { + "expression": "(LGPL-2.0-only AND LicenseRef-3)" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "externalReferences": [ + { + "url": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + "type": "distribution" + }, + { + "url": "http://ftp.gnu.org/gnu/glibc", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Package" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Package Commenter\",\"Comment\":\"Package level annotation\"}" + }, + { + "name": "spdx:files-analyzed", + "value": "true" + }, + { + "name": "spdx:license-comments", + "value": "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-3)" + }, + { + "name": "spdx:package:file-name", + "value": "glibc-2.11.1.tar.gz" + }, + { + "name": "spdx:package:verification-code:value", + "value": "d6a770ba38583ed4bb4525bd96e50461655d2758" + }, + { + "name": "spdx:package:verification-code:excluded-file", + "value": "./package.spdx" + }, + { + "name": "spdx:package:source-info", + "value": "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git." + }, + { + "name": "spdx:package:summary", + "value": "GNU C library." + }, + { + "name": "spdx:package:originator:organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:package:originator:email", + "value": "contact@example.com" + }, + { + "name": "spdx:external-reference:other:http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + "value": "acmecorp/acmenator/4.1.3-alpha This is the external ref for Acme" + }, + { + "name": "spdx:download-location", + "value": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz" + }, + { + "name": "spdx:homepage", + "value": "http://ftp.gnu.org/gnu/glibc" + } + ], + "evidence": { + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGhpcyBwYWNrYWdlIGluY2x1ZGVzIHRoZSBHUkRETCBwYXJzZXIgZGV2ZWxvcGVkIGJ5IEhld2xldHQgUGFja2FyZCB1bmRlciB0aGUgZm9sbG93aW5nIGxpY2Vuc2U6Cu+/vSBDb3B5cmlnaHQgMjAwNyBIZXdsZXR0LVBhY2thcmQgRGV2ZWxvcG1lbnQgQ29tcGFueSwgTFAKClJlZGlzdHJpYnV0aW9uIGFuZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dCBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUgZm9sbG93aW5nIGNvbmRpdGlvbnMgYXJlIG1ldDogCgpSZWRpc3RyaWJ1dGlvbnMgb2Ygc291cmNlIGNvZGUgbXVzdCByZXRhaW4gdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIuIApSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIgaW4gdGhlIGRvY3VtZW50YXRpb24gYW5kL29yIG90aGVyIG1hdGVyaWFscyBwcm92aWRlZCB3aXRoIHRoZSBkaXN0cmlidXRpb24uIApUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uIApUSElTIFNPRlRXQVJFIElTIFBST1ZJREVEIEJZIFRIRSBBVVRIT1IgYGBBUyBJUycnIEFORCBBTlkgRVhQUkVTUyBPUiBJTVBMSUVEIFdBUlJBTlRJRVMsIElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBUSEUgSU1QTElFRCBXQVJSQU5USUVTIE9GIE1FUkNIQU5UQUJJTElUWSBBTkQgRklUTkVTUyBGT1IgQSBQQVJUSUNVTEFSIFBVUlBPU0UgQVJFIERJU0NMQUlNRUQuIElOIE5PIEVWRU5UIFNIQUxMIFRIRSBBVVRIT1IgQkUgTElBQkxFIEZPUiBBTlkgRElSRUNULCBJTkRJUkVDVCwgSU5DSURFTlRBTCwgU1BFQ0lBTCwgRVhFTVBMQVJZLCBPUiBDT05TRVFVRU5USUFMIERBTUFHRVMgKElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBQUk9DVVJFTUVOVCBPRiBTVUJTVElUVVRFIEdPT0RTIE9SIFNFUlZJQ0VTOyBMT1NTIE9GIFVTRSwgREFUQSwgT1IgUFJPRklUUzsgT1IgQlVTSU5FU1MgSU5URVJSVVBUSU9OKSBIT1dFVkVSIENBVVNFRCBBTkQgT04gQU5ZIFRIRU9SWSBPRiBMSUFCSUxJVFksIFdIRVRIRVIgSU4gQ09OVFJBQ1QsIFNUUklDVCBMSUFCSUxJVFksIE9SIFRPUlQgKElOQ0xVRElORyBORUdMSUdFTkNFIE9SIE9USEVSV0lTRSkgQVJJU0lORyBJTiBBTlkgV0FZIE9VVCBPRiBUSEUgVVNFIE9GIFRISVMgU09GVFdBUkUsIEVWRU4gSUYgQURWSVNFRCBPRiBUSEUgUE9TU0lCSUxJVFkgT0YgU1VDSCBEQU1BR0Uu" + } + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "LyoKICogKGMpIENvcHlyaWdodCAyMDAwLCAyMDAxLCAyMDAyLCAyMDAzLCAyMDA0LCAyMDA1LCAyMDA2LCAyMDA3LCAyMDA4LCAyMDA5IEhld2xldHQtUGFja2FyZCBEZXZlbG9wbWVudCBDb21wYW55LCBMUAogKiBBbGwgcmlnaHRzIHJlc2VydmVkLgogKgogKiBSZWRpc3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICogbW9kaWZpY2F0aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZyBjb25kaXRpb25zCiAqIGFyZSBtZXQ6CiAqIDEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29kZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0CiAqICAgIG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlvbnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KICogMi4gUmVkaXN0cmlidXRpb25zIGluIGJpbmFyeSBmb3JtIG11c3QgcmVwcm9kdWNlIHRoZSBhYm92ZSBjb3B5cmlnaHQKICogICAgbm90aWNlLCB0aGlzIGxpc3Qgb2YgY29uZGl0aW9ucyBhbmQgdGhlIGZvbGxvd2luZyBkaXNjbGFpbWVyIGluIHRoZQogKiAgICBkb2N1bWVudGF0aW9uIGFuZC9vciBvdGhlciBtYXRlcmlhbHMgcHJvdmlkZWQgd2l0aCB0aGUgZGlzdHJpYnV0aW9uLgogKiAzLiBUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMKICogICAgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uCiAqCiAqIFRISVMgU09GVFdBUkUgSVMgUFJPVklERUQgQlkgVEhFIEFVVEhPUiBgYEFTIElTJycgQU5EIEFOWSBFWFBSRVNTIE9SCiAqIElNUExJRUQgV0FSUkFOVElFUywgSU5DTFVESU5HLCBCVVQgTk9UIExJTUlURUQgVE8sIFRIRSBJTVBMSUVEIFdBUlJBTlRJRVMKICogT0YgTUVSQ0hBTlRBQklMSVRZIEFORCBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRSBBUkUgRElTQ0xBSU1FRC4KICogSU4gTk8gRVZFTlQgU0hBTEwgVEhFIEFVVEhPUiBCRSBMSUFCTEUgRk9SIEFOWSBESVJFQ1QsIElORElSRUNULAogKiBJTkNJREVOVEFMLCBTUEVDSUFMLCBFWEVNUExBUlksIE9SIENPTlNFUVVFTlRJQUwgREFNQUdFUyAoSU5DTFVESU5HLCBCVVQKICogTk9UIExJTUlURUQgVE8sIFBST0NVUkVNRU5UIE9GIFNVQlNUSVRVVEUgR09PRFMgT1IgU0VSVklDRVM7IExPU1MgT0YgVVNFLAogKiBEQVRBLCBPUiBQUk9GSVRTOyBPUiBCVVNJTkVTUyBJTlRFUlJVUFRJT04pIEhPV0VWRVIgQ0FVU0VEIEFORCBPTiBBTlkKICogVEhFT1JZIE9GIExJQUJJTElUWSwgV0hFVEhFUiBJTiBDT05UUkFDVCwgU1RSSUNUIExJQUJJTElUWSwgT1IgVE9SVAogKiAoSU5DTFVESU5HIE5FR0xJR0VOQ0UgT1IgT1RIRVJXSVNFKSBBUklTSU5HIElOIEFOWSBXQVkgT1VUIE9GIFRIRSBVU0UgT0YKICogVEhJUyBTT0ZUV0FSRSwgRVZFTiBJRiBBRFZJU0VEIE9GIFRIRSBQT1NTSUJJTElUWSBPRiBTVUNIIERBTUFHRS4KKi8=" + } + } + } + ], + "copyright": [ + { + "text": "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." + } + ] + } + }, + { + "type": "library", + "name": "Apache Commons Lang", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://commons.apache.org/proper/commons-lang/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-1" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://commons.apache.org/proper/commons-lang/" + } + ] + }, + { + "type": "library", + "name": "Jena", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://www.openjena.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-0" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://www.openjena.org/" + } + ] + }, + { + "type": "library", + "name": "Saxon", + "version": "8.8", + "description": "The Saxon package is a collection of tools for processing XML documents.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + } + ], + "licenses": [ + { + "expression": "MPL-1.0" + } + ], + "copyright": "Copyright Saxonica Ltd", + "externalReferences": [ + { + "url": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + "type": "distribution" + }, + { + "url": "http://saxon.sourceforge.net/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Saxon" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-comments", + "value": "Other versions available for a commercial license" + }, + { + "name": "spdx:license-concluded", + "value": "MPL-1.0" + }, + { + "name": "spdx:package:file-name", + "value": "saxonB-8.8.zip" + }, + { + "name": "spdx:download-location", + "value": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download" + }, + { + "name": "spdx:homepage", + "value": "http://saxon.sourceforge.net/" + } + ] + }, + { + "type": "file", + "name": "./src/org/spdx/parser/DOAPProject.java", + "hashes": [ + { + "alg": "SHA-1", + "content": "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" + } + ], + "copyright": "Copyright 2010, 2011 Source Auditor Inc.", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DoapSource" + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Protecode Inc." + }, + { + "name": "spdx:file:contributor", + "value": "SPDX Technical Team Members" + }, + { + "name": "spdx:file:contributor", + "value": "Open Logic Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Source Auditor Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Black Duck Software In.c" + } + ] + }, + { + "type": "file", + "name": "./lib-source/commons-lang3-3.1-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "Copyright 2001-2011 The Apache Software Foundation", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-CommonsLangSrc" + }, + { + "name": "spdx:comment", + "value": "This file is used by Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:notice-text", + "value": "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" + } + ] + }, + { + "type": "file", + "name": "./lib-source/jena-2.6.3-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-JenaLib" + }, + { + "name": "spdx:comment", + "value": "This file belongs to Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-comments", + "value": "This license is used by Jena" + }, + { + "name": "spdx:license-concluded", + "value": "LicenseRef-1" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:contributor", + "value": "Hewlett Packard Inc." + } + ] + }, + { + "type": "file", + "name": "./package/foo.c", + "hashes": [ + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-1", + "content": "d6a770ba38583ed4bb4525bd96e50461655d2758" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-File" + }, + { + "name": "spdx:comment", + "value": "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory." + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: File Commenter\",\"Comment\":\"File level annotation\"}" + }, + { + "name": "spdx:license-comments", + "value": "The concluded license was taken from the package level that the file was included in." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-2)" + }, + { + "name": "spdx:file:contributor", + "value": "The Regents of the University of California" + }, + { + "name": "spdx:file:contributor", + "value": "Modified by Paul Mundt lethal@linux-sh.org" + }, + { + "name": "spdx:file:contributor", + "value": "IBM Corporation" + }, + { + "name": "spdx:file:notice-text", + "value": "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf.json new file mode 100644 index 000000000..f81b3e643 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-converted-spdx-hdf.json @@ -0,0 +1,577 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report", + "title": "CycloneDX BOM Report", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "6ee2405d5989a8a247a146594423542db865fb915d4896a411a783460935e3d6" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "supplier": { + "name": "Jane Doe", + "contact": [ + { + "email": "jane.doe@example.com" + } + ] + }, + "author": "ExampleCodeInspect", + "name": "glibc", + "version": "2.11.1", + "description": "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + }, + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-256", + "content": "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" + } + ], + "licenses": [ + { + "expression": "(LGPL-2.0-only AND LicenseRef-3)" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "externalReferences": [ + { + "url": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", + "type": "distribution" + }, + { + "url": "http://ftp.gnu.org/gnu/glibc", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Package" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Package Commenter\",\"Comment\":\"Package level annotation\"}" + }, + { + "name": "spdx:files-analyzed", + "value": "true" + }, + { + "name": "spdx:license-comments", + "value": "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-3)" + }, + { + "name": "spdx:package:file-name", + "value": "glibc-2.11.1.tar.gz" + }, + { + "name": "spdx:package:verification-code:value", + "value": "d6a770ba38583ed4bb4525bd96e50461655d2758" + }, + { + "name": "spdx:package:verification-code:excluded-file", + "value": "./package.spdx" + }, + { + "name": "spdx:package:source-info", + "value": "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git." + }, + { + "name": "spdx:package:summary", + "value": "GNU C library." + }, + { + "name": "spdx:package:originator:organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:package:originator:email", + "value": "contact@example.com" + }, + { + "name": "spdx:external-reference:other:http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", + "value": "acmecorp/acmenator/4.1.3-alpha This is the external ref for Acme" + }, + { + "name": "spdx:download-location", + "value": "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz" + }, + { + "name": "spdx:homepage", + "value": "http://ftp.gnu.org/gnu/glibc" + } + ], + "evidence": { + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "VGhpcyBwYWNrYWdlIGluY2x1ZGVzIHRoZSBHUkRETCBwYXJzZXIgZGV2ZWxvcGVkIGJ5IEhld2xldHQgUGFja2FyZCB1bmRlciB0aGUgZm9sbG93aW5nIGxpY2Vuc2U6Cu+/vSBDb3B5cmlnaHQgMjAwNyBIZXdsZXR0LVBhY2thcmQgRGV2ZWxvcG1lbnQgQ29tcGFueSwgTFAKClJlZGlzdHJpYnV0aW9uIGFuZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dCBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUgZm9sbG93aW5nIGNvbmRpdGlvbnMgYXJlIG1ldDogCgpSZWRpc3RyaWJ1dGlvbnMgb2Ygc291cmNlIGNvZGUgbXVzdCByZXRhaW4gdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIuIApSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIgaW4gdGhlIGRvY3VtZW50YXRpb24gYW5kL29yIG90aGVyIG1hdGVyaWFscyBwcm92aWRlZCB3aXRoIHRoZSBkaXN0cmlidXRpb24uIApUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uIApUSElTIFNPRlRXQVJFIElTIFBST1ZJREVEIEJZIFRIRSBBVVRIT1IgYGBBUyBJUycnIEFORCBBTlkgRVhQUkVTUyBPUiBJTVBMSUVEIFdBUlJBTlRJRVMsIElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBUSEUgSU1QTElFRCBXQVJSQU5USUVTIE9GIE1FUkNIQU5UQUJJTElUWSBBTkQgRklUTkVTUyBGT1IgQSBQQVJUSUNVTEFSIFBVUlBPU0UgQVJFIERJU0NMQUlNRUQuIElOIE5PIEVWRU5UIFNIQUxMIFRIRSBBVVRIT1IgQkUgTElBQkxFIEZPUiBBTlkgRElSRUNULCBJTkRJUkVDVCwgSU5DSURFTlRBTCwgU1BFQ0lBTCwgRVhFTVBMQVJZLCBPUiBDT05TRVFVRU5USUFMIERBTUFHRVMgKElOQ0xVRElORywgQlVUIE5PVCBMSU1JVEVEIFRPLCBQUk9DVVJFTUVOVCBPRiBTVUJTVElUVVRFIEdPT0RTIE9SIFNFUlZJQ0VTOyBMT1NTIE9GIFVTRSwgREFUQSwgT1IgUFJPRklUUzsgT1IgQlVTSU5FU1MgSU5URVJSVVBUSU9OKSBIT1dFVkVSIENBVVNFRCBBTkQgT04gQU5ZIFRIRU9SWSBPRiBMSUFCSUxJVFksIFdIRVRIRVIgSU4gQ09OVFJBQ1QsIFNUUklDVCBMSUFCSUxJVFksIE9SIFRPUlQgKElOQ0xVRElORyBORUdMSUdFTkNFIE9SIE9USEVSV0lTRSkgQVJJU0lORyBJTiBBTlkgV0FZIE9VVCBPRiBUSEUgVVNFIE9GIFRISVMgU09GVFdBUkUsIEVWRU4gSUYgQURWSVNFRCBPRiBUSEUgUE9TU0lCSUxJVFkgT0YgU1VDSCBEQU1BR0Uu" + } + } + }, + { + "license": { + "text": { + "contentType": "text/plain", + "encoding": "base64", + "content": "LyoKICogKGMpIENvcHlyaWdodCAyMDAwLCAyMDAxLCAyMDAyLCAyMDAzLCAyMDA0LCAyMDA1LCAyMDA2LCAyMDA3LCAyMDA4LCAyMDA5IEhld2xldHQtUGFja2FyZCBEZXZlbG9wbWVudCBDb21wYW55LCBMUAogKiBBbGwgcmlnaHRzIHJlc2VydmVkLgogKgogKiBSZWRpc3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQKICogbW9kaWZpY2F0aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZyBjb25kaXRpb25zCiAqIGFyZSBtZXQ6CiAqIDEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29kZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0CiAqICAgIG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlvbnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KICogMi4gUmVkaXN0cmlidXRpb25zIGluIGJpbmFyeSBmb3JtIG11c3QgcmVwcm9kdWNlIHRoZSBhYm92ZSBjb3B5cmlnaHQKICogICAgbm90aWNlLCB0aGlzIGxpc3Qgb2YgY29uZGl0aW9ucyBhbmQgdGhlIGZvbGxvd2luZyBkaXNjbGFpbWVyIGluIHRoZQogKiAgICBkb2N1bWVudGF0aW9uIGFuZC9vciBvdGhlciBtYXRlcmlhbHMgcHJvdmlkZWQgd2l0aCB0aGUgZGlzdHJpYnV0aW9uLgogKiAzLiBUaGUgbmFtZSBvZiB0aGUgYXV0aG9yIG1heSBub3QgYmUgdXNlZCB0byBlbmRvcnNlIG9yIHByb21vdGUgcHJvZHVjdHMKICogICAgZGVyaXZlZCBmcm9tIHRoaXMgc29mdHdhcmUgd2l0aG91dCBzcGVjaWZpYyBwcmlvciB3cml0dGVuIHBlcm1pc3Npb24uCiAqCiAqIFRISVMgU09GVFdBUkUgSVMgUFJPVklERUQgQlkgVEhFIEFVVEhPUiBgYEFTIElTJycgQU5EIEFOWSBFWFBSRVNTIE9SCiAqIElNUExJRUQgV0FSUkFOVElFUywgSU5DTFVESU5HLCBCVVQgTk9UIExJTUlURUQgVE8sIFRIRSBJTVBMSUVEIFdBUlJBTlRJRVMKICogT0YgTUVSQ0hBTlRBQklMSVRZIEFORCBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRSBBUkUgRElTQ0xBSU1FRC4KICogSU4gTk8gRVZFTlQgU0hBTEwgVEhFIEFVVEhPUiBCRSBMSUFCTEUgRk9SIEFOWSBESVJFQ1QsIElORElSRUNULAogKiBJTkNJREVOVEFMLCBTUEVDSUFMLCBFWEVNUExBUlksIE9SIENPTlNFUVVFTlRJQUwgREFNQUdFUyAoSU5DTFVESU5HLCBCVVQKICogTk9UIExJTUlURUQgVE8sIFBST0NVUkVNRU5UIE9GIFNVQlNUSVRVVEUgR09PRFMgT1IgU0VSVklDRVM7IExPU1MgT0YgVVNFLAogKiBEQVRBLCBPUiBQUk9GSVRTOyBPUiBCVVNJTkVTUyBJTlRFUlJVUFRJT04pIEhPV0VWRVIgQ0FVU0VEIEFORCBPTiBBTlkKICogVEhFT1JZIE9GIExJQUJJTElUWSwgV0hFVEhFUiBJTiBDT05UUkFDVCwgU1RSSUNUIExJQUJJTElUWSwgT1IgVE9SVAogKiAoSU5DTFVESU5HIE5FR0xJR0VOQ0UgT1IgT1RIRVJXSVNFKSBBUklTSU5HIElOIEFOWSBXQVkgT1VUIE9GIFRIRSBVU0UgT0YKICogVEhJUyBTT0ZUV0FSRSwgRVZFTiBJRiBBRFZJU0VEIE9GIFRIRSBQT1NTSUJJTElUWSBPRiBTVUNIIERBTUFHRS4KKi8=" + } + } + } + ], + "copyright": [ + { + "text": "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." + } + ] + } + }, + { + "type": "library", + "name": "Apache Commons Lang", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://commons.apache.org/proper/commons-lang/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-1" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://commons.apache.org/proper/commons-lang/" + } + ] + }, + { + "type": "library", + "name": "Jena", + "copyright": "NOASSERTION", + "externalReferences": [ + { + "url": "NOASSERTION", + "type": "distribution" + }, + { + "url": "http://www.openjena.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-fromDoap-0" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-concluded", + "value": "NOASSERTION" + }, + { + "name": "spdx:comment", + "value": "This package was converted from a DOAP Project by the same name" + }, + { + "name": "spdx:license-declared", + "value": "NOASSERTION" + }, + { + "name": "spdx:download-location", + "value": "NOASSERTION" + }, + { + "name": "spdx:homepage", + "value": "http://www.openjena.org/" + } + ] + }, + { + "type": "library", + "name": "Saxon", + "version": "8.8", + "description": "The Saxon package is a collection of tools for processing XML documents.", + "hashes": [ + { + "alg": "SHA-1", + "content": "85ed0817af83a24ad8da68c2b5094de69833983c" + } + ], + "licenses": [ + { + "expression": "MPL-1.0" + } + ], + "copyright": "Copyright Saxonica Ltd", + "externalReferences": [ + { + "url": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", + "type": "distribution" + }, + { + "url": "http://saxon.sourceforge.net/", + "type": "website" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-Saxon" + }, + { + "name": "spdx:files-analyzed", + "value": "false" + }, + { + "name": "spdx:license-comments", + "value": "Other versions available for a commercial license" + }, + { + "name": "spdx:license-concluded", + "value": "MPL-1.0" + }, + { + "name": "spdx:package:file-name", + "value": "saxonB-8.8.zip" + }, + { + "name": "spdx:download-location", + "value": "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download" + }, + { + "name": "spdx:homepage", + "value": "http://saxon.sourceforge.net/" + } + ] + }, + { + "type": "file", + "name": "./src/org/spdx/parser/DOAPProject.java", + "hashes": [ + { + "alg": "SHA-1", + "content": "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" + } + ], + "copyright": "Copyright 2010, 2011 Source Auditor Inc.", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DoapSource" + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Protecode Inc." + }, + { + "name": "spdx:file:contributor", + "value": "SPDX Technical Team Members" + }, + { + "name": "spdx:file:contributor", + "value": "Open Logic Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Source Auditor Inc." + }, + { + "name": "spdx:file:contributor", + "value": "Black Duck Software In.c" + } + ] + }, + { + "type": "file", + "name": "./lib-source/commons-lang3-3.1-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "Copyright 2001-2011 The Apache Software Foundation", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-CommonsLangSrc" + }, + { + "name": "spdx:comment", + "value": "This file is used by Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-concluded", + "value": "Apache-2.0" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:notice-text", + "value": "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" + } + ] + }, + { + "type": "file", + "name": "./lib-source/jena-2.6.3-sources.jar", + "hashes": [ + { + "alg": "SHA-1", + "content": "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" + } + ], + "copyright": "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-JenaLib" + }, + { + "name": "spdx:comment", + "value": "This file belongs to Jena" + }, + { + "name": "spdx:file:type", + "value": "4" + }, + { + "name": "spdx:license-comments", + "value": "This license is used by Jena" + }, + { + "name": "spdx:license-concluded", + "value": "LicenseRef-1" + }, + { + "name": "spdx:file:contributor", + "value": "Apache Software Foundation" + }, + { + "name": "spdx:file:contributor", + "value": "Hewlett Packard Inc." + } + ] + }, + { + "type": "file", + "name": "./package/foo.c", + "hashes": [ + { + "alg": "MD5", + "content": "624c1abb3664f4b35547e7c73864ad24" + }, + { + "alg": "SHA-1", + "content": "d6a770ba38583ed4bb4525bd96e50461655d2758" + } + ], + "copyright": "Copyright 2008-2010 John Smith", + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-File" + }, + { + "name": "spdx:comment", + "value": "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory." + }, + { + "name": "spdx:file:type", + "value": "7" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: File Commenter\",\"Comment\":\"File level annotation\"}" + }, + { + "name": "spdx:license-comments", + "value": "The concluded license was taken from the package level that the file was included in." + }, + { + "name": "spdx:license-concluded", + "value": "(LGPL-2.0-only OR LicenseRef-2)" + }, + { + "name": "spdx:file:contributor", + "value": "The Regents of the University of California" + }, + { + "name": "spdx:file:contributor", + "value": "Modified by Paul Mundt lethal@linux-sh.org" + }, + { + "name": "spdx:file:contributor", + "value": "IBM Corporation" + }, + { + "name": "spdx:file:notice-text", + "value": "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." + } + ] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "metadata": { + "timestamp": "2010-01-29T18:30:22Z", + "tools": [ + { + "name": "LicenseFind", + "version": "1.0" + } + ], + "authors": [ + { + "name": "ExampleCodeInspect", + "email": "" + }, + { + "name": "Jane Doe", + "email": "" + } + ], + "properties": [ + { + "name": "spdx:spdxid", + "value": "SPDXRef-DOCUMENT" + }, + { + "name": "spdx:document:spdx-version", + "value": "SPDX-2.2" + }, + { + "name": "spdx:comment", + "value": "This document was created using SPDX 2.0 using licenses from the web site." + }, + { + "name": "spdx:document:name", + "value": "SPDX-Tools-v2.0" + }, + { + "name": "spdx:document:document-namespace", + "value": "http://spdx.org/spdxdocs/spdx-example-json-2.2-444504E0-4F89-41D3-9A0C-0305E82C3301" + }, + { + "name": "spdx:creation-info:comment", + "value": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries." + }, + { + "name": "spdx:creation-info:creators-organization", + "value": "ExampleCodeInspect" + }, + { + "name": "spdx:creation-info:license-list-version", + "value": "3.9" + }, + { + "name": "spdx:document:external-document-ref", + "value": "{\"ExternalDocumentId\":\"DocumentRef-spdx-tool-1.2\",\"Checksum\":{\"Algorithm\":1,\"ChecksumValue\":\"d6a770ba38583ed4bb4525bd96e50461655d2759\"},\"SpdxDocument\":\"http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-01-29T18:30:22Z\",\"AnnotationType\":0,\"Annotator\":\"Person: Jane Doe ()\",\"Comment\":\"Document level annotation\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2011-03-13T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Suzanne Reviewer\",\"Comment\":\"Another example reviewer.\"}" + }, + { + "name": "spdx:annotation", + "value": "{\"AnnotationDate\":\"2010-02-10T00:00:00Z\",\"AnnotationType\":1,\"Annotator\":\"Person: Joe Reviewer\",\"Comment\":\"This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses\"}" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-File" + }, + { + "name": "spdx:document:describes", + "value": "SPDXRef-Package" + } + ] + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf-withraw.json new file mode 100644 index 000000000..9360c659d --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf-withraw.json @@ -0,0 +1,20115 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "3a0997c870f6ad34bd899d221d0df922c9377fd6d3c0c98f268432b4760b4671" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:21541b57-cd8f-482c-a80f-9c79c75ca7cf", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:25Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ], + "raw": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:21541b57-cd8f-482c-a80f-9c79c75ca7cf", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:25Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf.json new file mode 100644 index 000000000..8e6b8f1e1 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-no-vulns-hdf.json @@ -0,0 +1,10072 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "3a0997c870f6ad34bd899d221d0df922c9377fd6d3c0c98f268432b4760b4671" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:21541b57-cd8f-482c-a80f-9c79c75ca7cf", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:25Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf-withraw.json new file mode 100644 index 000000000..bf4afef29 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf-withraw.json @@ -0,0 +1,6385 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-173", + "CWE-200", + "CWE-378", + "CWE-732" + ], + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "ratings": "GITHUB - low", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "id": "GHSA-5mg8-w23w-74h3", + "desc": "Description: A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"b7a12947-7a8d-4031-b59d-640d33dbad6a\",\n \"id\": \"GHSA-5mg8-w23w-74h3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 173,\n 200,\n 378,\n 732\n ],\n \"description\": \"A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.\",\n \"published\": \"2021-03-25T17:04:19Z\",\n \"updated\": \"2023-11-09T18:44:38Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-379", + "CWE-552" + ], + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "ratings": "GITHUB - medium", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "id": "GHSA-7g45-4rm6-3mm3", + "desc": "Description: Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bb03c210-ea12-450d-85df-17d81a75ede2\",\n \"id\": \"GHSA-7g45-4rm6-3mm3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 379,\n 552\n ],\n \"description\": \"Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.\",\n \"published\": \"2023-06-14T18:30:38Z\",\n \"updated\": \"2024-02-13T21:49:15Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "ratings": "GITHUB - critical", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "id": "GHSA-5p34-5m6p-p58g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "impact": 1, + "code": "{\n \"bom-ref\": \"d097e083-0b0a-4e3c-9f29-fc936f27ec6f\",\n \"id\": \"GHSA-5p34-5m6p-p58g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).\",\n \"published\": \"2020-04-23T21:08:40Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "id": "GHSA-27xj-rqx5-2255", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f57dc81d-6b2d-4060-8c15-7613c1a37981\",\n \"id\": \"GHSA-27xj-rqx5-2255\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).\",\n \"published\": \"2020-05-15T18:58:44Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "ratings": "GITHUB - high", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "id": "GHSA-58pp-9c76-5625", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"600ecfb9-66c7-4fc2-88e8-2bf9efe40628\",\n \"id\": \"GHSA-58pp-9c76-5625\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).\",\n \"published\": \"2020-06-10T21:12:41Z\",\n \"updated\": \"2023-02-01T05:03:03Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "id": "GHSA-v3xw-c963-f5hc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"36dba0ba-dc6c-4f8a-822c-e51ca444d1bf\",\n \"id\": \"GHSA-v3xw-c963-f5hc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).\",\n \"published\": \"2020-05-15T18:58:50Z\",\n \"updated\": \"2023-02-01T05:03:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "ratings": "GITHUB - high", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "id": "GHSA-h4rc-386g-6m85", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"e5cba611-d1ce-48a5-8fc2-ac68ba133947\",\n \"id\": \"GHSA-h4rc-386g-6m85\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\",\n \"published\": \"2020-04-23T20:19:02Z\",\n \"updated\": \"2024-03-15T00:41:35Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "id": "GHSA-9vvp-fxw6-jcxr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9e292de9-f4f7-4d45-9ecb-846c4b972f6f\",\n \"id\": \"GHSA-9vvp-fxw6-jcxr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\",\n \"published\": \"2020-05-15T18:58:47Z\",\n \"updated\": \"2024-03-15T00:48:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "id": "GHSA-rf6r-2c4q-2vwg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"343cd240-f667-4770-aecf-ddc11f9d0172\",\n \"id\": \"GHSA-rf6r-2c4q-2vwg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\",\n \"published\": \"2020-05-15T18:58:54Z\",\n \"updated\": \"2024-03-15T00:50:18Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "ratings": "GITHUB - high", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "id": "GHSA-758m-v56v-grj4", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0f7e16f6-f01e-4cc0-a835-08f3ba72625f\",\n \"id\": \"GHSA-758m-v56v-grj4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.\",\n \"published\": \"2020-04-23T21:36:03Z\",\n \"updated\": \"2024-06-25T13:46:45Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "ratings": "GITHUB - high", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "id": "GHSA-95cm-88f5-f2c7", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c2e5f22d-f91f-4689-bdb1-782974d6fa7a\",\n \"id\": \"GHSA-95cm-88f5-f2c7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\",\n \"published\": \"2020-04-23T16:32:59Z\",\n \"updated\": \"2024-07-03T21:10:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "id": "GHSA-c2q3-4qrh-fm48", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"49fa1888-bfa1-480a-8564-3b62b8bf5c3c\",\n \"id\": \"GHSA-c2q3-4qrh-fm48\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\",\n \"published\": \"2020-06-18T14:44:50Z\",\n \"updated\": \"2023-02-01T05:04:14Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "id": "GHSA-mc6h-4qgp-37qh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"97981cb2-9228-4b8b-a172-ad12f550a19f\",\n \"id\": \"GHSA-mc6h-4qgp-37qh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\",\n \"published\": \"2020-06-18T14:44:43Z\",\n \"updated\": \"2024-03-15T00:37:17Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "id": "GHSA-j823-4qch-3rgm", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"941d2fac-724b-4a2c-a8ba-c5a434fa3bf7\",\n \"id\": \"GHSA-j823-4qch-3rgm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).\",\n \"published\": \"2020-06-18T14:44:46Z\",\n \"updated\": \"2024-03-15T00:39:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "id": "GHSA-c265-37vj-cwcc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7e3a7481-266e-4cb7-af3b-94dcaf462942\",\n \"id\": \"GHSA-c265-37vj-cwcc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).\",\n \"published\": \"2020-06-18T14:44:48Z\",\n \"updated\": \"2024-06-25T13:46:04Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "id": "GHSA-4w82-r329-3q67", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "impact": 1, + "code": "{\n \"bom-ref\": \"db7cfe67-0b1d-4504-af8b-da26e12af73a\",\n \"id\": \"GHSA-4w82-r329-3q67\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.\",\n \"published\": \"2020-03-04T20:52:14Z\",\n \"updated\": \"2023-06-08T19:02:12Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "ratings": "GITHUB - high", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "id": "GHSA-rpr3-cw39-3pxh", + "desc": "Description: The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7c0af63e-ef57-43aa-9c91-d79c7e37ab20\",\n \"id\": \"GHSA-rpr3-cw39-3pxh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.\",\n \"published\": \"2022-07-15T19:41:47Z\",\n \"updated\": \"2023-08-18T15:45:27Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "id": "GHSA-fmmc-742q-jg75", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c037af59-a132-4727-8cc3-c6095c490df7\",\n \"id\": \"GHSA-fmmc-742q-jg75\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.\",\n \"published\": \"2019-11-13T00:32:27Z\",\n \"updated\": \"2023-09-14T14:55:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "id": "GHSA-gjmw-vf9h-g25v", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "impact": 1, + "code": "{\n \"bom-ref\": \"0b8d112a-b683-414d-93b6-48fa2cabb7c9\",\n \"id\": \"GHSA-gjmw-vf9h-g25v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.\",\n \"published\": \"2019-11-13T00:32:38Z\",\n \"updated\": \"2023-09-14T14:55:25Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "ratings": "GITHUB - critical", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "id": "GHSA-mx7p-6679-8g3q", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"e8b21aeb-ce1d-4df2-8102-577b813e712f\",\n \"id\": \"GHSA-mx7p-6679-8g3q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.\",\n \"published\": \"2019-10-28T20:51:15Z\",\n \"updated\": \"2024-03-15T00:57:37Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "id": "GHSA-q93h-jc49-78gg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "impact": 1, + "code": "{\n \"bom-ref\": \"e141c668-bc18-4738-b3b6-e7ba1057d124\",\n \"id\": \"GHSA-q93h-jc49-78gg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).\",\n \"published\": \"2020-05-15T18:59:10Z\",\n \"updated\": \"2023-09-14T15:09:40Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "id": "GHSA-p43x-xfjf-5jhr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "impact": 1, + "code": "{\n \"bom-ref\": \"7aec5714-d04e-4e86-8f4c-51f5cf2568d9\",\n \"id\": \"GHSA-p43x-xfjf-5jhr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\",\n \"published\": \"2020-05-15T18:59:01Z\",\n \"updated\": \"2024-03-15T00:20:09Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-94", + "CWE-502" + ], + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "id": "GHSA-h3cw-g4mq-c5x2", + "desc": "Description: This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6af6635c-bedd-40e5-88b8-324d3a80a33e\",\n \"id\": \"GHSA-h3cw-g4mq-c5x2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 94,\n 502\n ],\n \"description\": \"This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).\",\n \"published\": \"2021-12-09T19:14:51Z\",\n \"updated\": \"2023-09-14T15:44:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "id": "GHSA-qjw2-hr98-qgfh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"3ad04380-a25c-41d8-8fad-259c2561795b\",\n \"id\": \"GHSA-qjw2-hr98-qgfh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.\",\n \"published\": \"2021-12-09T19:15:36Z\",\n \"updated\": \"2023-09-14T15:47:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "id": "GHSA-8w26-6f25-cm9x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"86f78c35-adfb-48e4-9428-88084373e1c0\",\n \"id\": \"GHSA-8w26-6f25-cm9x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.\",\n \"published\": \"2021-12-09T19:16:02Z\",\n \"updated\": \"2023-09-14T15:52:49Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-m6x4-97wx-4q27", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d73d38a-3ff6-4fac-8c03-b09b64e9e537\",\n \"id\": \"GHSA-m6x4-97wx-4q27\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:26Z\",\n \"updated\": \"2023-09-14T15:53:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "ratings": "GITHUB - high", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "id": "GHSA-v585-23hc-c647", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00033bff-66dc-4a36-ab38-a10b0625409f\",\n \"id\": \"GHSA-v585-23hc-c647\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.\",\n \"published\": \"2021-11-19T20:13:06Z\",\n \"updated\": \"2023-09-14T15:59:33Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "id": "GHSA-r695-7vr9-jgc2", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"14e2856b-f78d-4a6d-99eb-470c8566df29\",\n \"id\": \"GHSA-r695-7vr9-jgc2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:51Z\",\n \"updated\": \"2023-09-14T16:01:31Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "id": "GHSA-vfqx-33qm-g869", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c224f923-be9a-4faa-a930-ef4db611bc2b\",\n \"id\": \"GHSA-vfqx-33qm-g869\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.\",\n \"published\": \"2021-12-09T19:16:59Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "id": "GHSA-f9xh-2qgp-cq57", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5201940b-1f04-4668-ae86-8261448d817d\",\n \"id\": \"GHSA-f9xh-2qgp-cq57\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.\",\n \"published\": \"2021-12-09T19:16:42Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-cvm9-fjm9-3572", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd\",\n \"id\": \"GHSA-cvm9-fjm9-3572\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:16:10Z\",\n \"updated\": \"2023-09-14T16:07:00Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-9gph-22xh-8x98", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4fcb77a9-67b3-4b3f-bc01-684b8ba72294\",\n \"id\": \"GHSA-9gph-22xh-8x98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:15:54Z\",\n \"updated\": \"2023-09-14T16:07:40Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-89qr-369f-5m5x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"950cff67-088e-4f41-9818-25943c9e17c0\",\n \"id\": \"GHSA-89qr-369f-5m5x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:15:46Z\",\n \"updated\": \"2023-09-14T16:08:37Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-8c4j-34r4-xr8g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"53eda8c2-268a-4866-89ac-234bfe7f74ce\",\n \"id\": \"GHSA-8c4j-34r4-xr8g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:16:18Z\",\n \"updated\": \"2023-09-14T16:13:01Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "id": "GHSA-9m6f-7xcq-8vf8", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9edaa51d-929b-457e-aab5-0fffecdb4938\",\n \"id\": \"GHSA-9m6f-7xcq-8vf8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.\",\n \"published\": \"2021-12-09T19:16:34Z\",\n \"updated\": \"2023-09-14T16:15:44Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "id": "GHSA-5r5r-6hpj-8gg9", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d5189b4-d549-419a-b886-43a62cc43d40\",\n \"id\": \"GHSA-5r5r-6hpj-8gg9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).\",\n \"published\": \"2021-12-09T19:15:24Z\",\n \"updated\": \"2023-11-21T11:40:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-wh8g-3j2c-rqj5", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"135c6dab-529e-4855-ab72-a0138e2110c8\",\n \"id\": \"GHSA-wh8g-3j2c-rqj5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:00Z\",\n \"updated\": \"2024-03-15T00:28:08Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502", + "CWE-913" + ], + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "id": "GHSA-r3gr-cxrf-hg25", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"57f41366-73de-4a9c-ba15-4d09c9f60e33\",\n \"id\": \"GHSA-r3gr-cxrf-hg25\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502,\n 913\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:11Z\",\n \"updated\": \"2024-06-25T13:47:23Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "id": "GHSA-jjjh-jjxp-wpff", + "desc": "Description: In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"ccd0ef88-c0fe-4a10-a648-c779ce82b888\",\n \"id\": \"GHSA-jjjh-jjxp-wpff\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-15T00:14:44Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "ratings": "GITHUB - high", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "id": "GHSA-5949-rw7g-wx7w", + "desc": "Description: A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"726a055c-f364-4cb7-a75a-d3c541dad0fa\",\n \"id\": \"GHSA-5949-rw7g-wx7w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\",\n \"published\": \"2021-01-20T21:20:15Z\",\n \"updated\": \"2024-03-15T00:16:04Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-787" + ], + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "ratings": "GITHUB - high", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "id": "GHSA-57j2-w4cx-62h2", + "desc": "Description: jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"75d8b4d7-7c79-4627-b229-8d5e38fc5d8b\",\n \"id\": \"GHSA-57j2-w4cx-62h2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 787\n ],\n \"description\": \"jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.\",\n \"published\": \"2022-03-12T00:00:36Z\",\n \"updated\": \"2024-03-15T00:24:56Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "ratings": "GITHUB - high", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "id": "GHSA-288c-cq4h-88gq", + "desc": "Description: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"cc0ff323-0529-4064-8a2d-1f7a8e2a1332\",\n \"id\": \"GHSA-288c-cq4h-88gq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.\",\n \"published\": \"2021-02-18T20:51:54Z\",\n \"updated\": \"2024-03-15T00:31:24Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "id": "GHSA-gww7-p5w4-wrfv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7c4227e3-a0a9-4361-8eab-6ab5fa9550b2\",\n \"id\": \"GHSA-gww7-p5w4-wrfv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.\",\n \"published\": \"2020-03-04T20:52:11Z\",\n \"updated\": \"2024-03-15T00:52:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "id": "GHSA-rgv9-q543-rqg4", + "desc": "Description: In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"87742746-bd8b-423d-979d-d9aa81a8ccfd\",\n \"id\": \"GHSA-rgv9-q543-rqg4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-24T05:01:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "id": "GHSA-fqwf-pjwf-7vqv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5c0b94e1-0577-42c9-8028-f244d68f61da\",\n \"id\": \"GHSA-fqwf-pjwf-7vqv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).\",\n \"published\": \"2020-05-15T18:59:04Z\",\n \"updated\": \"2024-07-03T21:10:31Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "ratings": "GITHUB - high", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-8jpx-m2wh-2v34", + "desc": "Description: ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f2fa9b19-418a-4901-9840-a8631227701e\",\n \"id\": \"GHSA-8jpx-m2wh-2v34\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-04-10T18:42:20Z\",\n \"updated\": \"2023-01-09T05:02:18Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "ratings": "GITHUB - high", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-3mcp-9wr4-cjqf", + "desc": "Description: Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00bc944f-fead-400b-8bbd-0c5b56ba2b14\",\n \"id\": \"GHSA-3mcp-9wr4-cjqf\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-02-24T17:27:27Z\",\n \"updated\": \"2024-06-05T16:42:03Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-776" + ], + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "ratings": "GITHUB - high", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "id": "GHSA-rvwf-54qp-4r6v", + "desc": "Description: The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"210a5c45-88ac-4c1f-a5f4-f93c7af6f59e\",\n \"id\": \"GHSA-rvwf-54qp-4r6v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 776\n ],\n \"description\": \"The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.\",\n \"published\": \"2021-06-04T21:37:45Z\",\n \"updated\": \"2023-05-22T20:17:58Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "id": "GHSA-9w3m-gqgf-c4p9", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"63a53dc7-5769-43dc-a053-50ccd5295d8b\",\n \"id\": \"GHSA-9w3m-gqgf-c4p9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "ratings": "GITHUB - medium", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "id": "GHSA-w37g-rhq8-7m4j", + "desc": "Description: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5ab41975-23cc-45e0-9a13-be603ea00595\",\n \"id\": \"GHSA-w37g-rhq8-7m4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.\",\n \"published\": \"2022-11-11T19:00:31Z\",\n \"updated\": \"2024-06-21T21:33:52Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-c4r9-r8fh-9vj2", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"dff65990-715e-4f71-aace-60d4436af108\",\n \"id\": \"GHSA-c4r9-r8fh-9vj2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-hhhw-99gj-p3c3", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d55a9a55-cf82-483f-9a7c-8bf5395ce510\",\n \"id\": \"GHSA-hhhw-99gj-p3c3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-98wm-3w3q-mw94", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"6c215a04-8ea0-421f-961b-d5cceb64fd13\",\n \"id\": \"GHSA-98wm-3w3q-mw94\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-776" + ], + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "ratings": "GITHUB - high", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "id": "GHSA-3mc7-4q67-w48m", + "desc": "Description: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"38c08d91-3487-44c4-b258-d5a274a4ad05\",\n \"id\": \"GHSA-3mc7-4q67-w48m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 776\n ],\n \"description\": \"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\",\n \"published\": \"2022-08-31T00:00:24Z\",\n \"updated\": \"2024-03-15T19:06:46Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20", + "CWE-502" + ], + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "ratings": "GITHUB - high", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "id": "GHSA-mjmj-j48q-9wg2", + "desc": "Description: ### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"da9ea5d3-a3c2-4d1b-8425-a799e47a804f\",\n \"id\": \"GHSA-mjmj-j48q-9wg2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20,\n 502\n ],\n \"description\": \"### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022\",\n \"published\": \"2022-12-12T21:19:47Z\",\n \"updated\": \"2024-06-24T21:22:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "ratings": "GITHUB - medium", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "id": "GHSA-668q-qrv7-99fm", + "desc": "Description: In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bdd3f85b-5284-4163-be5b-0dd84b9300ac\",\n \"id\": \"GHSA-668q-qrv7-99fm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.\",\n \"published\": \"2021-12-17T20:00:50Z\",\n \"updated\": \"2023-01-30T05:04:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "ratings": "GITHUB - high", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "id": "GHSA-vmq6-5m68-f53m", + "desc": "Description: A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0d58391c-d0fe-4b46-8f8d-6a49db7fb354\",\n \"id\": \"GHSA-vmq6-5m68-f53m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html\",\n \"published\": \"2023-11-29T12:30:16Z\",\n \"updated\": \"2023-12-05T21:31:13Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "ratings": "GITHUB - medium", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "id": "GHSA-m394-8rww-3jr7", + "desc": "Description: ### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"17d2faa1-cd26-4ac7-8c68-c4a44ec398a8\",\n \"id\": \"GHSA-m394-8rww-3jr7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater\",\n \"published\": \"2021-03-10T03:46:47Z\",\n \"updated\": \"2023-02-01T05:05:09Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "AC-12" + ], + "cci": [ + "CCI-002361" + ], + "cwe": [ + "CWE-613" + ], + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "ratings": "GITHUB - low", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "id": "GHSA-m6cp-vxjx-65j6", + "desc": "Description: ### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"f32ca540-f068-4392-bea0-c0d7b050b7d1\",\n \"id\": \"GHSA-m6cp-vxjx-65j6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 613\n ],\n \"description\": \"### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.\",\n \"published\": \"2021-06-23T20:23:04Z\",\n \"updated\": \"2023-02-01T05:05:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-551", + "CWE-755" + ], + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "ratings": "GITHUB - high", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "id": "GHSA-26vr-8j45-3r4w", + "desc": "Description: ### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d35c4e5-f5ee-4572-af28-1ca71cf48158\",\n \"id\": \"GHSA-26vr-8j45-3r4w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 551,\n 755\n ],\n \"description\": \"### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\\\"sslContextFactory\\\") SslContextFactory factory, @Name(\\\"next\\\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\\\"Encrypted buffer max length exceeded\\\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty\",\n \"published\": \"2021-04-06T17:31:30Z\",\n \"updated\": \"2023-09-26T11:11:47Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "ratings": "GITHUB - low", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "id": "GHSA-p26g-97m4-6q7c", + "desc": "Description: Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"d5c5815d-1742-46b6-953a-a4ed90fdd920\",\n \"id\": \"GHSA-p26g-97m4-6q7c\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\\\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\\\"b; JSESSIONID=1337; c=d\\\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265\",\n \"published\": \"2023-04-18T22:19:57Z\",\n \"updated\": \"2023-11-06T05:01:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-770" + ], + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ratings": "GITHUB - medium", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "id": "GHSA-qw69-rqj8-6qw8", + "desc": "Description: ### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f6ff72c7-6603-4627-899d-658f8f7c5f23\",\n \"id\": \"GHSA-qw69-rqj8-6qw8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 770\n ],\n \"description\": \"### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload\",\n \"published\": \"2023-04-19T18:15:45Z\",\n \"updated\": \"2023-11-06T05:02:06Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-4" + ], + "cci": [ + "CCI-001090" + ], + "cwe": [ + "CWE-226" + ], + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "ratings": "GITHUB - medium", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "id": "GHSA-86wm-rrjm-8wh8", + "desc": "Description: ### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"ebc03317-a0b4-4b53-9cd0-7ae4281c02e6\",\n \"id\": \"GHSA-86wm-rrjm-8wh8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 226\n ],\n \"description\": \"### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.\",\n \"published\": \"2020-12-02T18:28:18Z\",\n \"updated\": \"2024-02-21T17:23:14Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20" + ], + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "ratings": "GITHUB - low", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-cj7v-27pg-wf7q", + "desc": "Description: ### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"c19b779d-2699-44de-a189-a0d18d8dc953\",\n \"id\": \"GHSA-cj7v-27pg-wf7q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20\n ],\n \"description\": \"### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:34Z\",\n \"updated\": \"2023-01-29T05:06:01Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-130" + ], + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "ratings": "GITHUB - medium", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "id": "GHSA-hmr7-m48g-48f6", + "desc": "Description: ### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"a2897b13-bdeb-4a6c-802e-abf09fef10a9\",\n \"id\": \"GHSA-hmr7-m48g-48f6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 130\n ],\n \"description\": \"### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \\\"+\\\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.\",\n \"published\": \"2023-09-14T16:17:27Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-378", + "CWE-379", + "CWE-552" + ], + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "ratings": "GITHUB - high", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "id": "GHSA-g3wg-6mcf-8jj6", + "desc": "Description: ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442\",\n \"id\": \"GHSA-g3wg-6mcf-8jj6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 378,\n 379,\n 552\n ],\n \"description\": \"### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\\\"java.io.tmpdir\\\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \\\".dir\\\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh\",\n \"published\": \"2020-11-04T17:50:24Z\",\n \"updated\": \"2023-11-27T23:07:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "ratings": "GITHUB - low", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "id": "GHSA-58qw-p7qm-5rvh", + "desc": "Description: ### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"76910119-ee18-4144-855b-b2fdab20e33c\",\n \"id\": \"GHSA-58qw-p7qm-5rvh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.\",\n \"published\": \"2023-07-10T21:52:39Z\",\n \"updated\": \"2023-09-05T22:39:32Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "ratings": "GITHUB - medium", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "id": "GHSA-gwcr-j4wh-j3cq", + "desc": "Description: Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d8add710-4eed-448d-b198-ecff8ffe86ea\",\n \"id\": \"GHSA-gwcr-j4wh-j3cq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.\",\n \"published\": \"2021-06-10T15:43:22Z\",\n \"updated\": \"2023-02-01T05:05:51Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-149" + ], + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "ratings": "GITHUB - low", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "id": "GHSA-3gh6-v5v9-6v9j", + "desc": "Description: If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"123b8eaf-5572-4945-975d-21ed3c2f101d\",\n \"id\": \"GHSA-3gh6-v5v9-6v9j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 149\n ],\n \"description\": \"If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\\\"' && execCmd.contains(\\\" \\\")) execCmd = \\\"\\\\\\\"\\\" + execCmd + \\\"\\\\\\\"\\\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888\",\n \"published\": \"2023-09-14T16:16:00Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-200", + "CWE-732" + ], + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "ratings": "GITHUB - medium", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "id": "GHSA-269g-pwp5-87pp", + "desc": "Description: ### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"499117ae-d134-4505-8674-ed498531e7a9\",\n \"id\": \"GHSA-269g-pwp5-87pp\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200,\n 732\n ],\n \"description\": \"### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\\\"myfile.txt\\\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\\\"subfolder\\\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).\",\n \"published\": \"2020-10-12T17:33:00Z\",\n \"updated\": \"2023-02-01T05:04:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "ratings": "INTERNAL - high" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "INT-f70z-tbpp-4o5d", + "id": "INT-f70z-tbpp-4o5d", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4ad3464b-09c7-40fa-ab51-754f3f196cd4\",\n \"id\": \"INT-f70z-tbpp-4o5d\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "ratings": "INTERNAL - low" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "testing", + "id": "INT-63e3-49kp-blqt", + "desc": "Description: testing", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad\",\n \"id\": \"INT-63e3-49kp-blqt\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"description\": \"testing\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "ratings": "GITHUB - high", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "id": "GHSA-j8jw-g6fq-mp7h", + "desc": "Description: A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"1f182b73-afb8-424c-8e08-533a0f702076\",\n \"id\": \"GHSA-j8jw-g6fq-mp7h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.\",\n \"published\": \"2022-02-09T22:57:29Z\",\n \"updated\": \"2024-06-27T16:39:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "ratings": "GITHUB - medium", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "id": "GHSA-8grg-q944-cch5", + "desc": "Description: A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8ba20df5-3877-4825-a8f2-b52e2d2f86d8\",\n \"id\": \"GHSA-8grg-q944-cch5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.\",\n \"published\": \"2022-02-10T23:05:04Z\",\n \"updated\": \"2024-06-27T18:05:49Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "ratings": "GITHUB - critical", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "id": "GHSA-hwj3-m3p6-hj38", + "desc": "Description: dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "impact": 1, + "code": "{\n \"bom-ref\": \"55ebe39e-12f6-4360-aeba-9913ef7efb68\",\n \"id\": \"GHSA-hwj3-m3p6-hj38\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.\",\n \"published\": \"2020-06-05T16:13:36Z\",\n \"updated\": \"2023-01-27T05:02:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-79" + ], + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "ratings": "GITHUB - medium", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "id": "GHSA-7r82-7xv7-xcpj", + "desc": "Description: Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8c0002e8-9326-40f7-9209-51020755ff02\",\n \"id\": \"GHSA-7r82-7xv7-xcpj\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 79\n ],\n \"description\": \"Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\",\n \"published\": \"2021-06-03T23:40:23Z\",\n \"updated\": \"2023-02-01T05:05:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "ratings": "GITHUB - critical", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "id": "GHSA-jvfv-hrrc-6q72", + "desc": "Description: The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7b0674fc-e326-47d0-b34b-b5bfb523784b\",\n \"id\": \"GHSA-jvfv-hrrc-6q72\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.\",\n \"published\": \"2022-03-05T00:00:45Z\",\n \"updated\": \"2023-01-27T05:02:46Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-410" + ], + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "ratings": "GITHUB - high", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-wgmr-mf83-7x4j", + "desc": "Description: ### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c3fdf61d-7886-423b-8a29-b6ab6790c127\",\n \"id\": \"GHSA-wgmr-mf83-7x4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 410\n ],\n \"description\": \"### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:40Z\",\n \"updated\": \"2023-07-24T19:39:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "ratings": "GITHUB - medium", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "id": "GHSA-qppj-fm5r-hxr3", + "desc": "Description: ## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"affa7af3-427f-4223-8028-d9ac45e80e08\",\n \"id\": \"GHSA-qppj-fm5r-hxr3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.\",\n \"published\": \"2023-10-10T21:28:24Z\",\n \"updated\": \"2024-06-21T21:34:00Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "ratings": "GITHUB - high", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "id": "GHSA-rggv-cv7r-mw98", + "desc": "Description: ### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"bc8ec43b-7cba-4167-9a9d-901fcb443ac8\",\n \"id\": \"GHSA-rggv-cv7r-mw98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.\",\n \"published\": \"2024-02-26T20:13:46Z\",\n \"updated\": \"2024-05-02T18:38:19Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-190" + ], + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "ratings": "GITHUB - high", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "id": "GHSA-wgh7-54f2-x98r", + "desc": "Description: An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c8bd5d7e-e9be-459c-b6e2-05de86a00bb9\",\n \"id\": \"GHSA-wgh7-54f2-x98r\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 190\n ],\n \"description\": \"An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634\",\n \"published\": \"2023-10-10T21:16:23Z\",\n \"updated\": \"2024-06-21T21:33:57Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-295" + ], + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "ratings": "GITHUB - medium", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "id": "GHSA-w4g2-9hj6-5472", + "desc": "Description: Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f987bc98-65f5-402b-8b39-7e8e3e730ebe\",\n \"id\": \"GHSA-w4g2-9hj6-5472\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 295\n ],\n \"description\": \"Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.\",\n \"published\": \"2018-10-18T18:06:08Z\",\n \"updated\": \"2023-01-09T05:03:38Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "ratings": "GITHUB - medium", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "id": "GHSA-mm8h-8587-p46h", + "desc": "Description: ### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5acc2eee-8433-4a66-b9c5-3dcc7be5b29a\",\n \"id\": \"GHSA-mm8h-8587-p46h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \\\"A\\\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\\\"Send Finish\\\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\\\"Received Length : \\\" + s.length()); }else{ System.out.println(\\\"null\\\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.\",\n \"published\": \"2023-10-24T01:49:09Z\",\n \"updated\": \"2023-11-05T05:04:23Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "ratings": "GITHUB - critical", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "id": "GHSA-h376-j262-vhq6", + "desc": "Description: ### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "impact": 1, + "code": "{\n \"bom-ref\": \"815a1358-2bd4-4028-bd3e-8219747c78f6\",\n \"id\": \"GHSA-h376-j262-vhq6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.\",\n \"published\": \"2022-01-06T23:55:09Z\",\n \"updated\": \"2023-02-25T00:31:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-88" + ], + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "ratings": "GITHUB - critical", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "id": "GHSA-45hx-wfhj-473x", + "desc": "Description: H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c8a50465-16df-44e0-84e9-7acff5870a51\",\n \"id\": \"GHSA-45hx-wfhj-473x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 88\n ],\n \"description\": \"H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.\",\n \"published\": \"2022-01-21T23:07:39Z\",\n \"updated\": \"2023-08-18T15:47:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + } + ], + "sha256": "f7fcd590f502add6e584b6890c29f6a329ea52928100784f014e4013dcefb42c" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:b9d34fa9-4f62-4b08-ae38-af606a1dc7fd", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:31:55Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ], + "raw": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:b9d34fa9-4f62-4b08-ae38-af606a1dc7fd", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:31:55Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "vulnerabilities": [ + { + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "id": "GHSA-5mg8-w23w-74h3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 173, + 200, + 378, + 732 + ], + "description": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "id": "GHSA-7g45-4rm6-3mm3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 379, + 552 + ], + "description": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "id": "GHSA-5p34-5m6p-p58g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "id": "GHSA-27xj-rqx5-2255", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "id": "GHSA-58pp-9c76-5625", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "id": "GHSA-v3xw-c963-f5hc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "id": "GHSA-h4rc-386g-6m85", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "id": "GHSA-9vvp-fxw6-jcxr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "id": "GHSA-rf6r-2c4q-2vwg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "id": "GHSA-758m-v56v-grj4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "id": "GHSA-95cm-88f5-f2c7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "id": "GHSA-c2q3-4qrh-fm48", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "id": "GHSA-mc6h-4qgp-37qh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "id": "GHSA-j823-4qch-3rgm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "id": "GHSA-c265-37vj-cwcc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "id": "GHSA-4w82-r329-3q67", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "id": "GHSA-rpr3-cw39-3pxh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "id": "GHSA-fmmc-742q-jg75", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "id": "GHSA-gjmw-vf9h-g25v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "id": "GHSA-mx7p-6679-8g3q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "id": "GHSA-q93h-jc49-78gg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "id": "GHSA-p43x-xfjf-5jhr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "id": "GHSA-h3cw-g4mq-c5x2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 94, + 502 + ], + "description": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "id": "GHSA-qjw2-hr98-qgfh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "id": "GHSA-8w26-6f25-cm9x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "id": "GHSA-m6x4-97wx-4q27", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "id": "GHSA-v585-23hc-c647", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "id": "GHSA-r695-7vr9-jgc2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "id": "GHSA-vfqx-33qm-g869", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "id": "GHSA-f9xh-2qgp-cq57", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "id": "GHSA-cvm9-fjm9-3572", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "id": "GHSA-9gph-22xh-8x98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "id": "GHSA-89qr-369f-5m5x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "id": "GHSA-8c4j-34r4-xr8g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "id": "GHSA-9m6f-7xcq-8vf8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "id": "GHSA-5r5r-6hpj-8gg9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "id": "GHSA-wh8g-3j2c-rqj5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "id": "GHSA-r3gr-cxrf-hg25", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502, + 913 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "id": "GHSA-jjjh-jjxp-wpff", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "id": "GHSA-5949-rw7g-wx7w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "id": "GHSA-57j2-w4cx-62h2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 787 + ], + "description": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "id": "GHSA-288c-cq4h-88gq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "id": "GHSA-gww7-p5w4-wrfv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "id": "GHSA-rgv9-q543-rqg4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "id": "GHSA-fqwf-pjwf-7vqv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "id": "GHSA-8jpx-m2wh-2v34", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "id": "GHSA-3mcp-9wr4-cjqf", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "id": "GHSA-rvwf-54qp-4r6v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 776 + ], + "description": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "id": "GHSA-9w3m-gqgf-c4p9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "id": "GHSA-w37g-rhq8-7m4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "id": "GHSA-c4r9-r8fh-9vj2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "id": "GHSA-hhhw-99gj-p3c3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "id": "GHSA-98wm-3w3q-mw94", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "id": "GHSA-3mc7-4q67-w48m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 776 + ], + "description": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "id": "GHSA-mjmj-j48q-9wg2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 20, + 502 + ], + "description": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "id": "GHSA-668q-qrv7-99fm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "id": "GHSA-m394-8rww-3jr7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "id": "GHSA-m6cp-vxjx-65j6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 613 + ], + "description": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "id": "GHSA-26vr-8j45-3r4w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 551, + 755 + ], + "description": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "id": "GHSA-p26g-97m4-6q7c", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "id": "GHSA-qw69-rqj8-6qw8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400, + 770 + ], + "description": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "id": "GHSA-86wm-rrjm-8wh8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 226 + ], + "description": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "id": "GHSA-cj7v-27pg-wf7q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 20 + ], + "description": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "id": "GHSA-hmr7-m48g-48f6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 130 + ], + "description": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "id": "GHSA-g3wg-6mcf-8jj6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 378, + 379, + 552 + ], + "description": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "id": "GHSA-58qw-p7qm-5rvh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "id": "GHSA-gwcr-j4wh-j3cq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "id": "GHSA-3gh6-v5v9-6v9j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 149 + ], + "description": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "id": "GHSA-269g-pwp5-87pp", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200, + 732 + ], + "description": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "id": "INT-f70z-tbpp-4o5d", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "high", + "method": "other" + } + ], + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "id": "INT-63e3-49kp-blqt", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "low", + "method": "other" + } + ], + "description": "testing", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "id": "GHSA-j8jw-g6fq-mp7h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "id": "GHSA-8grg-q944-cch5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "id": "GHSA-hwj3-m3p6-hj38", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "id": "GHSA-7r82-7xv7-xcpj", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 79 + ], + "description": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "id": "GHSA-jvfv-hrrc-6q72", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "id": "GHSA-wgmr-mf83-7x4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 410 + ], + "description": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "id": "GHSA-rggv-cv7r-mw98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "id": "GHSA-wgh7-54f2-x98r", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 190 + ], + "description": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "id": "GHSA-w4g2-9hj6-5472", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 295 + ], + "description": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "id": "GHSA-mm8h-8587-p46h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "id": "GHSA-h376-j262-vhq6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + }, + { + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "id": "GHSA-45hx-wfhj-473x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 88 + ], + "description": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z", + "affects": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7" + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf.json new file mode 100644 index 000000000..3136acb0e --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vex-hdf.json @@ -0,0 +1,3830 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-173", + "CWE-200", + "CWE-378", + "CWE-732" + ], + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "ratings": "GITHUB - low", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "id": "GHSA-5mg8-w23w-74h3", + "desc": "Description: A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"b7a12947-7a8d-4031-b59d-640d33dbad6a\",\n \"id\": \"GHSA-5mg8-w23w-74h3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 173,\n 200,\n 378,\n 732\n ],\n \"description\": \"A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.\",\n \"published\": \"2021-03-25T17:04:19Z\",\n \"updated\": \"2023-11-09T18:44:38Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-379", + "CWE-552" + ], + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "ratings": "GITHUB - medium", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "id": "GHSA-7g45-4rm6-3mm3", + "desc": "Description: Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bb03c210-ea12-450d-85df-17d81a75ede2\",\n \"id\": \"GHSA-7g45-4rm6-3mm3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 379,\n 552\n ],\n \"description\": \"Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.\",\n \"published\": \"2023-06-14T18:30:38Z\",\n \"updated\": \"2024-02-13T21:49:15Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "ratings": "GITHUB - critical", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "id": "GHSA-5p34-5m6p-p58g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "impact": 1, + "code": "{\n \"bom-ref\": \"d097e083-0b0a-4e3c-9f29-fc936f27ec6f\",\n \"id\": \"GHSA-5p34-5m6p-p58g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).\",\n \"published\": \"2020-04-23T21:08:40Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "id": "GHSA-27xj-rqx5-2255", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f57dc81d-6b2d-4060-8c15-7613c1a37981\",\n \"id\": \"GHSA-27xj-rqx5-2255\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).\",\n \"published\": \"2020-05-15T18:58:44Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "ratings": "GITHUB - high", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "id": "GHSA-58pp-9c76-5625", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"600ecfb9-66c7-4fc2-88e8-2bf9efe40628\",\n \"id\": \"GHSA-58pp-9c76-5625\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).\",\n \"published\": \"2020-06-10T21:12:41Z\",\n \"updated\": \"2023-02-01T05:03:03Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "id": "GHSA-v3xw-c963-f5hc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"36dba0ba-dc6c-4f8a-822c-e51ca444d1bf\",\n \"id\": \"GHSA-v3xw-c963-f5hc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).\",\n \"published\": \"2020-05-15T18:58:50Z\",\n \"updated\": \"2023-02-01T05:03:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "ratings": "GITHUB - high", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "id": "GHSA-h4rc-386g-6m85", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"e5cba611-d1ce-48a5-8fc2-ac68ba133947\",\n \"id\": \"GHSA-h4rc-386g-6m85\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\",\n \"published\": \"2020-04-23T20:19:02Z\",\n \"updated\": \"2024-03-15T00:41:35Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "id": "GHSA-9vvp-fxw6-jcxr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9e292de9-f4f7-4d45-9ecb-846c4b972f6f\",\n \"id\": \"GHSA-9vvp-fxw6-jcxr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\",\n \"published\": \"2020-05-15T18:58:47Z\",\n \"updated\": \"2024-03-15T00:48:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "id": "GHSA-rf6r-2c4q-2vwg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"343cd240-f667-4770-aecf-ddc11f9d0172\",\n \"id\": \"GHSA-rf6r-2c4q-2vwg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\",\n \"published\": \"2020-05-15T18:58:54Z\",\n \"updated\": \"2024-03-15T00:50:18Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "ratings": "GITHUB - high", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "id": "GHSA-758m-v56v-grj4", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0f7e16f6-f01e-4cc0-a835-08f3ba72625f\",\n \"id\": \"GHSA-758m-v56v-grj4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.\",\n \"published\": \"2020-04-23T21:36:03Z\",\n \"updated\": \"2024-06-25T13:46:45Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "ratings": "GITHUB - high", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "id": "GHSA-95cm-88f5-f2c7", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c2e5f22d-f91f-4689-bdb1-782974d6fa7a\",\n \"id\": \"GHSA-95cm-88f5-f2c7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\",\n \"published\": \"2020-04-23T16:32:59Z\",\n \"updated\": \"2024-07-03T21:10:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "id": "GHSA-c2q3-4qrh-fm48", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"49fa1888-bfa1-480a-8564-3b62b8bf5c3c\",\n \"id\": \"GHSA-c2q3-4qrh-fm48\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\",\n \"published\": \"2020-06-18T14:44:50Z\",\n \"updated\": \"2023-02-01T05:04:14Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "id": "GHSA-mc6h-4qgp-37qh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"97981cb2-9228-4b8b-a172-ad12f550a19f\",\n \"id\": \"GHSA-mc6h-4qgp-37qh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\",\n \"published\": \"2020-06-18T14:44:43Z\",\n \"updated\": \"2024-03-15T00:37:17Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "id": "GHSA-j823-4qch-3rgm", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"941d2fac-724b-4a2c-a8ba-c5a434fa3bf7\",\n \"id\": \"GHSA-j823-4qch-3rgm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).\",\n \"published\": \"2020-06-18T14:44:46Z\",\n \"updated\": \"2024-03-15T00:39:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "id": "GHSA-c265-37vj-cwcc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7e3a7481-266e-4cb7-af3b-94dcaf462942\",\n \"id\": \"GHSA-c265-37vj-cwcc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).\",\n \"published\": \"2020-06-18T14:44:48Z\",\n \"updated\": \"2024-06-25T13:46:04Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "id": "GHSA-4w82-r329-3q67", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "impact": 1, + "code": "{\n \"bom-ref\": \"db7cfe67-0b1d-4504-af8b-da26e12af73a\",\n \"id\": \"GHSA-4w82-r329-3q67\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.\",\n \"published\": \"2020-03-04T20:52:14Z\",\n \"updated\": \"2023-06-08T19:02:12Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "ratings": "GITHUB - high", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "id": "GHSA-rpr3-cw39-3pxh", + "desc": "Description: The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7c0af63e-ef57-43aa-9c91-d79c7e37ab20\",\n \"id\": \"GHSA-rpr3-cw39-3pxh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.\",\n \"published\": \"2022-07-15T19:41:47Z\",\n \"updated\": \"2023-08-18T15:45:27Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "id": "GHSA-fmmc-742q-jg75", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c037af59-a132-4727-8cc3-c6095c490df7\",\n \"id\": \"GHSA-fmmc-742q-jg75\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.\",\n \"published\": \"2019-11-13T00:32:27Z\",\n \"updated\": \"2023-09-14T14:55:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "id": "GHSA-gjmw-vf9h-g25v", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "impact": 1, + "code": "{\n \"bom-ref\": \"0b8d112a-b683-414d-93b6-48fa2cabb7c9\",\n \"id\": \"GHSA-gjmw-vf9h-g25v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.\",\n \"published\": \"2019-11-13T00:32:38Z\",\n \"updated\": \"2023-09-14T14:55:25Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "ratings": "GITHUB - critical", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "id": "GHSA-mx7p-6679-8g3q", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"e8b21aeb-ce1d-4df2-8102-577b813e712f\",\n \"id\": \"GHSA-mx7p-6679-8g3q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.\",\n \"published\": \"2019-10-28T20:51:15Z\",\n \"updated\": \"2024-03-15T00:57:37Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "id": "GHSA-q93h-jc49-78gg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "impact": 1, + "code": "{\n \"bom-ref\": \"e141c668-bc18-4738-b3b6-e7ba1057d124\",\n \"id\": \"GHSA-q93h-jc49-78gg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).\",\n \"published\": \"2020-05-15T18:59:10Z\",\n \"updated\": \"2023-09-14T15:09:40Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "id": "GHSA-p43x-xfjf-5jhr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "impact": 1, + "code": "{\n \"bom-ref\": \"7aec5714-d04e-4e86-8f4c-51f5cf2568d9\",\n \"id\": \"GHSA-p43x-xfjf-5jhr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\",\n \"published\": \"2020-05-15T18:59:01Z\",\n \"updated\": \"2024-03-15T00:20:09Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-94", + "CWE-502" + ], + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "id": "GHSA-h3cw-g4mq-c5x2", + "desc": "Description: This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6af6635c-bedd-40e5-88b8-324d3a80a33e\",\n \"id\": \"GHSA-h3cw-g4mq-c5x2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 94,\n 502\n ],\n \"description\": \"This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).\",\n \"published\": \"2021-12-09T19:14:51Z\",\n \"updated\": \"2023-09-14T15:44:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "id": "GHSA-qjw2-hr98-qgfh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"3ad04380-a25c-41d8-8fad-259c2561795b\",\n \"id\": \"GHSA-qjw2-hr98-qgfh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.\",\n \"published\": \"2021-12-09T19:15:36Z\",\n \"updated\": \"2023-09-14T15:47:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "id": "GHSA-8w26-6f25-cm9x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"86f78c35-adfb-48e4-9428-88084373e1c0\",\n \"id\": \"GHSA-8w26-6f25-cm9x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.\",\n \"published\": \"2021-12-09T19:16:02Z\",\n \"updated\": \"2023-09-14T15:52:49Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-m6x4-97wx-4q27", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d73d38a-3ff6-4fac-8c03-b09b64e9e537\",\n \"id\": \"GHSA-m6x4-97wx-4q27\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:26Z\",\n \"updated\": \"2023-09-14T15:53:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "ratings": "GITHUB - high", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "id": "GHSA-v585-23hc-c647", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00033bff-66dc-4a36-ab38-a10b0625409f\",\n \"id\": \"GHSA-v585-23hc-c647\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.\",\n \"published\": \"2021-11-19T20:13:06Z\",\n \"updated\": \"2023-09-14T15:59:33Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "id": "GHSA-r695-7vr9-jgc2", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"14e2856b-f78d-4a6d-99eb-470c8566df29\",\n \"id\": \"GHSA-r695-7vr9-jgc2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:51Z\",\n \"updated\": \"2023-09-14T16:01:31Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "id": "GHSA-vfqx-33qm-g869", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c224f923-be9a-4faa-a930-ef4db611bc2b\",\n \"id\": \"GHSA-vfqx-33qm-g869\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.\",\n \"published\": \"2021-12-09T19:16:59Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "id": "GHSA-f9xh-2qgp-cq57", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5201940b-1f04-4668-ae86-8261448d817d\",\n \"id\": \"GHSA-f9xh-2qgp-cq57\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.\",\n \"published\": \"2021-12-09T19:16:42Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-cvm9-fjm9-3572", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd\",\n \"id\": \"GHSA-cvm9-fjm9-3572\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:16:10Z\",\n \"updated\": \"2023-09-14T16:07:00Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-9gph-22xh-8x98", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4fcb77a9-67b3-4b3f-bc01-684b8ba72294\",\n \"id\": \"GHSA-9gph-22xh-8x98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:15:54Z\",\n \"updated\": \"2023-09-14T16:07:40Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-89qr-369f-5m5x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"950cff67-088e-4f41-9818-25943c9e17c0\",\n \"id\": \"GHSA-89qr-369f-5m5x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:15:46Z\",\n \"updated\": \"2023-09-14T16:08:37Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-8c4j-34r4-xr8g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"53eda8c2-268a-4866-89ac-234bfe7f74ce\",\n \"id\": \"GHSA-8c4j-34r4-xr8g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:16:18Z\",\n \"updated\": \"2023-09-14T16:13:01Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "id": "GHSA-9m6f-7xcq-8vf8", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9edaa51d-929b-457e-aab5-0fffecdb4938\",\n \"id\": \"GHSA-9m6f-7xcq-8vf8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.\",\n \"published\": \"2021-12-09T19:16:34Z\",\n \"updated\": \"2023-09-14T16:15:44Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "id": "GHSA-5r5r-6hpj-8gg9", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d5189b4-d549-419a-b886-43a62cc43d40\",\n \"id\": \"GHSA-5r5r-6hpj-8gg9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).\",\n \"published\": \"2021-12-09T19:15:24Z\",\n \"updated\": \"2023-11-21T11:40:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-wh8g-3j2c-rqj5", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"135c6dab-529e-4855-ab72-a0138e2110c8\",\n \"id\": \"GHSA-wh8g-3j2c-rqj5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:00Z\",\n \"updated\": \"2024-03-15T00:28:08Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502", + "CWE-913" + ], + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "id": "GHSA-r3gr-cxrf-hg25", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"57f41366-73de-4a9c-ba15-4d09c9f60e33\",\n \"id\": \"GHSA-r3gr-cxrf-hg25\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502,\n 913\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:11Z\",\n \"updated\": \"2024-06-25T13:47:23Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "id": "GHSA-jjjh-jjxp-wpff", + "desc": "Description: In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"ccd0ef88-c0fe-4a10-a648-c779ce82b888\",\n \"id\": \"GHSA-jjjh-jjxp-wpff\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-15T00:14:44Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "ratings": "GITHUB - high", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "id": "GHSA-5949-rw7g-wx7w", + "desc": "Description: A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"726a055c-f364-4cb7-a75a-d3c541dad0fa\",\n \"id\": \"GHSA-5949-rw7g-wx7w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\",\n \"published\": \"2021-01-20T21:20:15Z\",\n \"updated\": \"2024-03-15T00:16:04Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-787" + ], + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "ratings": "GITHUB - high", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "id": "GHSA-57j2-w4cx-62h2", + "desc": "Description: jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"75d8b4d7-7c79-4627-b229-8d5e38fc5d8b\",\n \"id\": \"GHSA-57j2-w4cx-62h2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 787\n ],\n \"description\": \"jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.\",\n \"published\": \"2022-03-12T00:00:36Z\",\n \"updated\": \"2024-03-15T00:24:56Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "ratings": "GITHUB - high", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "id": "GHSA-288c-cq4h-88gq", + "desc": "Description: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"cc0ff323-0529-4064-8a2d-1f7a8e2a1332\",\n \"id\": \"GHSA-288c-cq4h-88gq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.\",\n \"published\": \"2021-02-18T20:51:54Z\",\n \"updated\": \"2024-03-15T00:31:24Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "id": "GHSA-gww7-p5w4-wrfv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7c4227e3-a0a9-4361-8eab-6ab5fa9550b2\",\n \"id\": \"GHSA-gww7-p5w4-wrfv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.\",\n \"published\": \"2020-03-04T20:52:11Z\",\n \"updated\": \"2024-03-15T00:52:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "id": "GHSA-rgv9-q543-rqg4", + "desc": "Description: In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"87742746-bd8b-423d-979d-d9aa81a8ccfd\",\n \"id\": \"GHSA-rgv9-q543-rqg4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-24T05:01:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "id": "GHSA-fqwf-pjwf-7vqv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5c0b94e1-0577-42c9-8028-f244d68f61da\",\n \"id\": \"GHSA-fqwf-pjwf-7vqv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).\",\n \"published\": \"2020-05-15T18:59:04Z\",\n \"updated\": \"2024-07-03T21:10:31Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "ratings": "GITHUB - high", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-8jpx-m2wh-2v34", + "desc": "Description: ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f2fa9b19-418a-4901-9840-a8631227701e\",\n \"id\": \"GHSA-8jpx-m2wh-2v34\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-04-10T18:42:20Z\",\n \"updated\": \"2023-01-09T05:02:18Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "ratings": "GITHUB - high", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-3mcp-9wr4-cjqf", + "desc": "Description: Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00bc944f-fead-400b-8bbd-0c5b56ba2b14\",\n \"id\": \"GHSA-3mcp-9wr4-cjqf\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-02-24T17:27:27Z\",\n \"updated\": \"2024-06-05T16:42:03Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-776" + ], + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "ratings": "GITHUB - high", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "id": "GHSA-rvwf-54qp-4r6v", + "desc": "Description: The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"210a5c45-88ac-4c1f-a5f4-f93c7af6f59e\",\n \"id\": \"GHSA-rvwf-54qp-4r6v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 776\n ],\n \"description\": \"The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.\",\n \"published\": \"2021-06-04T21:37:45Z\",\n \"updated\": \"2023-05-22T20:17:58Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "id": "GHSA-9w3m-gqgf-c4p9", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"63a53dc7-5769-43dc-a053-50ccd5295d8b\",\n \"id\": \"GHSA-9w3m-gqgf-c4p9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "ratings": "GITHUB - medium", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "id": "GHSA-w37g-rhq8-7m4j", + "desc": "Description: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5ab41975-23cc-45e0-9a13-be603ea00595\",\n \"id\": \"GHSA-w37g-rhq8-7m4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.\",\n \"published\": \"2022-11-11T19:00:31Z\",\n \"updated\": \"2024-06-21T21:33:52Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-c4r9-r8fh-9vj2", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"dff65990-715e-4f71-aace-60d4436af108\",\n \"id\": \"GHSA-c4r9-r8fh-9vj2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-hhhw-99gj-p3c3", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d55a9a55-cf82-483f-9a7c-8bf5395ce510\",\n \"id\": \"GHSA-hhhw-99gj-p3c3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-98wm-3w3q-mw94", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"6c215a04-8ea0-421f-961b-d5cceb64fd13\",\n \"id\": \"GHSA-98wm-3w3q-mw94\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-776" + ], + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "ratings": "GITHUB - high", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "id": "GHSA-3mc7-4q67-w48m", + "desc": "Description: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"38c08d91-3487-44c4-b258-d5a274a4ad05\",\n \"id\": \"GHSA-3mc7-4q67-w48m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 776\n ],\n \"description\": \"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\",\n \"published\": \"2022-08-31T00:00:24Z\",\n \"updated\": \"2024-03-15T19:06:46Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20", + "CWE-502" + ], + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "ratings": "GITHUB - high", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "id": "GHSA-mjmj-j48q-9wg2", + "desc": "Description: ### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"da9ea5d3-a3c2-4d1b-8425-a799e47a804f\",\n \"id\": \"GHSA-mjmj-j48q-9wg2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20,\n 502\n ],\n \"description\": \"### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022\",\n \"published\": \"2022-12-12T21:19:47Z\",\n \"updated\": \"2024-06-24T21:22:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "ratings": "GITHUB - medium", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "id": "GHSA-668q-qrv7-99fm", + "desc": "Description: In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bdd3f85b-5284-4163-be5b-0dd84b9300ac\",\n \"id\": \"GHSA-668q-qrv7-99fm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.\",\n \"published\": \"2021-12-17T20:00:50Z\",\n \"updated\": \"2023-01-30T05:04:55Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "ratings": "GITHUB - high", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "id": "GHSA-vmq6-5m68-f53m", + "desc": "Description: A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0d58391c-d0fe-4b46-8f8d-6a49db7fb354\",\n \"id\": \"GHSA-vmq6-5m68-f53m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html\",\n \"published\": \"2023-11-29T12:30:16Z\",\n \"updated\": \"2023-12-05T21:31:13Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "ratings": "GITHUB - medium", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "id": "GHSA-m394-8rww-3jr7", + "desc": "Description: ### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"17d2faa1-cd26-4ac7-8c68-c4a44ec398a8\",\n \"id\": \"GHSA-m394-8rww-3jr7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater\",\n \"published\": \"2021-03-10T03:46:47Z\",\n \"updated\": \"2023-02-01T05:05:09Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "AC-12" + ], + "cci": [ + "CCI-002361" + ], + "cwe": [ + "CWE-613" + ], + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "ratings": "GITHUB - low", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "id": "GHSA-m6cp-vxjx-65j6", + "desc": "Description: ### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"f32ca540-f068-4392-bea0-c0d7b050b7d1\",\n \"id\": \"GHSA-m6cp-vxjx-65j6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 613\n ],\n \"description\": \"### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.\",\n \"published\": \"2021-06-23T20:23:04Z\",\n \"updated\": \"2023-02-01T05:05:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-551", + "CWE-755" + ], + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "ratings": "GITHUB - high", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "id": "GHSA-26vr-8j45-3r4w", + "desc": "Description: ### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d35c4e5-f5ee-4572-af28-1ca71cf48158\",\n \"id\": \"GHSA-26vr-8j45-3r4w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 551,\n 755\n ],\n \"description\": \"### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\\\"sslContextFactory\\\") SslContextFactory factory, @Name(\\\"next\\\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\\\"Encrypted buffer max length exceeded\\\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty\",\n \"published\": \"2021-04-06T17:31:30Z\",\n \"updated\": \"2023-09-26T11:11:47Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "ratings": "GITHUB - low", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "id": "GHSA-p26g-97m4-6q7c", + "desc": "Description: Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"d5c5815d-1742-46b6-953a-a4ed90fdd920\",\n \"id\": \"GHSA-p26g-97m4-6q7c\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\\\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\\\"b; JSESSIONID=1337; c=d\\\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265\",\n \"published\": \"2023-04-18T22:19:57Z\",\n \"updated\": \"2023-11-06T05:01:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-770" + ], + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ratings": "GITHUB - medium", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "id": "GHSA-qw69-rqj8-6qw8", + "desc": "Description: ### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f6ff72c7-6603-4627-899d-658f8f7c5f23\",\n \"id\": \"GHSA-qw69-rqj8-6qw8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 770\n ],\n \"description\": \"### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload\",\n \"published\": \"2023-04-19T18:15:45Z\",\n \"updated\": \"2023-11-06T05:02:06Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-4" + ], + "cci": [ + "CCI-001090" + ], + "cwe": [ + "CWE-226" + ], + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "ratings": "GITHUB - medium", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "id": "GHSA-86wm-rrjm-8wh8", + "desc": "Description: ### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"ebc03317-a0b4-4b53-9cd0-7ae4281c02e6\",\n \"id\": \"GHSA-86wm-rrjm-8wh8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 226\n ],\n \"description\": \"### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.\",\n \"published\": \"2020-12-02T18:28:18Z\",\n \"updated\": \"2024-02-21T17:23:14Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20" + ], + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "ratings": "GITHUB - low", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-cj7v-27pg-wf7q", + "desc": "Description: ### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"c19b779d-2699-44de-a189-a0d18d8dc953\",\n \"id\": \"GHSA-cj7v-27pg-wf7q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20\n ],\n \"description\": \"### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:34Z\",\n \"updated\": \"2023-01-29T05:06:01Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-130" + ], + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "ratings": "GITHUB - medium", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "id": "GHSA-hmr7-m48g-48f6", + "desc": "Description: ### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"a2897b13-bdeb-4a6c-802e-abf09fef10a9\",\n \"id\": \"GHSA-hmr7-m48g-48f6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 130\n ],\n \"description\": \"### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \\\"+\\\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.\",\n \"published\": \"2023-09-14T16:17:27Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-378", + "CWE-379", + "CWE-552" + ], + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "ratings": "GITHUB - high", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "id": "GHSA-g3wg-6mcf-8jj6", + "desc": "Description: ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442\",\n \"id\": \"GHSA-g3wg-6mcf-8jj6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 378,\n 379,\n 552\n ],\n \"description\": \"### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\\\"java.io.tmpdir\\\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \\\".dir\\\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh\",\n \"published\": \"2020-11-04T17:50:24Z\",\n \"updated\": \"2023-11-27T23:07:53Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "ratings": "GITHUB - low", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "id": "GHSA-58qw-p7qm-5rvh", + "desc": "Description: ### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"76910119-ee18-4144-855b-b2fdab20e33c\",\n \"id\": \"GHSA-58qw-p7qm-5rvh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.\",\n \"published\": \"2023-07-10T21:52:39Z\",\n \"updated\": \"2023-09-05T22:39:32Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "ratings": "GITHUB - medium", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "id": "GHSA-gwcr-j4wh-j3cq", + "desc": "Description: Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d8add710-4eed-448d-b198-ecff8ffe86ea\",\n \"id\": \"GHSA-gwcr-j4wh-j3cq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.\",\n \"published\": \"2021-06-10T15:43:22Z\",\n \"updated\": \"2023-02-01T05:05:51Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-149" + ], + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "ratings": "GITHUB - low", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "id": "GHSA-3gh6-v5v9-6v9j", + "desc": "Description: If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"123b8eaf-5572-4945-975d-21ed3c2f101d\",\n \"id\": \"GHSA-3gh6-v5v9-6v9j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 149\n ],\n \"description\": \"If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\\\"' && execCmd.contains(\\\" \\\")) execCmd = \\\"\\\\\\\"\\\" + execCmd + \\\"\\\\\\\"\\\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888\",\n \"published\": \"2023-09-14T16:16:00Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-200", + "CWE-732" + ], + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "ratings": "GITHUB - medium", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "id": "GHSA-269g-pwp5-87pp", + "desc": "Description: ### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"499117ae-d134-4505-8674-ed498531e7a9\",\n \"id\": \"GHSA-269g-pwp5-87pp\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200,\n 732\n ],\n \"description\": \"### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\\\"myfile.txt\\\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\\\"subfolder\\\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).\",\n \"published\": \"2020-10-12T17:33:00Z\",\n \"updated\": \"2023-02-01T05:04:50Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "ratings": "INTERNAL - high" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "INT-f70z-tbpp-4o5d", + "id": "INT-f70z-tbpp-4o5d", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4ad3464b-09c7-40fa-ab51-754f3f196cd4\",\n \"id\": \"INT-f70z-tbpp-4o5d\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "ratings": "INTERNAL - low" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "testing", + "id": "INT-63e3-49kp-blqt", + "desc": "Description: testing", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad\",\n \"id\": \"INT-63e3-49kp-blqt\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"description\": \"testing\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "ratings": "GITHUB - high", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "id": "GHSA-j8jw-g6fq-mp7h", + "desc": "Description: A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"1f182b73-afb8-424c-8e08-533a0f702076\",\n \"id\": \"GHSA-j8jw-g6fq-mp7h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.\",\n \"published\": \"2022-02-09T22:57:29Z\",\n \"updated\": \"2024-06-27T16:39:59Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "ratings": "GITHUB - medium", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "id": "GHSA-8grg-q944-cch5", + "desc": "Description: A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8ba20df5-3877-4825-a8f2-b52e2d2f86d8\",\n \"id\": \"GHSA-8grg-q944-cch5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.\",\n \"published\": \"2022-02-10T23:05:04Z\",\n \"updated\": \"2024-06-27T18:05:49Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "ratings": "GITHUB - critical", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "id": "GHSA-hwj3-m3p6-hj38", + "desc": "Description: dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "impact": 1, + "code": "{\n \"bom-ref\": \"55ebe39e-12f6-4360-aeba-9913ef7efb68\",\n \"id\": \"GHSA-hwj3-m3p6-hj38\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.\",\n \"published\": \"2020-06-05T16:13:36Z\",\n \"updated\": \"2023-01-27T05:02:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-79" + ], + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "ratings": "GITHUB - medium", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "id": "GHSA-7r82-7xv7-xcpj", + "desc": "Description: Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8c0002e8-9326-40f7-9209-51020755ff02\",\n \"id\": \"GHSA-7r82-7xv7-xcpj\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 79\n ],\n \"description\": \"Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\",\n \"published\": \"2021-06-03T23:40:23Z\",\n \"updated\": \"2023-02-01T05:05:30Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "ratings": "GITHUB - critical", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "id": "GHSA-jvfv-hrrc-6q72", + "desc": "Description: The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7b0674fc-e326-47d0-b34b-b5bfb523784b\",\n \"id\": \"GHSA-jvfv-hrrc-6q72\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.\",\n \"published\": \"2022-03-05T00:00:45Z\",\n \"updated\": \"2023-01-27T05:02:46Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-410" + ], + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "ratings": "GITHUB - high", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-wgmr-mf83-7x4j", + "desc": "Description: ### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c3fdf61d-7886-423b-8a29-b6ab6790c127\",\n \"id\": \"GHSA-wgmr-mf83-7x4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 410\n ],\n \"description\": \"### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:40Z\",\n \"updated\": \"2023-07-24T19:39:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "ratings": "GITHUB - medium", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "id": "GHSA-qppj-fm5r-hxr3", + "desc": "Description: ## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"affa7af3-427f-4223-8028-d9ac45e80e08\",\n \"id\": \"GHSA-qppj-fm5r-hxr3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.\",\n \"published\": \"2023-10-10T21:28:24Z\",\n \"updated\": \"2024-06-21T21:34:00Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "ratings": "GITHUB - high", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "id": "GHSA-rggv-cv7r-mw98", + "desc": "Description: ### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"bc8ec43b-7cba-4167-9a9d-901fcb443ac8\",\n \"id\": \"GHSA-rggv-cv7r-mw98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.\",\n \"published\": \"2024-02-26T20:13:46Z\",\n \"updated\": \"2024-05-02T18:38:19Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-190" + ], + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "ratings": "GITHUB - high", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "id": "GHSA-wgh7-54f2-x98r", + "desc": "Description: An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c8bd5d7e-e9be-459c-b6e2-05de86a00bb9\",\n \"id\": \"GHSA-wgh7-54f2-x98r\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 190\n ],\n \"description\": \"An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634\",\n \"published\": \"2023-10-10T21:16:23Z\",\n \"updated\": \"2024-06-21T21:33:57Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-295" + ], + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "ratings": "GITHUB - medium", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "id": "GHSA-w4g2-9hj6-5472", + "desc": "Description: Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f987bc98-65f5-402b-8b39-7e8e3e730ebe\",\n \"id\": \"GHSA-w4g2-9hj6-5472\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 295\n ],\n \"description\": \"Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.\",\n \"published\": \"2018-10-18T18:06:08Z\",\n \"updated\": \"2023-01-09T05:03:38Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "ratings": "GITHUB - medium", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "id": "GHSA-mm8h-8587-p46h", + "desc": "Description: ### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5acc2eee-8433-4a66-b9c5-3dcc7be5b29a\",\n \"id\": \"GHSA-mm8h-8587-p46h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \\\"A\\\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\\\"Send Finish\\\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\\\"Received Length : \\\" + s.length()); }else{ System.out.println(\\\"null\\\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.\",\n \"published\": \"2023-10-24T01:49:09Z\",\n \"updated\": \"2023-11-05T05:04:23Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "ratings": "GITHUB - critical", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "id": "GHSA-h376-j262-vhq6", + "desc": "Description: ### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "impact": 1, + "code": "{\n \"bom-ref\": \"815a1358-2bd4-4028-bd3e-8219747c78f6\",\n \"id\": \"GHSA-h376-j262-vhq6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.\",\n \"published\": \"2022-01-06T23:55:09Z\",\n \"updated\": \"2023-02-25T00:31:20Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-88" + ], + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "ratings": "GITHUB - critical", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "id": "GHSA-45hx-wfhj-473x", + "desc": "Description: H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c8a50465-16df-44e0-84e9-7acff5870a51\",\n \"id\": \"GHSA-45hx-wfhj-473x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 88\n ],\n \"description\": \"H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.\",\n \"published\": \"2022-01-21T23:07:39Z\",\n \"updated\": \"2023-08-18T15:47:05Z\",\n \"affects\": [\n {\n \"ref\": \"602de70a-7107-4ac8-9ad2-3c1c816892a7\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component 602de70a-7107-4ac8-9ad2-3c1c816892a7 is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: 602de70a-7107-4ac8-9ad2-3c1c816892a7\n\n- Name: 602de70a-7107-4ac8-9ad2-3c1c816892a7", + "start_time": "" + } + ] + } + ], + "sha256": "f7fcd590f502add6e584b6890c29f6a329ea52928100784f014e4013dcefb42c" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:b9d34fa9-4f62-4b08-ae38-af606a1dc7fd", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:31:55Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf-withraw.json new file mode 100644 index 000000000..0b7bf10c9 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf-withraw.json @@ -0,0 +1,26578 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-173", + "CWE-200", + "CWE-378", + "CWE-732" + ], + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "ratings": "GITHUB - low", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "id": "GHSA-5mg8-w23w-74h3", + "desc": "Description: A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"b7a12947-7a8d-4031-b59d-640d33dbad6a\",\n \"id\": \"GHSA-5mg8-w23w-74h3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 173,\n 200,\n 378,\n 732\n ],\n \"description\": \"A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.\",\n \"published\": \"2021-03-25T17:04:19Z\",\n \"updated\": \"2023-11-09T18:44:38Z\",\n \"affects\": [\n {\n \"ref\": \"1a021b8e-d143-4072-84f0-0e18292f1967\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.google.guava/guava@24.1.1-jre is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1a021b8e-d143-4072-84f0-0e18292f1967\n\n- Group: com.google.guava\n\n- Name: guava\n\n- Version: 24.1.1-jre\n\n- Description: Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-379", + "CWE-552" + ], + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "ratings": "GITHUB - medium", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "id": "GHSA-7g45-4rm6-3mm3", + "desc": "Description: Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bb03c210-ea12-450d-85df-17d81a75ede2\",\n \"id\": \"GHSA-7g45-4rm6-3mm3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 379,\n 552\n ],\n \"description\": \"Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.\",\n \"published\": \"2023-06-14T18:30:38Z\",\n \"updated\": \"2024-02-13T21:49:15Z\",\n \"affects\": [\n {\n \"ref\": \"1a021b8e-d143-4072-84f0-0e18292f1967\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.google.guava/guava@24.1.1-jre is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1a021b8e-d143-4072-84f0-0e18292f1967\n\n- Group: com.google.guava\n\n- Name: guava\n\n- Version: 24.1.1-jre\n\n- Description: Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "ratings": "GITHUB - critical", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "id": "GHSA-5p34-5m6p-p58g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "impact": 1, + "code": "{\n \"bom-ref\": \"d097e083-0b0a-4e3c-9f29-fc936f27ec6f\",\n \"id\": \"GHSA-5p34-5m6p-p58g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).\",\n \"published\": \"2020-04-23T21:08:40Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "id": "GHSA-27xj-rqx5-2255", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f57dc81d-6b2d-4060-8c15-7613c1a37981\",\n \"id\": \"GHSA-27xj-rqx5-2255\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).\",\n \"published\": \"2020-05-15T18:58:44Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "ratings": "GITHUB - high", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "id": "GHSA-58pp-9c76-5625", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"600ecfb9-66c7-4fc2-88e8-2bf9efe40628\",\n \"id\": \"GHSA-58pp-9c76-5625\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).\",\n \"published\": \"2020-06-10T21:12:41Z\",\n \"updated\": \"2023-02-01T05:03:03Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "id": "GHSA-v3xw-c963-f5hc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"36dba0ba-dc6c-4f8a-822c-e51ca444d1bf\",\n \"id\": \"GHSA-v3xw-c963-f5hc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).\",\n \"published\": \"2020-05-15T18:58:50Z\",\n \"updated\": \"2023-02-01T05:03:05Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "ratings": "GITHUB - high", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "id": "GHSA-h4rc-386g-6m85", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"e5cba611-d1ce-48a5-8fc2-ac68ba133947\",\n \"id\": \"GHSA-h4rc-386g-6m85\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\",\n \"published\": \"2020-04-23T20:19:02Z\",\n \"updated\": \"2024-03-15T00:41:35Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "id": "GHSA-9vvp-fxw6-jcxr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9e292de9-f4f7-4d45-9ecb-846c4b972f6f\",\n \"id\": \"GHSA-9vvp-fxw6-jcxr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\",\n \"published\": \"2020-05-15T18:58:47Z\",\n \"updated\": \"2024-03-15T00:48:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "id": "GHSA-rf6r-2c4q-2vwg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"343cd240-f667-4770-aecf-ddc11f9d0172\",\n \"id\": \"GHSA-rf6r-2c4q-2vwg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\",\n \"published\": \"2020-05-15T18:58:54Z\",\n \"updated\": \"2024-03-15T00:50:18Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "ratings": "GITHUB - high", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "id": "GHSA-758m-v56v-grj4", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0f7e16f6-f01e-4cc0-a835-08f3ba72625f\",\n \"id\": \"GHSA-758m-v56v-grj4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.\",\n \"published\": \"2020-04-23T21:36:03Z\",\n \"updated\": \"2024-06-25T13:46:45Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "ratings": "GITHUB - high", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "id": "GHSA-95cm-88f5-f2c7", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c2e5f22d-f91f-4689-bdb1-782974d6fa7a\",\n \"id\": \"GHSA-95cm-88f5-f2c7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\",\n \"published\": \"2020-04-23T16:32:59Z\",\n \"updated\": \"2024-07-03T21:10:50Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "id": "GHSA-c2q3-4qrh-fm48", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"49fa1888-bfa1-480a-8564-3b62b8bf5c3c\",\n \"id\": \"GHSA-c2q3-4qrh-fm48\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\",\n \"published\": \"2020-06-18T14:44:50Z\",\n \"updated\": \"2023-02-01T05:04:14Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "id": "GHSA-mc6h-4qgp-37qh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"97981cb2-9228-4b8b-a172-ad12f550a19f\",\n \"id\": \"GHSA-mc6h-4qgp-37qh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\",\n \"published\": \"2020-06-18T14:44:43Z\",\n \"updated\": \"2024-03-15T00:37:17Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "id": "GHSA-j823-4qch-3rgm", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"941d2fac-724b-4a2c-a8ba-c5a434fa3bf7\",\n \"id\": \"GHSA-j823-4qch-3rgm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).\",\n \"published\": \"2020-06-18T14:44:46Z\",\n \"updated\": \"2024-03-15T00:39:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "id": "GHSA-c265-37vj-cwcc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7e3a7481-266e-4cb7-af3b-94dcaf462942\",\n \"id\": \"GHSA-c265-37vj-cwcc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).\",\n \"published\": \"2020-06-18T14:44:48Z\",\n \"updated\": \"2024-06-25T13:46:04Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "id": "GHSA-4w82-r329-3q67", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "impact": 1, + "code": "{\n \"bom-ref\": \"db7cfe67-0b1d-4504-af8b-da26e12af73a\",\n \"id\": \"GHSA-4w82-r329-3q67\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.\",\n \"published\": \"2020-03-04T20:52:14Z\",\n \"updated\": \"2023-06-08T19:02:12Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "ratings": "GITHUB - high", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "id": "GHSA-rpr3-cw39-3pxh", + "desc": "Description: The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7c0af63e-ef57-43aa-9c91-d79c7e37ab20\",\n \"id\": \"GHSA-rpr3-cw39-3pxh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.\",\n \"published\": \"2022-07-15T19:41:47Z\",\n \"updated\": \"2023-08-18T15:45:27Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "id": "GHSA-fmmc-742q-jg75", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c037af59-a132-4727-8cc3-c6095c490df7\",\n \"id\": \"GHSA-fmmc-742q-jg75\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.\",\n \"published\": \"2019-11-13T00:32:27Z\",\n \"updated\": \"2023-09-14T14:55:20Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "id": "GHSA-gjmw-vf9h-g25v", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "impact": 1, + "code": "{\n \"bom-ref\": \"0b8d112a-b683-414d-93b6-48fa2cabb7c9\",\n \"id\": \"GHSA-gjmw-vf9h-g25v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.\",\n \"published\": \"2019-11-13T00:32:38Z\",\n \"updated\": \"2023-09-14T14:55:25Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "ratings": "GITHUB - critical", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "id": "GHSA-mx7p-6679-8g3q", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"e8b21aeb-ce1d-4df2-8102-577b813e712f\",\n \"id\": \"GHSA-mx7p-6679-8g3q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.\",\n \"published\": \"2019-10-28T20:51:15Z\",\n \"updated\": \"2024-03-15T00:57:37Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "id": "GHSA-q93h-jc49-78gg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "impact": 1, + "code": "{\n \"bom-ref\": \"e141c668-bc18-4738-b3b6-e7ba1057d124\",\n \"id\": \"GHSA-q93h-jc49-78gg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).\",\n \"published\": \"2020-05-15T18:59:10Z\",\n \"updated\": \"2023-09-14T15:09:40Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "id": "GHSA-p43x-xfjf-5jhr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "impact": 1, + "code": "{\n \"bom-ref\": \"7aec5714-d04e-4e86-8f4c-51f5cf2568d9\",\n \"id\": \"GHSA-p43x-xfjf-5jhr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\",\n \"published\": \"2020-05-15T18:59:01Z\",\n \"updated\": \"2024-03-15T00:20:09Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-94", + "CWE-502" + ], + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "id": "GHSA-h3cw-g4mq-c5x2", + "desc": "Description: This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6af6635c-bedd-40e5-88b8-324d3a80a33e\",\n \"id\": \"GHSA-h3cw-g4mq-c5x2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 94,\n 502\n ],\n \"description\": \"This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).\",\n \"published\": \"2021-12-09T19:14:51Z\",\n \"updated\": \"2023-09-14T15:44:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "id": "GHSA-qjw2-hr98-qgfh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"3ad04380-a25c-41d8-8fad-259c2561795b\",\n \"id\": \"GHSA-qjw2-hr98-qgfh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.\",\n \"published\": \"2021-12-09T19:15:36Z\",\n \"updated\": \"2023-09-14T15:47:50Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "id": "GHSA-8w26-6f25-cm9x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"86f78c35-adfb-48e4-9428-88084373e1c0\",\n \"id\": \"GHSA-8w26-6f25-cm9x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.\",\n \"published\": \"2021-12-09T19:16:02Z\",\n \"updated\": \"2023-09-14T15:52:49Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-m6x4-97wx-4q27", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d73d38a-3ff6-4fac-8c03-b09b64e9e537\",\n \"id\": \"GHSA-m6x4-97wx-4q27\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:26Z\",\n \"updated\": \"2023-09-14T15:53:30Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "ratings": "GITHUB - high", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "id": "GHSA-v585-23hc-c647", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00033bff-66dc-4a36-ab38-a10b0625409f\",\n \"id\": \"GHSA-v585-23hc-c647\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.\",\n \"published\": \"2021-11-19T20:13:06Z\",\n \"updated\": \"2023-09-14T15:59:33Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "id": "GHSA-r695-7vr9-jgc2", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"14e2856b-f78d-4a6d-99eb-470c8566df29\",\n \"id\": \"GHSA-r695-7vr9-jgc2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:51Z\",\n \"updated\": \"2023-09-14T16:01:31Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "id": "GHSA-vfqx-33qm-g869", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c224f923-be9a-4faa-a930-ef4db611bc2b\",\n \"id\": \"GHSA-vfqx-33qm-g869\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.\",\n \"published\": \"2021-12-09T19:16:59Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "id": "GHSA-f9xh-2qgp-cq57", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5201940b-1f04-4668-ae86-8261448d817d\",\n \"id\": \"GHSA-f9xh-2qgp-cq57\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.\",\n \"published\": \"2021-12-09T19:16:42Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-cvm9-fjm9-3572", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd\",\n \"id\": \"GHSA-cvm9-fjm9-3572\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:16:10Z\",\n \"updated\": \"2023-09-14T16:07:00Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-9gph-22xh-8x98", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4fcb77a9-67b3-4b3f-bc01-684b8ba72294\",\n \"id\": \"GHSA-9gph-22xh-8x98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:15:54Z\",\n \"updated\": \"2023-09-14T16:07:40Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-89qr-369f-5m5x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"950cff67-088e-4f41-9818-25943c9e17c0\",\n \"id\": \"GHSA-89qr-369f-5m5x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:15:46Z\",\n \"updated\": \"2023-09-14T16:08:37Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-8c4j-34r4-xr8g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"53eda8c2-268a-4866-89ac-234bfe7f74ce\",\n \"id\": \"GHSA-8c4j-34r4-xr8g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:16:18Z\",\n \"updated\": \"2023-09-14T16:13:01Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "id": "GHSA-9m6f-7xcq-8vf8", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9edaa51d-929b-457e-aab5-0fffecdb4938\",\n \"id\": \"GHSA-9m6f-7xcq-8vf8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.\",\n \"published\": \"2021-12-09T19:16:34Z\",\n \"updated\": \"2023-09-14T16:15:44Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "id": "GHSA-5r5r-6hpj-8gg9", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d5189b4-d549-419a-b886-43a62cc43d40\",\n \"id\": \"GHSA-5r5r-6hpj-8gg9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).\",\n \"published\": \"2021-12-09T19:15:24Z\",\n \"updated\": \"2023-11-21T11:40:53Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-wh8g-3j2c-rqj5", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"135c6dab-529e-4855-ab72-a0138e2110c8\",\n \"id\": \"GHSA-wh8g-3j2c-rqj5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:00Z\",\n \"updated\": \"2024-03-15T00:28:08Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502", + "CWE-913" + ], + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "id": "GHSA-r3gr-cxrf-hg25", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"57f41366-73de-4a9c-ba15-4d09c9f60e33\",\n \"id\": \"GHSA-r3gr-cxrf-hg25\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502,\n 913\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:11Z\",\n \"updated\": \"2024-06-25T13:47:23Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "id": "GHSA-jjjh-jjxp-wpff", + "desc": "Description: In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"ccd0ef88-c0fe-4a10-a648-c779ce82b888\",\n \"id\": \"GHSA-jjjh-jjxp-wpff\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-15T00:14:44Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "ratings": "GITHUB - high", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "id": "GHSA-5949-rw7g-wx7w", + "desc": "Description: A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"726a055c-f364-4cb7-a75a-d3c541dad0fa\",\n \"id\": \"GHSA-5949-rw7g-wx7w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\",\n \"published\": \"2021-01-20T21:20:15Z\",\n \"updated\": \"2024-03-15T00:16:04Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-787" + ], + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "ratings": "GITHUB - high", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "id": "GHSA-57j2-w4cx-62h2", + "desc": "Description: jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"75d8b4d7-7c79-4627-b229-8d5e38fc5d8b\",\n \"id\": \"GHSA-57j2-w4cx-62h2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 787\n ],\n \"description\": \"jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.\",\n \"published\": \"2022-03-12T00:00:36Z\",\n \"updated\": \"2024-03-15T00:24:56Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "ratings": "GITHUB - high", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "id": "GHSA-288c-cq4h-88gq", + "desc": "Description: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"cc0ff323-0529-4064-8a2d-1f7a8e2a1332\",\n \"id\": \"GHSA-288c-cq4h-88gq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.\",\n \"published\": \"2021-02-18T20:51:54Z\",\n \"updated\": \"2024-03-15T00:31:24Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "id": "GHSA-gww7-p5w4-wrfv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7c4227e3-a0a9-4361-8eab-6ab5fa9550b2\",\n \"id\": \"GHSA-gww7-p5w4-wrfv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.\",\n \"published\": \"2020-03-04T20:52:11Z\",\n \"updated\": \"2024-03-15T00:52:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "id": "GHSA-rgv9-q543-rqg4", + "desc": "Description: In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"87742746-bd8b-423d-979d-d9aa81a8ccfd\",\n \"id\": \"GHSA-rgv9-q543-rqg4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-24T05:01:05Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "id": "GHSA-fqwf-pjwf-7vqv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5c0b94e1-0577-42c9-8028-f244d68f61da\",\n \"id\": \"GHSA-fqwf-pjwf-7vqv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).\",\n \"published\": \"2020-05-15T18:59:04Z\",\n \"updated\": \"2024-07-03T21:10:31Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "ratings": "GITHUB - high", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-8jpx-m2wh-2v34", + "desc": "Description: ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f2fa9b19-418a-4901-9840-a8631227701e\",\n \"id\": \"GHSA-8jpx-m2wh-2v34\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-04-10T18:42:20Z\",\n \"updated\": \"2023-01-09T05:02:18Z\",\n \"affects\": [\n {\n \"ref\": \"9623a310-0e79-4f71-b9a7-b7046f1fbf30\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component io.dropwizard/dropwizard-validation@1.3.15 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 9623a310-0e79-4f71-b9a7-b7046f1fbf30\n\n- Group: io.dropwizard\n\n- Name: dropwizard-validation\n\n- Version: 1.3.15", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "ratings": "GITHUB - high", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-3mcp-9wr4-cjqf", + "desc": "Description: Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00bc944f-fead-400b-8bbd-0c5b56ba2b14\",\n \"id\": \"GHSA-3mcp-9wr4-cjqf\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-02-24T17:27:27Z\",\n \"updated\": \"2024-06-05T16:42:03Z\",\n \"affects\": [\n {\n \"ref\": \"9623a310-0e79-4f71-b9a7-b7046f1fbf30\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component io.dropwizard/dropwizard-validation@1.3.15 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 9623a310-0e79-4f71-b9a7-b7046f1fbf30\n\n- Group: io.dropwizard\n\n- Name: dropwizard-validation\n\n- Version: 1.3.15", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-776" + ], + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "ratings": "GITHUB - high", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "id": "GHSA-rvwf-54qp-4r6v", + "desc": "Description: The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"210a5c45-88ac-4c1f-a5f4-f93c7af6f59e\",\n \"id\": \"GHSA-rvwf-54qp-4r6v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 776\n ],\n \"description\": \"The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.\",\n \"published\": \"2021-06-04T21:37:45Z\",\n \"updated\": \"2023-05-22T20:17:58Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "id": "GHSA-9w3m-gqgf-c4p9", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"63a53dc7-5769-43dc-a053-50ccd5295d8b\",\n \"id\": \"GHSA-9w3m-gqgf-c4p9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "ratings": "GITHUB - medium", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "id": "GHSA-w37g-rhq8-7m4j", + "desc": "Description: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5ab41975-23cc-45e0-9a13-be603ea00595\",\n \"id\": \"GHSA-w37g-rhq8-7m4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.\",\n \"published\": \"2022-11-11T19:00:31Z\",\n \"updated\": \"2024-06-21T21:33:52Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-c4r9-r8fh-9vj2", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"dff65990-715e-4f71-aace-60d4436af108\",\n \"id\": \"GHSA-c4r9-r8fh-9vj2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-hhhw-99gj-p3c3", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d55a9a55-cf82-483f-9a7c-8bf5395ce510\",\n \"id\": \"GHSA-hhhw-99gj-p3c3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-98wm-3w3q-mw94", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"6c215a04-8ea0-421f-961b-d5cceb64fd13\",\n \"id\": \"GHSA-98wm-3w3q-mw94\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-776" + ], + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "ratings": "GITHUB - high", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "id": "GHSA-3mc7-4q67-w48m", + "desc": "Description: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"38c08d91-3487-44c4-b258-d5a274a4ad05\",\n \"id\": \"GHSA-3mc7-4q67-w48m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 776\n ],\n \"description\": \"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\",\n \"published\": \"2022-08-31T00:00:24Z\",\n \"updated\": \"2024-03-15T19:06:46Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20", + "CWE-502" + ], + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "ratings": "GITHUB - high", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "id": "GHSA-mjmj-j48q-9wg2", + "desc": "Description: ### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"da9ea5d3-a3c2-4d1b-8425-a799e47a804f\",\n \"id\": \"GHSA-mjmj-j48q-9wg2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20,\n 502\n ],\n \"description\": \"### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022\",\n \"published\": \"2022-12-12T21:19:47Z\",\n \"updated\": \"2024-06-24T21:22:59Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "ratings": "GITHUB - medium", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "id": "GHSA-668q-qrv7-99fm", + "desc": "Description: In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bdd3f85b-5284-4163-be5b-0dd84b9300ac\",\n \"id\": \"GHSA-668q-qrv7-99fm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.\",\n \"published\": \"2021-12-17T20:00:50Z\",\n \"updated\": \"2023-01-30T05:04:55Z\",\n \"affects\": [\n {\n \"ref\": \"5e7cd916-704f-4746-83a0-ec3850bb3f49\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-core@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 5e7cd916-704f-4746-83a0-ec3850bb3f49\n\n- Group: ch.qos.logback\n\n- Name: logback-core\n\n- Version: 1.2.3\n\n- Description: logback-core module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "ratings": "GITHUB - high", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "id": "GHSA-vmq6-5m68-f53m", + "desc": "Description: A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0d58391c-d0fe-4b46-8f8d-6a49db7fb354\",\n \"id\": \"GHSA-vmq6-5m68-f53m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html\",\n \"published\": \"2023-11-29T12:30:16Z\",\n \"updated\": \"2023-12-05T21:31:13Z\",\n \"affects\": [\n {\n \"ref\": \"5e7cd916-704f-4746-83a0-ec3850bb3f49\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-core@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 5e7cd916-704f-4746-83a0-ec3850bb3f49\n\n- Group: ch.qos.logback\n\n- Name: logback-core\n\n- Version: 1.2.3\n\n- Description: logback-core module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + }, + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-classic@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 6d8385bd-f9a9-4a97-9031-3a1c717209b7\n\n- Group: ch.qos.logback\n\n- Name: logback-classic\n\n- Version: 1.2.3\n\n- Description: logback-classic module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "ratings": "GITHUB - medium", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "id": "GHSA-m394-8rww-3jr7", + "desc": "Description: ### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"17d2faa1-cd26-4ac7-8c68-c4a44ec398a8\",\n \"id\": \"GHSA-m394-8rww-3jr7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater\",\n \"published\": \"2021-03-10T03:46:47Z\",\n \"updated\": \"2023-02-01T05:05:09Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "AC-12" + ], + "cci": [ + "CCI-002361" + ], + "cwe": [ + "CWE-613" + ], + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "ratings": "GITHUB - low", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "id": "GHSA-m6cp-vxjx-65j6", + "desc": "Description: ### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"f32ca540-f068-4392-bea0-c0d7b050b7d1\",\n \"id\": \"GHSA-m6cp-vxjx-65j6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 613\n ],\n \"description\": \"### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.\",\n \"published\": \"2021-06-23T20:23:04Z\",\n \"updated\": \"2023-02-01T05:05:59Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-551", + "CWE-755" + ], + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "ratings": "GITHUB - high", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "id": "GHSA-26vr-8j45-3r4w", + "desc": "Description: ### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d35c4e5-f5ee-4572-af28-1ca71cf48158\",\n \"id\": \"GHSA-26vr-8j45-3r4w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 551,\n 755\n ],\n \"description\": \"### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\\\"sslContextFactory\\\") SslContextFactory factory, @Name(\\\"next\\\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\\\"Encrypted buffer max length exceeded\\\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty\",\n \"published\": \"2021-04-06T17:31:30Z\",\n \"updated\": \"2023-09-26T11:11:47Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "ratings": "GITHUB - low", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "id": "GHSA-p26g-97m4-6q7c", + "desc": "Description: Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"d5c5815d-1742-46b6-953a-a4ed90fdd920\",\n \"id\": \"GHSA-p26g-97m4-6q7c\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\\\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\\\"b; JSESSIONID=1337; c=d\\\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265\",\n \"published\": \"2023-04-18T22:19:57Z\",\n \"updated\": \"2023-11-06T05:01:53Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-770" + ], + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ratings": "GITHUB - medium", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "id": "GHSA-qw69-rqj8-6qw8", + "desc": "Description: ### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f6ff72c7-6603-4627-899d-658f8f7c5f23\",\n \"id\": \"GHSA-qw69-rqj8-6qw8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 770\n ],\n \"description\": \"### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload\",\n \"published\": \"2023-04-19T18:15:45Z\",\n \"updated\": \"2023-11-06T05:02:06Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-4" + ], + "cci": [ + "CCI-001090" + ], + "cwe": [ + "CWE-226" + ], + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "ratings": "GITHUB - medium", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "id": "GHSA-86wm-rrjm-8wh8", + "desc": "Description: ### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"ebc03317-a0b4-4b53-9cd0-7ae4281c02e6\",\n \"id\": \"GHSA-86wm-rrjm-8wh8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 226\n ],\n \"description\": \"### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.\",\n \"published\": \"2020-12-02T18:28:18Z\",\n \"updated\": \"2024-02-21T17:23:14Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20" + ], + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "ratings": "GITHUB - low", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-cj7v-27pg-wf7q", + "desc": "Description: ### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"c19b779d-2699-44de-a189-a0d18d8dc953\",\n \"id\": \"GHSA-cj7v-27pg-wf7q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20\n ],\n \"description\": \"### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:34Z\",\n \"updated\": \"2023-01-29T05:06:01Z\",\n \"affects\": [\n {\n \"ref\": \"c1abfd09-121f-418c-befa-4d6b9e164769\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-http@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c1abfd09-121f-418c-befa-4d6b9e164769\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-http\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-130" + ], + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "ratings": "GITHUB - medium", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "id": "GHSA-hmr7-m48g-48f6", + "desc": "Description: ### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"a2897b13-bdeb-4a6c-802e-abf09fef10a9\",\n \"id\": \"GHSA-hmr7-m48g-48f6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 130\n ],\n \"description\": \"### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \\\"+\\\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.\",\n \"published\": \"2023-09-14T16:17:27Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"c1abfd09-121f-418c-befa-4d6b9e164769\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-http@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c1abfd09-121f-418c-befa-4d6b9e164769\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-http\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-378", + "CWE-379", + "CWE-552" + ], + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "ratings": "GITHUB - high", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "id": "GHSA-g3wg-6mcf-8jj6", + "desc": "Description: ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442\",\n \"id\": \"GHSA-g3wg-6mcf-8jj6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 378,\n 379,\n 552\n ],\n \"description\": \"### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\\\"java.io.tmpdir\\\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \\\".dir\\\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh\",\n \"published\": \"2020-11-04T17:50:24Z\",\n \"updated\": \"2023-11-27T23:07:53Z\",\n \"affects\": [\n {\n \"ref\": \"71f396a0-0285-465e-8ce3-6eacb47be941\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-webapp@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 71f396a0-0285-465e-8ce3-6eacb47be941\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-webapp\n\n- Version: 9.4.18.v20190429\n\n- Description: Jetty web application support\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "ratings": "GITHUB - low", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "id": "GHSA-58qw-p7qm-5rvh", + "desc": "Description: ### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"76910119-ee18-4144-855b-b2fdab20e33c\",\n \"id\": \"GHSA-58qw-p7qm-5rvh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.\",\n \"published\": \"2023-07-10T21:52:39Z\",\n \"updated\": \"2023-09-05T22:39:32Z\",\n \"affects\": [\n {\n \"ref\": \"39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-xml@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-xml\n\n- Version: 9.4.18.v20190429\n\n- Description: The jetty xml utilities.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "ratings": "GITHUB - medium", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "id": "GHSA-gwcr-j4wh-j3cq", + "desc": "Description: Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d8add710-4eed-448d-b198-ecff8ffe86ea\",\n \"id\": \"GHSA-gwcr-j4wh-j3cq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.\",\n \"published\": \"2021-06-10T15:43:22Z\",\n \"updated\": \"2023-02-01T05:05:51Z\",\n \"affects\": [\n {\n \"ref\": \"7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-servlets@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-servlets\n\n- Version: 9.4.18.v20190429\n\n- Description: Utility Servlets from Jetty\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-149" + ], + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "ratings": "GITHUB - low", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "id": "GHSA-3gh6-v5v9-6v9j", + "desc": "Description: If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"123b8eaf-5572-4945-975d-21ed3c2f101d\",\n \"id\": \"GHSA-3gh6-v5v9-6v9j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 149\n ],\n \"description\": \"If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\\\"' && execCmd.contains(\\\" \\\")) execCmd = \\\"\\\\\\\"\\\" + execCmd + \\\"\\\\\\\"\\\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888\",\n \"published\": \"2023-09-14T16:16:00Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-servlets@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-servlets\n\n- Version: 9.4.18.v20190429\n\n- Description: Utility Servlets from Jetty\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-200", + "CWE-732" + ], + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "ratings": "GITHUB - medium", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "id": "GHSA-269g-pwp5-87pp", + "desc": "Description: ### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"499117ae-d134-4505-8674-ed498531e7a9\",\n \"id\": \"GHSA-269g-pwp5-87pp\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200,\n 732\n ],\n \"description\": \"### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\\\"myfile.txt\\\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\\\"subfolder\\\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).\",\n \"published\": \"2020-10-12T17:33:00Z\",\n \"updated\": \"2023-02-01T05:04:50Z\",\n \"affects\": [\n {\n \"ref\": \"8005328c-f1b3-4ac3-8aa6-1e5013d8cef2\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component junit/junit@4.12 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8005328c-f1b3-4ac3-8aa6-1e5013d8cef2\n\n- Group: junit\n\n- Name: junit\n\n- Version: 4.12\n\n- Description: JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.eclipse.org/legal/epl-v10.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "ratings": "INTERNAL - high" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "INT-f70z-tbpp-4o5d", + "id": "INT-f70z-tbpp-4o5d", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4ad3464b-09c7-40fa-ab51-754f3f196cd4\",\n \"id\": \"INT-f70z-tbpp-4o5d\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"affects\": [\n {\n \"ref\": \"0052b14c-fb6a-404e-89fb-48cad6d2535d\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component net.bytebuddy/byte-buddy@1.9.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0052b14c-fb6a-404e-89fb-48cad6d2535d\n\n- Group: net.bytebuddy\n\n- Name: byte-buddy\n\n- Version: 1.9.7\n\n- Description: Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "ratings": "INTERNAL - low" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "testing", + "id": "INT-63e3-49kp-blqt", + "desc": "Description: testing", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad\",\n \"id\": \"INT-63e3-49kp-blqt\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"description\": \"testing\",\n \"affects\": [\n {\n \"ref\": \"0052b14c-fb6a-404e-89fb-48cad6d2535d\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component net.bytebuddy/byte-buddy@1.9.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0052b14c-fb6a-404e-89fb-48cad6d2535d\n\n- Group: net.bytebuddy\n\n- Name: byte-buddy\n\n- Version: 1.9.7\n\n- Description: Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "ratings": "GITHUB - high", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "id": "GHSA-j8jw-g6fq-mp7h", + "desc": "Description: A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"1f182b73-afb8-424c-8e08-533a0f702076\",\n \"id\": \"GHSA-j8jw-g6fq-mp7h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.\",\n \"published\": \"2022-02-09T22:57:29Z\",\n \"updated\": \"2024-06-27T16:39:59Z\",\n \"affects\": [\n {\n \"ref\": \"8c0378f7-4c0e-4ee3-849d-740b0035c371\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.hibernate/hibernate-core@5.2.18.Final is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8c0378f7-4c0e-4ee3-849d-740b0035c371\n\n- Group: org.hibernate\n\n- Name: hibernate-core\n\n- Version: 5.2.18.Final\n\n- Description: The core O/RM functionality as provided by Hibernate\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"GNU Lesser General Public License\",\n \"url\": \"http://www.gnu.org/licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "ratings": "GITHUB - medium", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "id": "GHSA-8grg-q944-cch5", + "desc": "Description: A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8ba20df5-3877-4825-a8f2-b52e2d2f86d8\",\n \"id\": \"GHSA-8grg-q944-cch5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.\",\n \"published\": \"2022-02-10T23:05:04Z\",\n \"updated\": \"2024-06-27T18:05:49Z\",\n \"affects\": [\n {\n \"ref\": \"8c0378f7-4c0e-4ee3-849d-740b0035c371\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.hibernate/hibernate-core@5.2.18.Final is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8c0378f7-4c0e-4ee3-849d-740b0035c371\n\n- Group: org.hibernate\n\n- Name: hibernate-core\n\n- Version: 5.2.18.Final\n\n- Description: The core O/RM functionality as provided by Hibernate\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"GNU Lesser General Public License\",\n \"url\": \"http://www.gnu.org/licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "ratings": "GITHUB - critical", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "id": "GHSA-hwj3-m3p6-hj38", + "desc": "Description: dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "impact": 1, + "code": "{\n \"bom-ref\": \"55ebe39e-12f6-4360-aeba-9913ef7efb68\",\n \"id\": \"GHSA-hwj3-m3p6-hj38\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.\",\n \"published\": \"2020-06-05T16:13:36Z\",\n \"updated\": \"2023-01-27T05:02:30Z\",\n \"affects\": [\n {\n \"ref\": \"627bb70b-4b85-4801-8239-f03de04ca5db\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.dom4j/dom4j@2.1.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 627bb70b-4b85-4801-8239-f03de04ca5db\n\n- Group: org.dom4j\n\n- Name: dom4j\n\n- Version: 2.1.1\n\n- Description: flexible XML framework for Java\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"BSD 3-clause New License\",\n \"url\": \"https://github.com/dom4j/dom4j/blob/master/LICENSE\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-79" + ], + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "ratings": "GITHUB - medium", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "id": "GHSA-7r82-7xv7-xcpj", + "desc": "Description: Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8c0002e8-9326-40f7-9209-51020755ff02\",\n \"id\": \"GHSA-7r82-7xv7-xcpj\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 79\n ],\n \"description\": \"Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\",\n \"published\": \"2021-06-03T23:40:23Z\",\n \"updated\": \"2023-02-01T05:05:30Z\",\n \"affects\": [\n {\n \"ref\": \"893beba4-580b-4ada-a4cf-067fbe145507\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.apache.httpcomponents/httpclient@4.5.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 893beba4-580b-4ada-a4cf-067fbe145507\n\n- Group: org.apache.httpcomponents\n\n- Name: httpclient\n\n- Version: 4.5.7\n\n- Description: Apache HttpComponents Client\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "ratings": "GITHUB - critical", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "id": "GHSA-jvfv-hrrc-6q72", + "desc": "Description: The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7b0674fc-e326-47d0-b34b-b5bfb523784b\",\n \"id\": \"GHSA-jvfv-hrrc-6q72\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.\",\n \"published\": \"2022-03-05T00:00:45Z\",\n \"updated\": \"2023-01-27T05:02:46Z\",\n \"affects\": [\n {\n \"ref\": \"ab3bfc00-8d35-4a4d-b314-86573681d910\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.liquibase/liquibase-core@3.6.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: ab3bfc00-8d35-4a4d-b314-86573681d910\n\n- Group: org.liquibase\n\n- Name: liquibase-core\n\n- Version: 3.6.3\n\n- Description: Liquibase is a tool for managing and executing database changes.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-410" + ], + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "ratings": "GITHUB - high", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-wgmr-mf83-7x4j", + "desc": "Description: ### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c3fdf61d-7886-423b-8a29-b6ab6790c127\",\n \"id\": \"GHSA-wgmr-mf83-7x4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 410\n ],\n \"description\": \"### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:40Z\",\n \"updated\": \"2023-07-24T19:39:20Z\",\n \"affects\": [\n {\n \"ref\": \"55521fe9-aed2-403e-9df2-75fc5af90f54\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 55521fe9-aed2-403e-9df2-75fc5af90f54\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "ratings": "GITHUB - medium", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "id": "GHSA-qppj-fm5r-hxr3", + "desc": "Description: ## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"affa7af3-427f-4223-8028-d9ac45e80e08\",\n \"id\": \"GHSA-qppj-fm5r-hxr3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.\",\n \"published\": \"2023-10-10T21:28:24Z\",\n \"updated\": \"2024-06-21T21:34:00Z\",\n \"affects\": [\n {\n \"ref\": \"55521fe9-aed2-403e-9df2-75fc5af90f54\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 55521fe9-aed2-403e-9df2-75fc5af90f54\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + }, + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-common@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: f4a06b14-3945-4381-b3dd-b46407b02b6b\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-common\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "ratings": "GITHUB - high", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "id": "GHSA-rggv-cv7r-mw98", + "desc": "Description: ### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"bc8ec43b-7cba-4167-9a9d-901fcb443ac8\",\n \"id\": \"GHSA-rggv-cv7r-mw98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.\",\n \"published\": \"2024-02-26T20:13:46Z\",\n \"updated\": \"2024-05-02T18:38:19Z\",\n \"affects\": [\n {\n \"ref\": \"f4a06b14-3945-4381-b3dd-b46407b02b6b\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-common@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: f4a06b14-3945-4381-b3dd-b46407b02b6b\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-common\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-190" + ], + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "ratings": "GITHUB - high", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "id": "GHSA-wgh7-54f2-x98r", + "desc": "Description: An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c8bd5d7e-e9be-459c-b6e2-05de86a00bb9\",\n \"id\": \"GHSA-wgh7-54f2-x98r\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 190\n ],\n \"description\": \"An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634\",\n \"published\": \"2023-10-10T21:16:23Z\",\n \"updated\": \"2024-06-21T21:33:57Z\",\n \"affects\": [\n {\n \"ref\": \"d2a5e2bf-ead6-4768-866a-385166eb6709\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: d2a5e2bf-ead6-4768-866a-385166eb6709\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-hpack\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-295" + ], + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "ratings": "GITHUB - medium", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "id": "GHSA-w4g2-9hj6-5472", + "desc": "Description: Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f987bc98-65f5-402b-8b39-7e8e3e730ebe\",\n \"id\": \"GHSA-w4g2-9hj6-5472\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 295\n ],\n \"description\": \"Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.\",\n \"published\": \"2018-10-18T18:06:08Z\",\n \"updated\": \"2023-01-09T05:03:38Z\",\n \"affects\": [\n {\n \"ref\": \"2687d928-5b18-4ce5-ab4c-8ef513f0b48c\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.rabbitmq/amqp-client@4.4.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 2687d928-5b18-4ce5-ab4c-8ef513f0b48c\n\n- Group: com.rabbitmq\n\n- Name: amqp-client\n\n- Version: 4.4.1\n\n- Description: The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"MPL-1.1\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "ratings": "GITHUB - medium, GITHUB - info", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "id": "GHSA-mm8h-8587-p46h", + "desc": "Description: ### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5acc2eee-8433-4a66-b9c5-3dcc7be5b29a\",\n \"id\": \"GHSA-mm8h-8587-p46h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n },\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"info\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \\\"A\\\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\\\"Send Finish\\\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\\\"Received Length : \\\" + s.length()); }else{ System.out.println(\\\"null\\\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.\",\n \"published\": \"2023-10-24T01:49:09Z\",\n \"updated\": \"2023-11-05T05:04:23Z\",\n \"affects\": [\n {\n \"ref\": \"2687d928-5b18-4ce5-ab4c-8ef513f0b48c\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.rabbitmq/amqp-client@4.4.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 2687d928-5b18-4ce5-ab4c-8ef513f0b48c\n\n- Group: com.rabbitmq\n\n- Name: amqp-client\n\n- Version: 4.4.1\n\n- Description: The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"MPL-1.1\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "ratings": "GITHUB - unknown", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "id": "GHSA-h376-j262-vhq6", + "desc": "Description: ### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"815a1358-2bd4-4028-bd3e-8219747c78f6\",\n \"id\": \"GHSA-h376-j262-vhq6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"unknown\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.\",\n \"published\": \"2022-01-06T23:55:09Z\",\n \"updated\": \"2023-02-25T00:31:20Z\",\n \"affects\": [\n {\n \"ref\": \"c19e7b95-5753-489e-b720-c9dd79f15cc8\"\n }\n ]\n}", + "results": [ + { + "status": "skipped", + "code_desc": "Component com.h2database/h2@1.4.197 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c19e7b95-5753-489e-b720-c9dd79f15cc8\n\n- Group: com.h2database\n\n- Name: h2\n\n- Version: 1.4.197\n\n- Description: H2 Database Engine\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"MPL 2.0 or EPL 1.0\",\n \"url\": \"http://h2database.com/html/license.html\"\n }\n }\n]", + "start_time": "", + "skip_message": "Manual review required because a CycloneDX rating severity is set to `info` or `unknown`." + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-88" + ], + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "ratings": "GITHUB - info", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "id": "GHSA-45hx-wfhj-473x", + "desc": "Description: H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"c8a50465-16df-44e0-84e9-7acff5870a51\",\n \"id\": \"GHSA-45hx-wfhj-473x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"info\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 88\n ],\n \"description\": \"H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.\",\n \"published\": \"2022-01-21T23:07:39Z\",\n \"updated\": \"2023-08-18T15:47:05Z\",\n \"affects\": [\n {\n \"ref\": \"c19e7b95-5753-489e-b720-c9dd79f15cc8\"\n }\n ]\n}", + "results": [ + { + "status": "skipped", + "code_desc": "Component com.h2database/h2@1.4.197 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c19e7b95-5753-489e-b720-c9dd79f15cc8\n\n- Group: com.h2database\n\n- Name: h2\n\n- Version: 1.4.197\n\n- Description: H2 Database Engine\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"MPL 2.0 or EPL 1.0\",\n \"url\": \"http://h2database.com/html/license.html\"\n }\n }\n]", + "start_time": "", + "skip_message": "Manual review required because a CycloneDX rating severity is set to `info` or `unknown`." + } + ] + } + ], + "sha256": "22b4ee8c7d3d66424b9fe6ad562b5434f836acc2fb780c89216dbea1d0c21bc7" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ], + "affectingVulnerabilities": [ + "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a" + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ], + "affectingVulnerabilities": [ + "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad" + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar", + "affectingVulnerabilities": [ + "55ebe39e-12f6-4360-aeba-9913ef7efb68" + ] + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar", + "affectingVulnerabilities": [ + "f2fa9b19-418a-4901-9840-a8631227701e", + "00bc944f-fead-400b-8bbd-0c5b56ba2b14" + ] + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ], + "affectingVulnerabilities": [ + "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "bb03c210-ea12-450d-85df-17d81a75ede2" + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ], + "affectingVulnerabilities": [ + "815a1358-2bd4-4028-bd3e-8219747c78f6", + "c8a50465-16df-44e0-84e9-7acff5870a51" + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ], + "affectingVulnerabilities": [ + "1f182b73-afb8-424c-8e08-533a0f702076", + "8ba20df5-3877-4825-a8f2-b52e2d2f86d8" + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "affa7af3-427f-4223-8028-d9ac45e80e08" + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9" + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "affa7af3-427f-4223-8028-d9ac45e80e08" + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ], + "affectingVulnerabilities": [ + "8c0002e8-9326-40f7-9209-51020755ff02" + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ], + "affectingVulnerabilities": [ + "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "343cd240-f667-4770-aecf-ddc11f9d0172", + "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "97981cb2-9228-4b8b-a172-ad12f550a19f", + "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "c037af59-a132-4727-8cc3-c6095c490df7", + "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "e141c668-bc18-4738-b3b6-e7ba1057d124", + "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "3ad04380-a25c-41d8-8fad-259c2561795b", + "86f78c35-adfb-48e4-9428-88084373e1c0", + "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "00033bff-66dc-4a36-ab38-a10b0625409f", + "14e2856b-f78d-4a6d-99eb-470c8566df29", + "c224f923-be9a-4faa-a930-ef4db611bc2b", + "5201940b-1f04-4668-ae86-8261448d817d", + "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "950cff67-088e-4f41-9818-25943c9e17c0", + "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "9edaa51d-929b-457e-aab5-0fffecdb4938", + "6d5189b4-d549-419a-b886-43a62cc43d40", + "135c6dab-529e-4855-ab72-a0138e2110c8", + "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "5c0b94e1-0577-42c9-8028-f244d68f61da" + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c19b779d-2699-44de-a189-a0d18d8dc953", + "a2897b13-bdeb-4a6c-802e-abf09fef10a9" + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6" + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "d8add710-4eed-448d-b198-ecff8ffe86ea", + "123b8eaf-5572-4945-975d-21ed3c2f101d" + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442" + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "76910119-ee18-4144-855b-b2fdab20e33c" + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ], + "affectingVulnerabilities": [ + "499117ae-d134-4505-8674-ed498531e7a9" + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ], + "affectingVulnerabilities": [ + "7b0674fc-e326-47d0-b34b-b5bfb523784b" + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ], + "affectingVulnerabilities": [ + "0d58391c-d0fe-4b46-8f8d-6a49db7fb354" + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ], + "affectingVulnerabilities": [ + "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "0d58391c-d0fe-4b46-8f8d-6a49db7fb354" + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ], + "affectingVulnerabilities": [ + "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "5ab41975-23cc-45e0-9a13-be603ea00595", + "dff65990-715e-4f71-aace-60d4436af108", + "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "38c08d91-3487-44c4-b258-d5a274a4ad05", + "da9ea5d3-a3c2-4d1b-8425-a799e47a804f" + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:dbaf64af-0eec-4ff1-bffe-8b642d1d16c9", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:28Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ], + "raw": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:dbaf64af-0eec-4ff1-bffe-8b642d1d16c9", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:28Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + }, + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar" + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "vulnerabilities": [ + { + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "id": "GHSA-5mg8-w23w-74h3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 173, + 200, + 378, + 732 + ], + "description": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z", + "affects": [ + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967" + } + ] + }, + { + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "id": "GHSA-7g45-4rm6-3mm3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 379, + 552 + ], + "description": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z", + "affects": [ + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967" + } + ] + }, + { + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "id": "GHSA-5p34-5m6p-p58g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "id": "GHSA-27xj-rqx5-2255", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "id": "GHSA-58pp-9c76-5625", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "id": "GHSA-v3xw-c963-f5hc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "id": "GHSA-h4rc-386g-6m85", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "id": "GHSA-9vvp-fxw6-jcxr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "id": "GHSA-rf6r-2c4q-2vwg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "id": "GHSA-758m-v56v-grj4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "id": "GHSA-95cm-88f5-f2c7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "id": "GHSA-c2q3-4qrh-fm48", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "id": "GHSA-mc6h-4qgp-37qh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "id": "GHSA-j823-4qch-3rgm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "id": "GHSA-c265-37vj-cwcc", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "id": "GHSA-4w82-r329-3q67", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "id": "GHSA-rpr3-cw39-3pxh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "id": "GHSA-fmmc-742q-jg75", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "id": "GHSA-gjmw-vf9h-g25v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "id": "GHSA-mx7p-6679-8g3q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "id": "GHSA-q93h-jc49-78gg", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "id": "GHSA-p43x-xfjf-5jhr", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "id": "GHSA-h3cw-g4mq-c5x2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 94, + 502 + ], + "description": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "id": "GHSA-qjw2-hr98-qgfh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "id": "GHSA-8w26-6f25-cm9x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "id": "GHSA-m6x4-97wx-4q27", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "id": "GHSA-v585-23hc-c647", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "id": "GHSA-r695-7vr9-jgc2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "id": "GHSA-vfqx-33qm-g869", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "id": "GHSA-f9xh-2qgp-cq57", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "id": "GHSA-cvm9-fjm9-3572", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "id": "GHSA-9gph-22xh-8x98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "id": "GHSA-89qr-369f-5m5x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "id": "GHSA-8c4j-34r4-xr8g", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "id": "GHSA-9m6f-7xcq-8vf8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "id": "GHSA-5r5r-6hpj-8gg9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "id": "GHSA-wh8g-3j2c-rqj5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "id": "GHSA-r3gr-cxrf-hg25", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502, + 913 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "id": "GHSA-jjjh-jjxp-wpff", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "id": "GHSA-5949-rw7g-wx7w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "id": "GHSA-57j2-w4cx-62h2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 787 + ], + "description": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "id": "GHSA-288c-cq4h-88gq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "id": "GHSA-gww7-p5w4-wrfv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "id": "GHSA-rgv9-q543-rqg4", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 502 + ], + "description": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "id": "GHSA-fqwf-pjwf-7vqv", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z", + "affects": [ + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + } + ] + }, + { + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "id": "GHSA-8jpx-m2wh-2v34", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z", + "affects": [ + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30" + } + ] + }, + { + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "id": "GHSA-3mcp-9wr4-cjqf", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 74 + ], + "description": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z", + "affects": [ + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30" + } + ] + }, + { + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "id": "GHSA-rvwf-54qp-4r6v", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 776 + ], + "description": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "id": "GHSA-9w3m-gqgf-c4p9", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "id": "GHSA-w37g-rhq8-7m4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "id": "GHSA-c4r9-r8fh-9vj2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "id": "GHSA-hhhw-99gj-p3c3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "id": "GHSA-98wm-3w3q-mw94", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 121, + 787 + ], + "description": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "id": "GHSA-3mc7-4q67-w48m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 776 + ], + "description": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "id": "GHSA-mjmj-j48q-9wg2", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 20, + 502 + ], + "description": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z", + "affects": [ + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + } + ] + }, + { + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "id": "GHSA-668q-qrv7-99fm", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z", + "affects": [ + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49" + } + ] + }, + { + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "id": "GHSA-vmq6-5m68-f53m", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z", + "affects": [ + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + } + ] + }, + { + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "id": "GHSA-m394-8rww-3jr7", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "id": "GHSA-m6cp-vxjx-65j6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 613 + ], + "description": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "id": "GHSA-26vr-8j45-3r4w", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 551, + 755 + ], + "description": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "id": "GHSA-p26g-97m4-6q7c", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "id": "GHSA-qw69-rqj8-6qw8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400, + 770 + ], + "description": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "id": "GHSA-86wm-rrjm-8wh8", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 226 + ], + "description": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z", + "affects": [ + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50" + } + ] + }, + { + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "id": "GHSA-cj7v-27pg-wf7q", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 20 + ], + "description": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z", + "affects": [ + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769" + } + ] + }, + { + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "id": "GHSA-hmr7-m48g-48f6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 130 + ], + "description": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769" + } + ] + }, + { + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "id": "GHSA-g3wg-6mcf-8jj6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 378, + 379, + 552 + ], + "description": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z", + "affects": [ + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941" + } + ] + }, + { + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "id": "GHSA-58qw-p7qm-5rvh", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z", + "affects": [ + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9" + } + ] + }, + { + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "id": "GHSA-gwcr-j4wh-j3cq", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200 + ], + "description": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z", + "affects": [ + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc" + } + ] + }, + { + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "id": "GHSA-3gh6-v5v9-6v9j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "low", + "method": "other" + } + ], + "cwes": [ + 149 + ], + "description": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z", + "affects": [ + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc" + } + ] + }, + { + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "id": "GHSA-269g-pwp5-87pp", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 200, + 732 + ], + "description": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z", + "affects": [ + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2" + } + ] + }, + { + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "id": "INT-f70z-tbpp-4o5d", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "high", + "method": "other" + } + ], + "affects": [ + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d" + } + ] + }, + { + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "id": "INT-63e3-49kp-blqt", + "source": { + "name": "INTERNAL" + }, + "ratings": [ + { + "source": { + "name": "INTERNAL" + }, + "severity": "low", + "method": "other" + } + ], + "description": "testing", + "affects": [ + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d" + } + ] + }, + { + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "id": "GHSA-j8jw-g6fq-mp7h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z", + "affects": [ + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371" + } + ] + }, + { + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "id": "GHSA-8grg-q944-cch5", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 89 + ], + "description": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z", + "affects": [ + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371" + } + ] + }, + { + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "id": "GHSA-hwj3-m3p6-hj38", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z", + "affects": [ + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db" + } + ] + }, + { + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "id": "GHSA-7r82-7xv7-xcpj", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 79 + ], + "description": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z", + "affects": [ + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507" + } + ] + }, + { + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "id": "GHSA-jvfv-hrrc-6q72", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "critical", + "method": "other" + } + ], + "cwes": [ + 611 + ], + "description": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z", + "affects": [ + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910" + } + ] + }, + { + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "id": "GHSA-wgmr-mf83-7x4j", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400, + 410 + ], + "description": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z", + "affects": [ + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54" + } + ] + }, + { + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "id": "GHSA-rggv-cv7r-mw98", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z", + "affects": [ + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b" + } + ] + }, + { + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "id": "GHSA-qppj-fm5r-hxr3", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z", + "affects": [ + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b" + } + ] + }, + { + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "id": "GHSA-wgh7-54f2-x98r", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "high", + "method": "other" + } + ], + "cwes": [ + 190 + ], + "description": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z", + "affects": [ + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709" + } + ] + }, + { + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "id": "GHSA-w4g2-9hj6-5472", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + } + ], + "cwes": [ + 295 + ], + "description": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z", + "affects": [ + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + } + ] + }, + { + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "id": "GHSA-mm8h-8587-p46h", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "medium", + "method": "other" + }, + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "info", + "method": "other" + } + ], + "cwes": [ + 400 + ], + "description": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z", + "affects": [ + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + } + ] + }, + { + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "id": "GHSA-h376-j262-vhq6", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "unknown", + "method": "other" + } + ], + "cwes": [ + 502 + ], + "description": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z", + "affects": [ + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8" + } + ] + }, + { + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "id": "GHSA-45hx-wfhj-473x", + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "ratings": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + }, + "severity": "info", + "method": "other" + } + ], + "cwes": [ + 88 + ], + "description": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z", + "affects": [ + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8" + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf.json new file mode 100644 index 000000000..14fbc9db5 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-dropwizard-vulns-hdf.json @@ -0,0 +1,13995 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/602de70a-7107-4ac8-9ad2-3c1c816892a7", + "title": "test 9 CycloneDX BOM Report", + "version": "SNAPSHOT", + "summary": "This is the project I want to use to generate data to understand the schema a bit better", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-173", + "CWE-200", + "CWE-378", + "CWE-732" + ], + "bom-ref": "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "ratings": "GITHUB - low", + "published": "2021-03-25T17:04:19Z", + "updated": "2023-11-09T18:44:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "id": "GHSA-5mg8-w23w-74h3", + "desc": "Description: A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"b7a12947-7a8d-4031-b59d-640d33dbad6a\",\n \"id\": \"GHSA-5mg8-w23w-74h3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 173,\n 200,\n 378,\n 732\n ],\n \"description\": \"A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.\",\n \"published\": \"2021-03-25T17:04:19Z\",\n \"updated\": \"2023-11-09T18:44:38Z\",\n \"affects\": [\n {\n \"ref\": \"1a021b8e-d143-4072-84f0-0e18292f1967\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.google.guava/guava@24.1.1-jre is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1a021b8e-d143-4072-84f0-0e18292f1967\n\n- Group: com.google.guava\n\n- Name: guava\n\n- Version: 24.1.1-jre\n\n- Description: Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-379", + "CWE-552" + ], + "bom-ref": "bb03c210-ea12-450d-85df-17d81a75ede2", + "ratings": "GITHUB - medium", + "published": "2023-06-14T18:30:38Z", + "updated": "2024-02-13T21:49:15Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "id": "GHSA-7g45-4rm6-3mm3", + "desc": "Description: Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bb03c210-ea12-450d-85df-17d81a75ede2\",\n \"id\": \"GHSA-7g45-4rm6-3mm3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 379,\n 552\n ],\n \"description\": \"Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.\",\n \"published\": \"2023-06-14T18:30:38Z\",\n \"updated\": \"2024-02-13T21:49:15Z\",\n \"affects\": [\n {\n \"ref\": \"1a021b8e-d143-4072-84f0-0e18292f1967\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.google.guava/guava@24.1.1-jre is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1a021b8e-d143-4072-84f0-0e18292f1967\n\n- Group: com.google.guava\n\n- Name: guava\n\n- Version: 24.1.1-jre\n\n- Description: Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "ratings": "GITHUB - critical", + "published": "2020-04-23T21:08:40Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "id": "GHSA-5p34-5m6p-p58g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).", + "impact": 1, + "code": "{\n \"bom-ref\": \"d097e083-0b0a-4e3c-9f29-fc936f27ec6f\",\n \"id\": \"GHSA-5p34-5m6p-p58g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).\",\n \"published\": \"2020-04-23T21:08:40Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:44Z", + "updated": "2023-02-01T05:02:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "id": "GHSA-27xj-rqx5-2255", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f57dc81d-6b2d-4060-8c15-7613c1a37981\",\n \"id\": \"GHSA-27xj-rqx5-2255\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).\",\n \"published\": \"2020-05-15T18:58:44Z\",\n \"updated\": \"2023-02-01T05:02:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "ratings": "GITHUB - high", + "published": "2020-06-10T21:12:41Z", + "updated": "2023-02-01T05:03:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "id": "GHSA-58pp-9c76-5625", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"600ecfb9-66c7-4fc2-88e8-2bf9efe40628\",\n \"id\": \"GHSA-58pp-9c76-5625\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).\",\n \"published\": \"2020-06-10T21:12:41Z\",\n \"updated\": \"2023-02-01T05:03:03Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:50Z", + "updated": "2023-02-01T05:03:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "id": "GHSA-v3xw-c963-f5hc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"36dba0ba-dc6c-4f8a-822c-e51ca444d1bf\",\n \"id\": \"GHSA-v3xw-c963-f5hc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).\",\n \"published\": \"2020-05-15T18:58:50Z\",\n \"updated\": \"2023-02-01T05:03:05Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "ratings": "GITHUB - high", + "published": "2020-04-23T20:19:02Z", + "updated": "2024-03-15T00:41:35Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "id": "GHSA-h4rc-386g-6m85", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"e5cba611-d1ce-48a5-8fc2-ac68ba133947\",\n \"id\": \"GHSA-h4rc-386g-6m85\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).\",\n \"published\": \"2020-04-23T20:19:02Z\",\n \"updated\": \"2024-03-15T00:41:35Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:47Z", + "updated": "2024-03-15T00:48:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "id": "GHSA-9vvp-fxw6-jcxr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9e292de9-f4f7-4d45-9ecb-846c4b972f6f\",\n \"id\": \"GHSA-9vvp-fxw6-jcxr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).\",\n \"published\": \"2020-05-15T18:58:47Z\",\n \"updated\": \"2024-03-15T00:48:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "343cd240-f667-4770-aecf-ddc11f9d0172", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:58:54Z", + "updated": "2024-03-15T00:50:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "id": "GHSA-rf6r-2c4q-2vwg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"343cd240-f667-4770-aecf-ddc11f9d0172\",\n \"id\": \"GHSA-rf6r-2c4q-2vwg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).\",\n \"published\": \"2020-05-15T18:58:54Z\",\n \"updated\": \"2024-03-15T00:50:18Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "ratings": "GITHUB - high", + "published": "2020-04-23T21:36:03Z", + "updated": "2024-06-25T13:46:45Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "id": "GHSA-758m-v56v-grj4", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0f7e16f6-f01e-4cc0-a835-08f3ba72625f\",\n \"id\": \"GHSA-758m-v56v-grj4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.\",\n \"published\": \"2020-04-23T21:36:03Z\",\n \"updated\": \"2024-06-25T13:46:45Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "ratings": "GITHUB - high", + "published": "2020-04-23T16:32:59Z", + "updated": "2024-07-03T21:10:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "id": "GHSA-95cm-88f5-f2c7", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c2e5f22d-f91f-4689-bdb1-782974d6fa7a\",\n \"id\": \"GHSA-95cm-88f5-f2c7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).\",\n \"published\": \"2020-04-23T16:32:59Z\",\n \"updated\": \"2024-07-03T21:10:50Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:50Z", + "updated": "2023-02-01T05:04:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "id": "GHSA-c2q3-4qrh-fm48", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"49fa1888-bfa1-480a-8564-3b62b8bf5c3c\",\n \"id\": \"GHSA-c2q3-4qrh-fm48\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).\",\n \"published\": \"2020-06-18T14:44:50Z\",\n \"updated\": \"2023-02-01T05:04:14Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "97981cb2-9228-4b8b-a172-ad12f550a19f", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:43Z", + "updated": "2024-03-15T00:37:17Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "id": "GHSA-mc6h-4qgp-37qh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"97981cb2-9228-4b8b-a172-ad12f550a19f\",\n \"id\": \"GHSA-mc6h-4qgp-37qh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).\",\n \"published\": \"2020-06-18T14:44:43Z\",\n \"updated\": \"2024-03-15T00:37:17Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:46Z", + "updated": "2024-03-15T00:39:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "id": "GHSA-j823-4qch-3rgm", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"941d2fac-724b-4a2c-a8ba-c5a434fa3bf7\",\n \"id\": \"GHSA-j823-4qch-3rgm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).\",\n \"published\": \"2020-06-18T14:44:46Z\",\n \"updated\": \"2024-03-15T00:39:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "ratings": "GITHUB - high", + "published": "2020-06-18T14:44:48Z", + "updated": "2024-06-25T13:46:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "id": "GHSA-c265-37vj-cwcc", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7e3a7481-266e-4cb7-af3b-94dcaf462942\",\n \"id\": \"GHSA-c265-37vj-cwcc\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).\",\n \"published\": \"2020-06-18T14:44:48Z\",\n \"updated\": \"2024-06-25T13:46:04Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:14Z", + "updated": "2023-06-08T19:02:12Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "id": "GHSA-4w82-r329-3q67", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.", + "impact": 1, + "code": "{\n \"bom-ref\": \"db7cfe67-0b1d-4504-af8b-da26e12af73a\",\n \"id\": \"GHSA-4w82-r329-3q67\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.\",\n \"published\": \"2020-03-04T20:52:14Z\",\n \"updated\": \"2023-06-08T19:02:12Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "ratings": "GITHUB - high", + "published": "2022-07-15T19:41:47Z", + "updated": "2023-08-18T15:45:27Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "id": "GHSA-rpr3-cw39-3pxh", + "desc": "Description: The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"7c0af63e-ef57-43aa-9c91-d79c7e37ab20\",\n \"id\": \"GHSA-rpr3-cw39-3pxh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.\",\n \"published\": \"2022-07-15T19:41:47Z\",\n \"updated\": \"2023-08-18T15:45:27Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c037af59-a132-4727-8cc3-c6095c490df7", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:27Z", + "updated": "2023-09-14T14:55:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "id": "GHSA-fmmc-742q-jg75", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"c037af59-a132-4727-8cc3-c6095c490df7\",\n \"id\": \"GHSA-fmmc-742q-jg75\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.\",\n \"published\": \"2019-11-13T00:32:27Z\",\n \"updated\": \"2023-09-14T14:55:20Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "ratings": "GITHUB - critical", + "published": "2019-11-13T00:32:38Z", + "updated": "2023-09-14T14:55:25Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "id": "GHSA-gjmw-vf9h-g25v", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.", + "impact": 1, + "code": "{\n \"bom-ref\": \"0b8d112a-b683-414d-93b6-48fa2cabb7c9\",\n \"id\": \"GHSA-gjmw-vf9h-g25v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.\",\n \"published\": \"2019-11-13T00:32:38Z\",\n \"updated\": \"2023-09-14T14:55:25Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "ratings": "GITHUB - critical", + "published": "2019-10-28T20:51:15Z", + "updated": "2024-03-15T00:57:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "id": "GHSA-mx7p-6679-8g3q", + "desc": "Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.", + "impact": 1, + "code": "{\n \"bom-ref\": \"e8b21aeb-ce1d-4df2-8102-577b813e712f\",\n \"id\": \"GHSA-mx7p-6679-8g3q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.\",\n \"published\": \"2019-10-28T20:51:15Z\",\n \"updated\": \"2024-03-15T00:57:37Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "e141c668-bc18-4738-b3b6-e7ba1057d124", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:10Z", + "updated": "2023-09-14T15:09:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "id": "GHSA-q93h-jc49-78gg", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).", + "impact": 1, + "code": "{\n \"bom-ref\": \"e141c668-bc18-4738-b3b6-e7ba1057d124\",\n \"id\": \"GHSA-q93h-jc49-78gg\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to `com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig` (aka `ibatis-sqlmap`).\",\n \"published\": \"2020-05-15T18:59:10Z\",\n \"updated\": \"2023-09-14T15:09:40Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "ratings": "GITHUB - critical", + "published": "2020-05-15T18:59:01Z", + "updated": "2024-03-15T00:20:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "id": "GHSA-p43x-xfjf-5jhr", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).", + "impact": 1, + "code": "{\n \"bom-ref\": \"7aec5714-d04e-4e86-8f4c-51f5cf2568d9\",\n \"id\": \"GHSA-p43x-xfjf-5jhr\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).\",\n \"published\": \"2020-05-15T18:59:01Z\",\n \"updated\": \"2024-03-15T00:20:09Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-94", + "CWE-502" + ], + "bom-ref": "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:14:51Z", + "updated": "2023-09-14T15:44:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "id": "GHSA-h3cw-g4mq-c5x2", + "desc": "Description: This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6af6635c-bedd-40e5-88b8-324d3a80a33e\",\n \"id\": \"GHSA-h3cw-g4mq-c5x2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 94,\n 502\n ],\n \"description\": \"This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).\",\n \"published\": \"2021-12-09T19:14:51Z\",\n \"updated\": \"2023-09-14T15:44:55Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "3ad04380-a25c-41d8-8fad-259c2561795b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:36Z", + "updated": "2023-09-14T15:47:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "id": "GHSA-qjw2-hr98-qgfh", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"3ad04380-a25c-41d8-8fad-259c2561795b\",\n \"id\": \"GHSA-qjw2-hr98-qgfh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.\",\n \"published\": \"2021-12-09T19:15:36Z\",\n \"updated\": \"2023-09-14T15:47:50Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "86f78c35-adfb-48e4-9428-88084373e1c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:02Z", + "updated": "2023-09-14T15:52:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "id": "GHSA-8w26-6f25-cm9x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"86f78c35-adfb-48e4-9428-88084373e1c0\",\n \"id\": \"GHSA-8w26-6f25-cm9x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.\",\n \"published\": \"2021-12-09T19:16:02Z\",\n \"updated\": \"2023-09-14T15:52:49Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:26Z", + "updated": "2023-09-14T15:53:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-m6x4-97wx-4q27", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d73d38a-3ff6-4fac-8c03-b09b64e9e537\",\n \"id\": \"GHSA-m6x4-97wx-4q27\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:26Z\",\n \"updated\": \"2023-09-14T15:53:30Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "00033bff-66dc-4a36-ab38-a10b0625409f", + "ratings": "GITHUB - high", + "published": "2021-11-19T20:13:06Z", + "updated": "2023-09-14T15:59:33Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "id": "GHSA-v585-23hc-c647", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00033bff-66dc-4a36-ab38-a10b0625409f\",\n \"id\": \"GHSA-v585-23hc-c647\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.\",\n \"published\": \"2021-11-19T20:13:06Z\",\n \"updated\": \"2023-09-14T15:59:33Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "14e2856b-f78d-4a6d-99eb-470c8566df29", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:51Z", + "updated": "2023-09-14T16:01:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "id": "GHSA-r695-7vr9-jgc2", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"14e2856b-f78d-4a6d-99eb-470c8566df29\",\n \"id\": \"GHSA-r695-7vr9-jgc2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:16:51Z\",\n \"updated\": \"2023-09-14T16:01:31Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "c224f923-be9a-4faa-a930-ef4db611bc2b", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:59Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "id": "GHSA-vfqx-33qm-g869", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c224f923-be9a-4faa-a930-ef4db611bc2b\",\n \"id\": \"GHSA-vfqx-33qm-g869\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.\",\n \"published\": \"2021-12-09T19:16:59Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5201940b-1f04-4668-ae86-8261448d817d", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:42Z", + "updated": "2023-09-14T16:04:22Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "id": "GHSA-f9xh-2qgp-cq57", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5201940b-1f04-4668-ae86-8261448d817d\",\n \"id\": \"GHSA-f9xh-2qgp-cq57\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource`.\",\n \"published\": \"2021-12-09T19:16:42Z\",\n \"updated\": \"2023-09-14T16:04:22Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:10Z", + "updated": "2023-09-14T16:07:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-cvm9-fjm9-3572", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd\",\n \"id\": \"GHSA-cvm9-fjm9-3572\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:16:10Z\",\n \"updated\": \"2023-09-14T16:07:00Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:54Z", + "updated": "2023-09-14T16:07:40Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "id": "GHSA-9gph-22xh-8x98", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4fcb77a9-67b3-4b3f-bc01-684b8ba72294\",\n \"id\": \"GHSA-9gph-22xh-8x98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.\",\n \"published\": \"2021-12-09T19:15:54Z\",\n \"updated\": \"2023-09-14T16:07:40Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "950cff67-088e-4f41-9818-25943c9e17c0", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:46Z", + "updated": "2023-09-14T16:08:37Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-89qr-369f-5m5x", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"950cff67-088e-4f41-9818-25943c9e17c0\",\n \"id\": \"GHSA-89qr-369f-5m5x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:15:46Z\",\n \"updated\": \"2023-09-14T16:08:37Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:18Z", + "updated": "2023-09-14T16:13:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "id": "GHSA-8c4j-34r4-xr8g", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"53eda8c2-268a-4866-89ac-234bfe7f74ce\",\n \"id\": \"GHSA-8c4j-34r4-xr8g\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.\",\n \"published\": \"2021-12-09T19:16:18Z\",\n \"updated\": \"2023-09-14T16:13:01Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "9edaa51d-929b-457e-aab5-0fffecdb4938", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:16:34Z", + "updated": "2023-09-14T16:15:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "id": "GHSA-9m6f-7xcq-8vf8", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"9edaa51d-929b-457e-aab5-0fffecdb4938\",\n \"id\": \"GHSA-9m6f-7xcq-8vf8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.\",\n \"published\": \"2021-12-09T19:16:34Z\",\n \"updated\": \"2023-09-14T16:15:44Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "6d5189b4-d549-419a-b886-43a62cc43d40", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:24Z", + "updated": "2023-11-21T11:40:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "id": "GHSA-5r5r-6hpj-8gg9", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d5189b4-d549-419a-b886-43a62cc43d40\",\n \"id\": \"GHSA-5r5r-6hpj-8gg9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).\",\n \"published\": \"2021-12-09T19:15:24Z\",\n \"updated\": \"2023-11-21T11:40:53Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "135c6dab-529e-4855-ab72-a0138e2110c8", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:00Z", + "updated": "2024-03-15T00:28:08Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "id": "GHSA-wh8g-3j2c-rqj5", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"135c6dab-529e-4855-ab72-a0138e2110c8\",\n \"id\": \"GHSA-wh8g-3j2c-rqj5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:00Z\",\n \"updated\": \"2024-03-15T00:28:08Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502", + "CWE-913" + ], + "bom-ref": "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ratings": "GITHUB - high", + "published": "2021-12-09T19:15:11Z", + "updated": "2024-06-25T13:47:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "id": "GHSA-r3gr-cxrf-hg25", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"57f41366-73de-4a9c-ba15-4d09c9f60e33\",\n \"id\": \"GHSA-r3gr-cxrf-hg25\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502,\n 913\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.\",\n \"published\": \"2021-12-09T19:15:11Z\",\n \"updated\": \"2024-06-25T13:47:23Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-15T00:14:44Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "id": "GHSA-jjjh-jjxp-wpff", + "desc": "Description: In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"ccd0ef88-c0fe-4a10-a648-c779ce82b888\",\n \"id\": \"GHSA-jjjh-jjxp-wpff\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. This was patched in 2.12.7.1, 2.13.4.2, and 2.14.0. Commits that introduced vulnerable code are https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45, https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1, and https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc. Fix commits are https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea and https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-15T00:14:44Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "ratings": "GITHUB - high", + "published": "2021-01-20T21:20:15Z", + "updated": "2024-03-15T00:16:04Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "id": "GHSA-5949-rw7g-wx7w", + "desc": "Description: A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"726a055c-f364-4cb7-a75a-d3c541dad0fa\",\n \"id\": \"GHSA-5949-rw7g-wx7w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\",\n \"published\": \"2021-01-20T21:20:15Z\",\n \"updated\": \"2024-03-15T00:16:04Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-787" + ], + "bom-ref": "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "ratings": "GITHUB - high", + "published": "2022-03-12T00:00:36Z", + "updated": "2024-03-15T00:24:56Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "id": "GHSA-57j2-w4cx-62h2", + "desc": "Description: jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"75d8b4d7-7c79-4627-b229-8d5e38fc5d8b\",\n \"id\": \"GHSA-57j2-w4cx-62h2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 787\n ],\n \"description\": \"jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects.\",\n \"published\": \"2022-03-12T00:00:36Z\",\n \"updated\": \"2024-03-15T00:24:56Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "ratings": "GITHUB - high", + "published": "2021-02-18T20:51:54Z", + "updated": "2024-03-15T00:31:24Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "id": "GHSA-288c-cq4h-88gq", + "desc": "Description: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"cc0ff323-0529-4064-8a2d-1f7a8e2a1332\",\n \"id\": \"GHSA-288c-cq4h-88gq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.\",\n \"published\": \"2021-02-18T20:51:54Z\",\n \"updated\": \"2024-03-15T00:31:24Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "ratings": "GITHUB - critical", + "published": "2020-03-04T20:52:11Z", + "updated": "2024-03-15T00:52:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "id": "GHSA-gww7-p5w4-wrfv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7c4227e3-a0a9-4361-8eab-6ab5fa9550b2\",\n \"id\": \"GHSA-gww7-p5w4-wrfv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.\",\n \"published\": \"2020-03-04T20:52:11Z\",\n \"updated\": \"2024-03-15T00:52:59Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-502" + ], + "bom-ref": "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "ratings": "GITHUB - high", + "published": "2022-10-03T00:00:31Z", + "updated": "2024-03-24T05:01:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "id": "GHSA-rgv9-q543-rqg4", + "desc": "Description: In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"87742746-bd8b-423d-979d-d9aa81a8ccfd\",\n \"id\": \"GHSA-rgv9-q543-rqg4\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 502\n ],\n \"description\": \"In FasterXML jackson-databind before 2.12.7.1 and in 2.13.x before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.\",\n \"published\": \"2022-10-03T00:00:31Z\",\n \"updated\": \"2024-03-24T05:01:05Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "5c0b94e1-0577-42c9-8028-f244d68f61da", + "ratings": "GITHUB - high", + "published": "2020-05-15T18:59:04Z", + "updated": "2024-07-03T21:10:31Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "id": "GHSA-fqwf-pjwf-7vqv", + "desc": "Description: FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"5c0b94e1-0577-42c9-8028-f244d68f61da\",\n \"id\": \"GHSA-fqwf-pjwf-7vqv\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"FasterXML jackson-databind 2.x before 2.9.10.4 and 2.6.7.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).\",\n \"published\": \"2020-05-15T18:59:04Z\",\n \"updated\": \"2024-07-03T21:10:31Z\",\n \"affects\": [\n {\n \"ref\": \"1e0c53af-376a-4ca0-9d2e-38811dd17cba\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.fasterxml.jackson.core/jackson-databind@2.9.10 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 1e0c53af-376a-4ca0-9d2e-38811dd17cba\n\n- Group: com.fasterxml.jackson.core\n\n- Name: jackson-databind\n\n- Version: 2.9.10\n\n- Description: General data-binding functionality for Jackson: works on core streaming API\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "f2fa9b19-418a-4901-9840-a8631227701e", + "ratings": "GITHUB - high", + "published": "2020-04-10T18:42:20Z", + "updated": "2023-01-09T05:02:18Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-8jpx-m2wh-2v34", + "desc": "Description: ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"f2fa9b19-418a-4901-9840-a8631227701e\",\n \"id\": \"GHSA-8jpx-m2wh-2v34\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 (see [GHSA-3mcp-9wr4-cjqf](https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf)/[CVE-2020-5245](https://github.com/advisories/GHSA-3mcp-9wr4-cjqf)) unfortunately didn't fix the underlying issue completely. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.21** and **2.0.3** or later. We strongly recommend upgrading to one of these versions. The evaluation of EL expressions has been disabled by default now. In order to use some interpolation in the violation messages added to [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html), it has to be explicitly allowed by setting [`SelfValidating#escapeExpressions()`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidating.html#escapeExpressions--) to `false`. It is also recommended to use the `addViolation` methods supporting message parameters instead of EL expressions introduced in Dropwizard 1.3.21 and 2.0.3: * [`ViolationCollector#addViolation(String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, Integer, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.Integer-java.lang.String-java.util.Map-) * [`ViolationCollector#addViolation(String, String, String, Map`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html#addViolation-java.lang.String-java.lang.String-java.lang.String-java.util.Map-) ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.3/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.3/dropwizard-validation/src/main/java/io/dropwizard/validation/InterpolationHelper.java ### References * https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf * https://github.com/dropwizard/dropwizard/pull/3208 * https://github.com/dropwizard/dropwizard/pull/3209 * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-04-10T18:42:20Z\",\n \"updated\": \"2023-01-09T05:02:18Z\",\n \"affects\": [\n {\n \"ref\": \"9623a310-0e79-4f71-b9a7-b7046f1fbf30\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component io.dropwizard/dropwizard-validation@1.3.15 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 9623a310-0e79-4f71-b9a7-b7046f1fbf30\n\n- Group: io.dropwizard\n\n- Name: dropwizard-validation\n\n- Version: 1.3.15", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-74" + ], + "bom-ref": "00bc944f-fead-400b-8bbd-0c5b56ba2b14", + "ratings": "GITHUB - high", + "published": "2020-02-24T17:27:27Z", + "updated": "2024-06-05T16:42:03Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "id": "GHSA-3mcp-9wr4-cjqf", + "desc": "Description: Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\"_\")) { // Sanitize fullName variable by escaping relevant characters such as \"$\" col.addViolation(\"Full name contains invalid characters: \" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"00bc944f-fead-400b-8bbd-0c5b56ba2b14\",\n \"id\": \"GHSA-3mcp-9wr4-cjqf\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 74\n ],\n \"description\": \"Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. ### Summary A server-side template injection was identified in the self-validating ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)) feature of **dropwizard-validation** enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you're using a self-validating bean (via [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html)), an upgrade to Dropwizard 1.3.19 or 2.0.2 is strongly recommended. ### Impact This issue may allow Remote Code Execution (RCE), allowing to run arbitrary code on the host system (with the privileges of the Dropwizard service account privileges) by injecting arbitrary [Java Expression Language (EL)](https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions) expressions when using the self-validating feature ([`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html), [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html)) in **dropwizard-validation**. ### Patches The issue has been fixed in **dropwizard-validation** **1.3.19** and **2.0.2**. We strongly recommend upgrading to one of these versions. ### Workarounds If you are not able to upgrade to one of the aforementioned versions of **dropwizard-validation** but still want to use the [`@SelfValidating`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidating.html) feature, make sure to properly sanitize any message you're adding to the [`ViolationCollector`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/ViolationCollector.html) in the method annotated with [`@SelfValidation`](https://javadoc.io/static/io.dropwizard/dropwizard-project/2.0.2/io/dropwizard/validation/selfvalidating/SelfValidation.html). Example: ```java @SelfValidation public void validateFullName(ViolationCollector col) { if (fullName.contains(\\\"_\\\")) { // Sanitize fullName variable by escaping relevant characters such as \\\"$\\\" col.addViolation(\\\"Full name contains invalid characters: \\\" + sanitizeJavaEl(fullName)); } } ``` See also: https://github.com/dropwizard/dropwizard/blob/v2.0.2/dropwizard-validation/src/main/java/io/dropwizard/validation/selfvalidating/ViolationCollector.java#L84-L98 ### References * https://github.com/dropwizard/dropwizard/pull/3157 * https://github.com/dropwizard/dropwizard/pull/3160 * https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm * https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions * https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation ### For more information If you have any questions or comments about this advisory: * Open an issue in [dropwizard/dropwizard](https://github.com/dropwizard/dropwizard/issues/new) * Start a discussion on the [dropwizard-dev mailing list](https://groups.google.com/forum/#!forum/dropwizard-dev) ### Security contact If you want to responsibly disclose a security issue in Dropwizard or one of its official modules, please contact us via the published channels in our [security policy](https://github.com/dropwizard/dropwizard/security/policy): https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability\",\n \"published\": \"2020-02-24T17:27:27Z\",\n \"updated\": \"2024-06-05T16:42:03Z\",\n \"affects\": [\n {\n \"ref\": \"9623a310-0e79-4f71-b9a7-b7046f1fbf30\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component io.dropwizard/dropwizard-validation@1.3.15 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 9623a310-0e79-4f71-b9a7-b7046f1fbf30\n\n- Group: io.dropwizard\n\n- Name: dropwizard-validation\n\n- Version: 1.3.15", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-776" + ], + "bom-ref": "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "ratings": "GITHUB - high", + "published": "2021-06-04T21:37:45Z", + "updated": "2023-05-22T20:17:58Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "id": "GHSA-rvwf-54qp-4r6v", + "desc": "Description: The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"210a5c45-88ac-4c1f-a5f4-f93c7af6f59e\",\n \"id\": \"GHSA-rvwf-54qp-4r6v\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 776\n ],\n \"description\": \"The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.\",\n \"published\": \"2021-06-04T21:37:45Z\",\n \"updated\": \"2023-05-22T20:17:58Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "id": "GHSA-9w3m-gqgf-c4p9", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"63a53dc7-5769-43dc-a053-50ccd5295d8b\",\n \"id\": \"GHSA-9w3m-gqgf-c4p9\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "5ab41975-23cc-45e0-9a13-be603ea00595", + "ratings": "GITHUB - medium", + "published": "2022-11-11T19:00:31Z", + "updated": "2024-06-21T21:33:52Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "id": "GHSA-w37g-rhq8-7m4j", + "desc": "Description: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5ab41975-23cc-45e0-9a13-be603ea00595\",\n \"id\": \"GHSA-w37g-rhq8-7m4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.\",\n \"published\": \"2022-11-11T19:00:31Z\",\n \"updated\": \"2024-06-21T21:33:52Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "dff65990-715e-4f71-aace-60d4436af108", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-c4r9-r8fh-9vj2", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"dff65990-715e-4f71-aace-60d4436af108\",\n \"id\": \"GHSA-c4r9-r8fh-9vj2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-hhhw-99gj-p3c3", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d55a9a55-cf82-483f-9a7c-8bf5395ce510\",\n \"id\": \"GHSA-hhhw-99gj-p3c3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-121", + "CWE-787" + ], + "bom-ref": "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "ratings": "GITHUB - medium", + "published": "2022-09-06T00:00:27Z", + "updated": "2024-03-15T12:30:36Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "id": "GHSA-98wm-3w3q-mw94", + "desc": "Description: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"6c215a04-8ea0-421f-961b-d5cceb64fd13\",\n \"id\": \"GHSA-98wm-3w3q-mw94\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 121,\n 787\n ],\n \"description\": \"Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.\",\n \"published\": \"2022-09-06T00:00:27Z\",\n \"updated\": \"2024-03-15T12:30:36Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-776" + ], + "bom-ref": "38c08d91-3487-44c4-b258-d5a274a4ad05", + "ratings": "GITHUB - high", + "published": "2022-08-31T00:00:24Z", + "updated": "2024-03-15T19:06:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "id": "GHSA-3mc7-4q67-w48m", + "desc": "Description: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"38c08d91-3487-44c4-b258-d5a274a4ad05\",\n \"id\": \"GHSA-3mc7-4q67-w48m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 776\n ],\n \"description\": \"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\",\n \"published\": \"2022-08-31T00:00:24Z\",\n \"updated\": \"2024-03-15T19:06:46Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20", + "CWE-502" + ], + "bom-ref": "da9ea5d3-a3c2-4d1b-8425-a799e47a804f", + "ratings": "GITHUB - high", + "published": "2022-12-12T21:19:47Z", + "updated": "2024-06-24T21:22:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "id": "GHSA-mjmj-j48q-9wg2", + "desc": "Description: ### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"da9ea5d3-a3c2-4d1b-8425-a799e47a804f\",\n \"id\": \"GHSA-mjmj-j48q-9wg2\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20,\n 502\n ],\n \"description\": \"### Summary SnakeYaml's `Constructor` class, which inherits from `SafeConstructor`, allows any type be deserialized given the following line: new Yaml(new Constructor(TestDataClass.class)).load(yamlContent); Types do not have to match the types of properties in the target class. A `ConstructorException` is thrown, but only after a malicious payload is deserialized. ### Severity High, lack of type checks during deserialization allows remote code execution. ### Proof of Concept Execute `bash run.sh`. The PoC uses Constructor to deserialize a payload for RCE. RCE is demonstrated by using a payload which performs a http request to http://127.0.0.1:8000. Example output of successful run of proof of concept: ``` $ bash run.sh [+] Downloading snakeyaml if needed [+] Starting mock HTTP server on 127.0.0.1:8000 to demonstrate RCE nc: no process found [+] Compiling and running Proof of Concept, which a payload that sends a HTTP request to mock web server. [+] An exception is expected. Exception: Cannot create property=payload for JavaBean=Main$TestDataClass@3cbbc1e0 in 'string', line 1, column 1: payload: !!javax.script.ScriptEn ... ^ Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager in 'string', line 1, column 10: payload: !!javax.script.ScriptEngineManag ... ^ at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:291) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.construct(Constructor.java:172) at org.yaml.snakeyaml.constructor.Constructor$ConstructYamlObject.construct(Constructor.java:332) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObjectNoCheck(BaseConstructor.java:230) at org.yaml.snakeyaml.constructor.BaseConstructor.constructObject(BaseConstructor.java:220) at org.yaml.snakeyaml.constructor.BaseConstructor.constructDocument(BaseConstructor.java:174) at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:158) at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:491) at org.yaml.snakeyaml.Yaml.load(Yaml.java:416) at Main.main(Main.java:37) Caused by: java.lang.IllegalArgumentException: Can not set java.lang.String field Main$TestDataClass.payload to javax.script.ScriptEngineManager at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:167) at java.base/jdk.internal.reflect.UnsafeFieldAccessorImpl.throwSetIllegalArgumentException(UnsafeFieldAccessorImpl.java:171) at java.base/jdk.internal.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:81) at java.base/java.lang.reflect.Field.set(Field.java:780) at org.yaml.snakeyaml.introspector.FieldProperty.set(FieldProperty.java:44) at org.yaml.snakeyaml.constructor.Constructor$ConstructMapping.constructJavaBean2ndStep(Constructor.java:286) ... 9 more [+] Dumping Received HTTP Request. Will not be empty if PoC worked GET /proof-of-concept HTTP/1.1 User-Agent: Java/11.0.14 Host: localhost:8000 Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 Connection: keep-alive ``` ### Further Analysis Potential mitigations include, leveraging SnakeYaml's SafeConstructor while parsing untrusted content. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479 for discussion on the subject. A fix was released in version 2.0. See https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314 for more information. ### Timeline **Date reported**: 4/11/2022 **Date fixed**: **Date disclosed**: 10/13/2022\",\n \"published\": \"2022-12-12T21:19:47Z\",\n \"updated\": \"2024-06-24T21:22:59Z\",\n \"affects\": [\n {\n \"ref\": \"0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.yaml/snakeyaml@1.23 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd\n\n- Group: org.yaml\n\n- Name: snakeyaml\n\n- Version: 1.23\n\n- Description: YAML 1.1 parser and emitter for Java\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "ratings": "GITHUB - medium", + "published": "2021-12-17T20:00:50Z", + "updated": "2023-01-30T05:04:55Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "id": "GHSA-668q-qrv7-99fm", + "desc": "Description: In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"bdd3f85b-5284-4163-be5b-0dd84b9300ac\",\n \"id\": \"GHSA-668q-qrv7-99fm\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.\",\n \"published\": \"2021-12-17T20:00:50Z\",\n \"updated\": \"2023-01-30T05:04:55Z\",\n \"affects\": [\n {\n \"ref\": \"5e7cd916-704f-4746-83a0-ec3850bb3f49\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-core@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 5e7cd916-704f-4746-83a0-ec3850bb3f49\n\n- Group: ch.qos.logback\n\n- Name: logback-core\n\n- Version: 1.2.3\n\n- Description: logback-core module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "0d58391c-d0fe-4b46-8f8d-6a49db7fb354", + "ratings": "GITHUB - high", + "published": "2023-11-29T12:30:16Z", + "updated": "2023-12-05T21:31:13Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "id": "GHSA-vmq6-5m68-f53m", + "desc": "Description: A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"0d58391c-d0fe-4b46-8f8d-6a49db7fb354\",\n \"id\": \"GHSA-vmq6-5m68-f53m\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"A serialization vulnerability in logback receiver component part of logback allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. This is only exploitable if logback receiver component is deployed. See https://logback.qos.ch/manual/receivers.html\",\n \"published\": \"2023-11-29T12:30:16Z\",\n \"updated\": \"2023-12-05T21:31:13Z\",\n \"affects\": [\n {\n \"ref\": \"5e7cd916-704f-4746-83a0-ec3850bb3f49\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-core@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 5e7cd916-704f-4746-83a0-ec3850bb3f49\n\n- Group: ch.qos.logback\n\n- Name: logback-core\n\n- Version: 1.2.3\n\n- Description: logback-core module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + }, + { + "status": "failed", + "code_desc": "Component ch.qos.logback/logback-classic@1.2.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 6d8385bd-f9a9-4a97-9031-3a1c717209b7\n\n- Group: ch.qos.logback\n\n- Name: logback-classic\n\n- Version: 1.2.3\n\n- Description: logback-classic module\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "ratings": "GITHUB - medium", + "published": "2021-03-10T03:46:47Z", + "updated": "2023-02-01T05:05:09Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "id": "GHSA-m394-8rww-3jr7", + "desc": "Description: ### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"17d2faa1-cd26-4ac7-8c68-c4a44ec398a8\",\n \"id\": \"GHSA-m394-8rww-3jr7\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application. The only features within Jetty that can trigger this behavior are: - Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc) - `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc) - `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which “preferred” language is returned on this call. - `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header. - `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app) ### Versions `QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. Currently, known vulnerable versions include: - 9.4.6.v20170531 thru to 9.4.36.v20210114 - 10.0.0 - 11.0.0 ### Workarounds Quality ordered values are used infrequently by jetty so they can be avoided by: * Do not use the default error page/handler. * Do not deploy the `StatisticsServlet` exposed to the network * Do not call `getLocale` API * Do not enable precompressed static content in the `DefaultServlet` ### Patches All patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php) - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater\",\n \"published\": \"2021-03-10T03:46:47Z\",\n \"updated\": \"2023-02-01T05:05:09Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "AC-12" + ], + "cci": [ + "CCI-002361" + ], + "cwe": [ + "CWE-613" + ], + "bom-ref": "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "ratings": "GITHUB - low", + "published": "2021-06-23T20:23:04Z", + "updated": "2023-02-01T05:05:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "id": "GHSA-m6cp-vxjx-65j6", + "desc": "Description: ### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"f32ca540-f068-4392-bea0-c0d7b050b7d1\",\n \"id\": \"GHSA-m6cp-vxjx-65j6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 613\n ],\n \"description\": \"### Impact If an exception is thrown from the `SessionListener#sessionDestroyed()` method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. There is no known path for an attacker to induce such an exception to be thrown, thus they must rely on an application to throw such an exception. The OP has also identified that during the call to `sessionDestroyed`, the `getLastAccessedTime()` throws an `IllegalStateException`, which potentially contrary to the servlet spec, so applications calling this method may always throw and fail to log out. If such an application was only tested on a non clustered test environment, then it may be deployed on a clustered environment with multiple contexts and fail to log out. ### Workarounds The application should catch all Throwables within their `SessionListener#sessionDestroyed()` implementations.\",\n \"published\": \"2021-06-23T20:23:04Z\",\n \"updated\": \"2023-02-01T05:05:59Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-551", + "CWE-755" + ], + "bom-ref": "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "ratings": "GITHUB - high", + "published": "2021-04-06T17:31:30Z", + "updated": "2023-09-26T11:11:47Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "id": "GHSA-26vr-8j45-3r4w", + "desc": "Description: ### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\"sslContextFactory\") SslContextFactory factory, @Name(\"next\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\"Encrypted buffer max length exceeded\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"6d35c4e5-f5ee-4572-af28-1ca71cf48158\",\n \"id\": \"GHSA-26vr-8j45-3r4w\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 551,\n 755\n ],\n \"description\": \"### Impact When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage. ### Workarounds The problem can be worked around by compiling the following class: ```java package org.eclipse.jetty.server.ssl.fix6072; import java.nio.ByteBuffer; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import org.eclipse.jetty.io.EndPoint; import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.util.BufferUtil; import org.eclipse.jetty.util.annotation.Name; import org.eclipse.jetty.util.ssl.SslContextFactory; public class SpaceCheckingSslConnectionFactory extends SslConnectionFactory { public SpaceCheckingSslConnectionFactory(@Name(\\\"sslContextFactory\\\") SslContextFactory factory, @Name(\\\"next\\\") String nextProtocol) { super(factory, nextProtocol); } @Override protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) { return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption()) { @Override protected SSLEngineResult unwrap(SSLEngine sslEngine, ByteBuffer input, ByteBuffer output) throws SSLException { SSLEngineResult results = super.unwrap(sslEngine, input, output); if ((results.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW || results.getStatus() == SSLEngineResult.Status.OK && results.bytesConsumed() == 0 && results.bytesProduced() == 0) && BufferUtil.space(input) == 0) { BufferUtil.clear(input); throw new SSLHandshakeException(\\\"Encrypted buffer max length exceeded\\\"); } return results; } }; } } ``` This class can be deployed by: + The resulting class file should be put into a jar file (eg sslfix6072.jar) + The jar file should be made available to the server. For a normal distribution this can be done by putting the file into ${jetty.base}/lib + Copy the file `${jetty.home}/modules/ssl.mod` to `${jetty.base}/modules` + Edit the `${jetty.base}/modules/ssl.mod` file to have the following section: ``` [lib] lib/sslfix6072.jar ``` + Copy the file `${jetty.home}/etc/jetty-https.xml` and`${jetty.home}/etc/jetty-http2.xml` to `${jetty.base}/etc` + Edit files `${jetty.base}/etc/jetty-https.xml` and `${jetty.base}/etc/jetty-http2.xml`, changing any reference of `org.eclipse.jetty.server.SslConnectionFactory` to `org.eclipse.jetty.server.ssl.fix6072.SpaceCheckingSslConnectionFactory`. For example: ```xml http/1.1 ``` + Restart Jetty\",\n \"published\": \"2021-04-06T17:31:30Z\",\n \"updated\": \"2023-09-26T11:11:47Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "ratings": "GITHUB - low", + "published": "2023-04-18T22:19:57Z", + "updated": "2023-11-06T05:01:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "id": "GHSA-p26g-97m4-6q7c", + "desc": "Description: Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\"b; JSESSIONID=1337; c=d\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"d5c5815d-1742-46b6-953a-a4ed90fdd920\",\n \"id\": \"GHSA-p26g-97m4-6q7c\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `\\\"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE=\\\"b; JSESSIONID=1337; c=d\\\"` will be parsed as one cookie, with the name `DISPLAY_LANGUAGE` and a value of `b; JSESSIONID=1337; c=d` instead of 3 separate cookies. ### Impact This has security implications because if, say, `JSESSIONID` is an `HttpOnly` cookie, and the `DISPLAY_LANGUAGE` cookie value is rendered on the page, an attacker can smuggle the `JSESSIONID` cookie into the `DISPLAY_LANGUAGE` cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server. ### Patches * 9.4.51.v20230217 - via PR #9352 * 10.0.15 - via PR #9339 * 11.0.15 - via PR #9339 ### Workarounds No workarounds ### References * https://www.rfc-editor.org/rfc/rfc2965 * https://www.rfc-editor.org/rfc/rfc6265\",\n \"published\": \"2023-04-18T22:19:57Z\",\n \"updated\": \"2023-11-06T05:01:53Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-770" + ], + "bom-ref": "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ratings": "GITHUB - medium", + "published": "2023-04-19T18:15:45Z", + "updated": "2023-11-06T05:02:06Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "id": "GHSA-qw69-rqj8-6qw8", + "desc": "Description: ### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f6ff72c7-6603-4627-899d-658f8f7c5f23\",\n \"id\": \"GHSA-qw69-rqj8-6qw8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 770\n ],\n \"description\": \"### Impact Servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and a very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. A very large number of parts may cause the same problem. ### Patches Patched in Jetty versions * 9.4.51.v20230217 - via PR #9345 * 10.0.14 - via PR #9344 * 11.0.14 - via PR #9344 ### Workarounds Multipart parameter `maxRequestSize` must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). Limiting multipart parameter `maxFileSize` won't be enough because an attacker can send a large number of parts that summed up will cause memory issues. ### References * https://github.com/eclipse/jetty.project/issues/9076 * https://github.com/jakartaee/servlet/blob/6.0.0/spec/src/main/asciidoc/servlet-spec-body.adoc#32-file-upload\",\n \"published\": \"2023-04-19T18:15:45Z\",\n \"updated\": \"2023-11-06T05:02:06Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-4" + ], + "cci": [ + "CCI-001090" + ], + "cwe": [ + "CWE-226" + ], + "bom-ref": "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6", + "ratings": "GITHUB - medium", + "published": "2020-12-02T18:28:18Z", + "updated": "2024-02-21T17:23:14Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "id": "GHSA-86wm-rrjm-8wh8", + "desc": "Description: ### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"ebc03317-a0b4-4b53-9cd0-7ae4281c02e6\",\n \"id\": \"GHSA-86wm-rrjm-8wh8\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 226\n ],\n \"description\": \"### Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see that body prepended to it's body. The attacker will not see any data, but may inject data into the body of the subsequent request CVE score is [4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L&version=3.1) ### Workarounds The problem can be worked around by either: - Disabling compressed request body inflation by GzipHandler. - By always fully consuming the request content before sending a response. - By adding a `Connection: close` to any response where the servlet does not fully consume request content.\",\n \"published\": \"2020-12-02T18:28:18Z\",\n \"updated\": \"2024-02-21T17:23:14Z\",\n \"affects\": [\n {\n \"ref\": \"4e012695-d45a-4296-b37b-54a8b6893a50\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 4e012695-d45a-4296-b37b-54a8b6893a50\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The core jetty server artifact.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-20" + ], + "bom-ref": "c19b779d-2699-44de-a189-a0d18d8dc953", + "ratings": "GITHUB - low", + "published": "2022-07-07T20:55:34Z", + "updated": "2023-01-29T05:06:01Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-cj7v-27pg-wf7q", + "desc": "Description: ### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"c19b779d-2699-44de-a189-a0d18d8dc953\",\n \"id\": \"GHSA-cj7v-27pg-wf7q\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 20\n ],\n \"description\": \"### Description URI use within Jetty's `HttpURI` class can parse invalid URIs such as `http://localhost;/path` as having an authority with a host of `localhost;`. A URIs of the type `http://localhost;/path` should be interpreted to be either invalid or as `localhost;` to be the userinfo and no host. However, `HttpURI.host` returns `localhost;` which is definitely wrong. ### Impact This can lead to errors with Jetty's `HttpClient`, and Jetty's `ProxyServlet` / `AsyncProxyServlet` / `AsyncMiddleManServlet` wrongly interpreting an authority with no host as one with a host. ### Patches Patched in PR [#8146](https://github.com/eclipse/jetty.project/pull/8146) for Jetty version 9.4.47. Patched in PR [#8014](https://github.com/eclipse/jetty.project/pull/8015) for Jetty versions 10.0.10, and 11.0.10 ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:34Z\",\n \"updated\": \"2023-01-29T05:06:01Z\",\n \"affects\": [\n {\n \"ref\": \"c1abfd09-121f-418c-befa-4d6b9e164769\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-http@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c1abfd09-121f-418c-befa-4d6b9e164769\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-http\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-130" + ], + "bom-ref": "a2897b13-bdeb-4a6c-802e-abf09fef10a9", + "ratings": "GITHUB - medium", + "published": "2023-09-14T16:17:27Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "id": "GHSA-hmr7-m48g-48f6", + "desc": "Description: ### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \"+\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"a2897b13-bdeb-4a6c-802e-abf09fef10a9\",\n \"id\": \"GHSA-hmr7-m48g-48f6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 130\n ],\n \"description\": \"### Impact Jetty accepts the '+' character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. ### Workarounds There is no workaround as there is no known exploit scenario. ### Original Report [RFC 9110 Secion 8.6](https://www.rfc-editor.org/rfc/rfc9110#section-8.6) defined the value of Content-Length header should be a string of 0-9 digits. However we found that Jetty accepts \\\"+\\\" prefixed Content-Length, which could lead to potential HTTP request smuggling. Payload: ``` POST / HTTP/1.1 Host: a.com Content-Length: +16 Connection: close ​ 0123456789abcdef ``` When sending this payload to Jetty, it can successfully parse and identify the length. When sending this payload to NGINX, Apache HTTPd or other HTTP servers/parsers, they will return 400 bad request. This behavior can lead to HTTP request smuggling and can be leveraged to bypass WAF or IDS.\",\n \"published\": \"2023-09-14T16:17:27Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"c1abfd09-121f-418c-befa-4d6b9e164769\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-http@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c1abfd09-121f-418c-befa-4d6b9e164769\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-http\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-378", + "CWE-379", + "CWE-552" + ], + "bom-ref": "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442", + "ratings": "GITHUB - high", + "published": "2020-11-04T17:50:24Z", + "updated": "2023-11-27T23:07:53Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "id": "GHSA-g3wg-6mcf-8jj6", + "desc": "Description: ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\"java.io.tmpdir\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \".dir\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442\",\n \"id\": \"GHSA-g3wg-6mcf-8jj6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 378,\n 379,\n 552\n ],\n \"description\": \"### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Additionally, any user code uses of [WebAppContext::getTempDirectory](https://www.eclipse.org/jetty/javadoc/9.4.31.v20200723/org/eclipse/jetty/webapp/WebAppContext.html#getTempDirectory()) would similarly be vulnerable. Additionally, any user application code using the `ServletContext` attribute for the tempdir will also be impacted. See: https://javaee.github.io/javaee-spec/javadocs/javax/servlet/ServletContext.html#TEMPDIR For example: ```java import java.io.File; import java.io.IOException; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ExampleServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { File tempDir = (File)getServletContext().getAttribute(ServletContext.TEMPDIR); // Potentially compromised // do something with that temp dir } } ``` Example: The JSP library itself will use the container temp directory for compiling the JSP source into Java classes before executing them. ### CVSSv3.1 Evaluation This vulnerability has been calculated to have a [CVSSv3.1 score of 7.8/10 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1) ### Patches Fixes were applied to the 9.4.x branch with: - https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb - https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f These will be included in releases: 9.4.33, 10.0.0.beta3, 11.0.0.beta3 ### Workarounds A work around is to set a temporary directory, either for the server or the context, to a directory outside of the shared temporary file system. For recent releases, a temporary directory can be created simple by creating a directory called `work` in the ${jetty.base} directory (the parent directory of the `webapps` directory). Alternately the java temporary directory can be set with the System Property `java.io.tmpdir`. A more detailed description of how jetty selects a temporary directory is below. The Jetty search order for finding a temporary directory is as follows: 1. If the [`WebAppContext` has a temp directory specified](https://www.eclipse.org/jetty/javadoc/current/org/eclipse/jetty/webapp/WebAppContext.html#setTempDirectory(java.io.File)), use it. 2. If the `ServletContext` has the `javax.servlet.context.tempdir` attribute set, and if directory exists, use it. 3. If a `${jetty.base}/work` directory exists, use it (since Jetty 9.1) 4. If a `ServletContext` has the `org.eclipse.jetty.webapp.basetempdir` attribute set, and if the directory exists, use it. 5. Use `System.getProperty(\\\"java.io.tmpdir\\\")` and use it. Jetty will end traversal at the first successful step. To mitigate this vulnerability the directory must be set to one that is not writable by an attacker. To avoid information leakage, the directory should also not be readable by an attacker. #### Setting a Jetty server temporary directory. Choices 3 and 5 apply to the server level, and will impact all deployed webapps on the server. For choice 3 just create that work directory underneath your `${jetty.base}` and restart Jetty. For choice 5, just specify your own `java.io.tmpdir` when you start the JVM for Jetty. ``` shell [jetty-distribution]$ java -Djava.io.tmpdir=/var/web/work -jar start.jar ``` #### Setting a Context specific temporary directory. The rest of the choices require you to configure the context for that deployed webapp (seen as `${jetty.base}/webapps/.xml`) Example (excluding the DTD which is version specific): ``` xml /var/web/webapps/foo.war /var/web/work/foo ``` ### References - https://github.com/eclipse/jetty.project/issues/5451 - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html) - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html) - [CodeQL Query PR To Detect Similar Vulnerabilities](https://github.com/github/codeql/pull/4473) ### Similar Vulnerabilities Similar, but not the same. - JUnit 4 - https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information The original report of this vulnerability is below: > On Thu, 15 Oct 2020 at 21:14, Jonathan Leitschuh wrote: > Hi WebTide Security Team, > > I'm a security researcher writing some custom CodeQL queries to find Local Temporary Directory Hijacking Vulnerabilities. One of my queries flagged an issue in Jetty. > > https://lgtm.com/query/5615014766184643449/ > > I've recently been looking into security vulnerabilities involving the temporary directory because on unix-like systems, the system temporary directory is shared between all users. > There exists a race condition between the deletion of the temporary file and the creation of the directory. > > ```java > // ensure file will always be unique by appending random digits > tmpDir = File.createTempFile(temp, \\\".dir\\\", parent); // Attacker knows the full path of the file that will be generated > // delete the file that was created > tmpDir.delete(); // Attacker sees file is deleted and begins a race to create their own directory before Jetty. > // and make a directory of the same name > // SECURITY VULNERABILITY: Race Condition! - Attacker beats Jetty and now owns this directory > tmpDir.mkdirs(); > ``` > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L511-L518 > > In several cases the `parent` parameter will not be the system temporary directory. However, there is one case where it will be, as the last fallback. > > > https://github.com/eclipse/jetty.project/blob/1b59672b7f668b8a421690154b98b4b2b03f254b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebInfConfiguration.java#L467-L468 > > If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. > > Would your team be willing to open a GitHub security advisory to continue the discussion and disclosure there? https://github.com/eclipse/jetty.project/security/advisories > > **This vulnerability disclosure follows Google's [90-day vulnerability disclosure policy](https://www.google.com/about/appsecurity/) (I'm not an employee of Google, I just like their policy). Full disclosure will occur either at the end of the 90-day deadline or whenever a patch is made widely available, whichever occurs first.** > > Cheers, > Jonathan Leitschuh\",\n \"published\": \"2020-11-04T17:50:24Z\",\n \"updated\": \"2023-11-27T23:07:53Z\",\n \"affects\": [\n {\n \"ref\": \"71f396a0-0285-465e-8ce3-6eacb47be941\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-webapp@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 71f396a0-0285-465e-8ce3-6eacb47be941\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-webapp\n\n- Version: 9.4.18.v20190429\n\n- Description: Jetty web application support\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "76910119-ee18-4144-855b-b2fdab20e33c", + "ratings": "GITHUB - low", + "published": "2023-07-10T21:52:39Z", + "updated": "2023-09-05T22:39:32Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "id": "GHSA-58qw-p7qm-5rvh", + "desc": "Description: ### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"76910119-ee18-4144-855b-b2fdab20e33c\",\n \"id\": \"GHSA-58qw-p7qm-5rvh\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"### From the reporter > `XmlParser` is vulnerable to XML external entity (XXE) vulnerability. > XmlParser is being used when parsing Jetty’s xml configuration files. An attacker might exploit > this vulnerability in order to achieve SSRF or cause a denial of service. > One possible scenario is importing a (remote) malicious WAR into a Jetty’s server, while the > WAR includes a malicious web.xml. ### Impact There are no circumstances in a normally deployed Jetty server where potentially hostile XML is given to the XmlParser class without the attacker already having arbitrary access to the server. I.e. in order to exploit `XmlParser` the attacker would already have the ability to deploy and execute hostile code. Specifically, Jetty has no protection against malicious web application and potentially hostile web applications should only be run on an isolated virtualisation. Thus this is not considered a vulnerability of the Jetty server itself, as any such usage of the jetty XmlParser is equally vulnerable as a direct usage of the JVM supplied SAX parser. No CVE will be allocated to this advisory. However, any direct usage of the `XmlParser` class by an application may be vulnerable. The impact would greatly depend on how the application uses `XmlParser`, but it could be a denial of service due to large entity expansion, or possibly the revealing local files if the XML results are accessible remotely. ### Patches Ability to configure the SAXParserFactory to fit the needs of your particular XML parser implementation have been merged as part of PR #10067 ### Workarounds Don't use `XmlParser` to parse data from users.\",\n \"published\": \"2023-07-10T21:52:39Z\",\n \"updated\": \"2023-09-05T22:39:32Z\",\n \"affects\": [\n {\n \"ref\": \"39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-xml@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-xml\n\n- Version: 9.4.18.v20190429\n\n- Description: The jetty xml utilities.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8" + ], + "cci": [ + "CCI-002418" + ], + "cwe": [ + "CWE-200" + ], + "bom-ref": "d8add710-4eed-448d-b198-ecff8ffe86ea", + "ratings": "GITHUB - medium", + "published": "2021-06-10T15:43:22Z", + "updated": "2023-02-01T05:05:51Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "id": "GHSA-gwcr-j4wh-j3cq", + "desc": "Description: Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"d8add710-4eed-448d-b198-ecff8ffe86ea\",\n \"id\": \"GHSA-gwcr-j4wh-j3cq\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200\n ],\n \"description\": \"Requests to the `ConcatServlet` and `WelcomeFilter` are able to access protected resources within the `WEB-INF` directory. For example a request to the `ConcatServlet` with a URI of `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. This occurs because both `ConcatServlet` and `WelcomeFilter` decode the supplied path to verify it is not within the `WEB-INF` or `META-INF` directories. It then uses this decoded path to call `RequestDispatcher` which will also do decoding of the path. This double decoding allows paths with a doubly encoded `WEB-INF` to bypass this security check. ### Impact This affects all versions of `ConcatServlet` and `WelcomeFilter` in versions before 9.4.41, 10.0.3 and 11.0.3. ### Workarounds If you cannot update to the latest version of Jetty, you can instead deploy your own version of the [`ConcatServlet`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/ConcatServlet.java) and/or the [`WelcomeFilter`](https://github.com/eclipse/jetty.project/blob/4204526d2fdad355e233f6bf18a44bfe028ee00b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/WelcomeFilter.java) by using the code from the latest version of Jetty.\",\n \"published\": \"2021-06-10T15:43:22Z\",\n \"updated\": \"2023-02-01T05:05:51Z\",\n \"affects\": [\n {\n \"ref\": \"7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-servlets@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-servlets\n\n- Version: 9.4.18.v20190429\n\n- Description: Utility Servlets from Jetty\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-149" + ], + "bom-ref": "123b8eaf-5572-4945-975d-21ed3c2f101d", + "ratings": "GITHUB - low", + "published": "2023-09-14T16:16:00Z", + "updated": "2023-11-06T05:01:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "id": "GHSA-3gh6-v5v9-6v9j", + "desc": "Description: If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\"' && execCmd.contains(\" \")) execCmd = \"\\\"\" + execCmd + \"\\\"\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"123b8eaf-5572-4945-975d-21ed3c2f101d\",\n \"id\": \"GHSA-3gh6-v5v9-6v9j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 149\n ],\n \"description\": \"If a user sends a request to a `org.eclipse.jetty.servlets.CGI` Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. For example, if a request references a binary called file” name “here, the escaping algorithm will generate the command line string “file” name “here”, which will invoke the binary named file, not the one that the user requested. ```java if (execCmd.length() > 0 && execCmd.charAt(0) != '\\\"' && execCmd.contains(\\\" \\\")) execCmd = \\\"\\\\\\\"\\\" + execCmd + \\\"\\\\\\\"\\\"; ``` ### Exploit Scenario The cgi-bin directory contains a binary named exec and a subdirectory named exec” commands, which contains a file called bin1. The user sends to the CGI servlet a request for the filename exec” commands/bin1. This request will pass the file existence check on lines 194 through 205. The servlet will add quotation marks around this filename, resulting in the command line string “exec” commands/bin1”. When this string is passed to Runtime.exec, instead of executing the bin1 binary, the server will execute the exec binary with the argument commands/file1”. In addition to being incorrect, this behavior may bypass alias checks, and it may cause other unintended behaviors if a command prefix is configured. If the useFullPath configuration setting is off, the command need not pass the existence check. The attack would not rely on a binary and subdirectory having similar names, and the attack will succeed on a much wider variety of directory structures. ### Impact Users of the `org.eclipse.jetty.servlets.CGI` Servlet with a very specific command structure may have the wrong command executed. ### Patches No patch. In Jetty 9.x, 10.x, and 11.x the `org.eclipse.jetty.servlets.CGI` has been deprecated. In Jetty 12 (all environments) the `org.eclipse.jetty.servlets.CGI` has been entirely removed. ### Workarounds The `org.eclipse.jetty.servlets.CGI` Servlet should not be used. Fast CGI support is available instead. ### References * https://github.com/eclipse/jetty.project/pull/9516 * https://github.com/eclipse/jetty.project/pull/9889 * https://github.com/eclipse/jetty.project/pull/9888\",\n \"published\": \"2023-09-14T16:16:00Z\",\n \"updated\": \"2023-11-06T05:01:59Z\",\n \"affects\": [\n {\n \"ref\": \"7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty/jetty-servlets@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc\n\n- Group: org.eclipse.jetty\n\n- Name: jetty-servlets\n\n- Version: 9.4.18.v20190429\n\n- Description: Utility Servlets from Jetty\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SC-8", + "AC-3" + ], + "cci": [ + "CCI-002418", + "CCI-000213" + ], + "cwe": [ + "CWE-200", + "CWE-732" + ], + "bom-ref": "499117ae-d134-4505-8674-ed498531e7a9", + "ratings": "GITHUB - medium", + "published": "2020-10-12T17:33:00Z", + "updated": "2023-02-01T05:04:50Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "id": "GHSA-269g-pwp5-87pp", + "desc": "Description: ### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\"myfile.txt\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\"subfolder\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"499117ae-d134-4505-8674-ed498531e7a9\",\n \"id\": \"GHSA-269g-pwp5-87pp\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 200,\n 732\n ],\n \"description\": \"### Vulnerability The JUnit4 test rule [TemporaryFolder](https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html) contains a local information disclosure vulnerability. Example of vulnerable code: ```java public static class HasTempFolder { @Rule public TemporaryFolder folder = new TemporaryFolder(); @Test public void testUsingTempFolder() throws IOException { folder.getRoot(); // Previous file permissions: `drwxr-xr-x`; After fix:`drwx------` File createdFile= folder.newFile(\\\"myfile.txt\\\"); // unchanged/irrelevant file permissions File createdFolder= folder.newFolder(\\\"subfolder\\\"); // unchanged/irrelevant file permissions // ... } } ``` ### Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability **does not** allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: 1. Do the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder? - If yes, this vulnerability impacts you, but only if you also answer 'yes' to question 2. - If no, this vulnerability does not impact you. 2. Do the JUnit tests ever execute in an environment where the OS has other untrusted users. _This may apply in CI/CD environments but normally won't be 'yes' for personal developer machines._ - If yes, and you answered 'yes' to question 1, this vulnerability impacts you. - If no, this vulnerability does not impact you. ### Patches Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. - Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. - Java 1.6 and lower users: **no patch is available, you must use the workaround below.** ### Workarounds If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. ### References - [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor](https://cwe.mitre.org/data/definitions/200.html) - Fix commit https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae #### Similar Vulnerabilities - Google Guava - https://github.com/google/guava/issues/4011 - Apache Ant - https://nvd.nist.gov/vuln/detail/CVE-2020-1945 - JetBrains Kotlin Compiler - https://nvd.nist.gov/vuln/detail/CVE-2020-15824 ### For more information If you have any questions or comments about this advisory, please pen an issue in [junit-team/junit4](https://github.com/junit-team/junit4/issues).\",\n \"published\": \"2020-10-12T17:33:00Z\",\n \"updated\": \"2023-02-01T05:04:50Z\",\n \"affects\": [\n {\n \"ref\": \"8005328c-f1b3-4ac3-8aa6-1e5013d8cef2\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component junit/junit@4.12 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8005328c-f1b3-4ac3-8aa6-1e5013d8cef2\n\n- Group: junit\n\n- Name: junit\n\n- Version: 4.12\n\n- Description: JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\",\n \"url\": \"http://www.eclipse.org/legal/epl-v10.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "ratings": "INTERNAL - high" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "INT-f70z-tbpp-4o5d", + "id": "INT-f70z-tbpp-4o5d", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"4ad3464b-09c7-40fa-ab51-754f3f196cd4\",\n \"id\": \"INT-f70z-tbpp-4o5d\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"affects\": [\n {\n \"ref\": \"0052b14c-fb6a-404e-89fb-48cad6d2535d\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component net.bytebuddy/byte-buddy@1.9.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0052b14c-fb6a-404e-89fb-48cad6d2535d\n\n- Group: net.bytebuddy\n\n- Name: byte-buddy\n\n- Version: 1.9.7\n\n- Description: Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [], + "bom-ref": "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad", + "ratings": "INTERNAL - low" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "INTERNAL" + } + } + ] + } + ], + "source_location": {}, + "title": "testing", + "id": "INT-63e3-49kp-blqt", + "desc": "Description: testing", + "impact": 0.3, + "code": "{\n \"bom-ref\": \"0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad\",\n \"id\": \"INT-63e3-49kp-blqt\",\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"INTERNAL\"\n },\n \"severity\": \"low\",\n \"method\": \"other\"\n }\n ],\n \"description\": \"testing\",\n \"affects\": [\n {\n \"ref\": \"0052b14c-fb6a-404e-89fb-48cad6d2535d\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component net.bytebuddy/byte-buddy@1.9.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 0052b14c-fb6a-404e-89fb-48cad6d2535d\n\n- Group: net.bytebuddy\n\n- Name: byte-buddy\n\n- Version: 1.9.7\n\n- Description: Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "1f182b73-afb8-424c-8e08-533a0f702076", + "ratings": "GITHUB - high", + "published": "2022-02-09T22:57:29Z", + "updated": "2024-06-27T16:39:59Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "id": "GHSA-j8jw-g6fq-mp7h", + "desc": "Description: A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"1f182b73-afb8-424c-8e08-533a0f702076\",\n \"id\": \"GHSA-j8jw-g6fq-mp7h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.\",\n \"published\": \"2022-02-09T22:57:29Z\",\n \"updated\": \"2024-06-27T16:39:59Z\",\n \"affects\": [\n {\n \"ref\": \"8c0378f7-4c0e-4ee3-849d-740b0035c371\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.hibernate/hibernate-core@5.2.18.Final is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8c0378f7-4c0e-4ee3-849d-740b0035c371\n\n- Group: org.hibernate\n\n- Name: hibernate-core\n\n- Version: 5.2.18.Final\n\n- Description: The core O/RM functionality as provided by Hibernate\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"GNU Lesser General Public License\",\n \"url\": \"http://www.gnu.org/licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-89" + ], + "bom-ref": "8ba20df5-3877-4825-a8f2-b52e2d2f86d8", + "ratings": "GITHUB - medium", + "published": "2022-02-10T23:05:04Z", + "updated": "2024-06-27T18:05:49Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "id": "GHSA-8grg-q944-cch5", + "desc": "Description: A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8ba20df5-3877-4825-a8f2-b52e2d2f86d8\",\n \"id\": \"GHSA-8grg-q944-cch5\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 89\n ],\n \"description\": \"A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.\",\n \"published\": \"2022-02-10T23:05:04Z\",\n \"updated\": \"2024-06-27T18:05:49Z\",\n \"affects\": [\n {\n \"ref\": \"8c0378f7-4c0e-4ee3-849d-740b0035c371\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.hibernate/hibernate-core@5.2.18.Final is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 8c0378f7-4c0e-4ee3-849d-740b0035c371\n\n- Group: org.hibernate\n\n- Name: hibernate-core\n\n- Version: 5.2.18.Final\n\n- Description: The core O/RM functionality as provided by Hibernate\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"GNU Lesser General Public License\",\n \"url\": \"http://www.gnu.org/licenses/lgpl-2.1.html\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "55ebe39e-12f6-4360-aeba-9913ef7efb68", + "ratings": "GITHUB - critical", + "published": "2020-06-05T16:13:36Z", + "updated": "2023-01-27T05:02:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "id": "GHSA-hwj3-m3p6-hj38", + "desc": "Description: dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.", + "impact": 1, + "code": "{\n \"bom-ref\": \"55ebe39e-12f6-4360-aeba-9913ef7efb68\",\n \"id\": \"GHSA-hwj3-m3p6-hj38\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. Note: This advisory applies to `dom4j:dom4j` version 1.x legacy artifacts. To resolve this a change to the latest version of `org.dom4j:dom4j` is recommended.\",\n \"published\": \"2020-06-05T16:13:36Z\",\n \"updated\": \"2023-01-27T05:02:30Z\",\n \"affects\": [\n {\n \"ref\": \"627bb70b-4b85-4801-8239-f03de04ca5db\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.dom4j/dom4j@2.1.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 627bb70b-4b85-4801-8239-f03de04ca5db\n\n- Group: org.dom4j\n\n- Name: dom4j\n\n- Version: 2.1.1\n\n- Description: flexible XML framework for Java\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"BSD 3-clause New License\",\n \"url\": \"https://github.com/dom4j/dom4j/blob/master/LICENSE\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-79" + ], + "bom-ref": "8c0002e8-9326-40f7-9209-51020755ff02", + "ratings": "GITHUB - medium", + "published": "2021-06-03T23:40:23Z", + "updated": "2023-02-01T05:05:30Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "id": "GHSA-7r82-7xv7-xcpj", + "desc": "Description: Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"8c0002e8-9326-40f7-9209-51020755ff02\",\n \"id\": \"GHSA-7r82-7xv7-xcpj\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 79\n ],\n \"description\": \"Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.\",\n \"published\": \"2021-06-03T23:40:23Z\",\n \"updated\": \"2023-02-01T05:05:30Z\",\n \"affects\": [\n {\n \"ref\": \"893beba4-580b-4ada-a4cf-067fbe145507\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.apache.httpcomponents/httpclient@4.5.7 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 893beba4-580b-4ada-a4cf-067fbe145507\n\n- Group: org.apache.httpcomponents\n\n- Name: httpclient\n\n- Version: 4.5.7\n\n- Description: Apache HttpComponents Client\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "bom-ref": "7b0674fc-e326-47d0-b34b-b5bfb523784b", + "ratings": "GITHUB - critical", + "published": "2022-03-05T00:00:45Z", + "updated": "2023-01-27T05:02:46Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "id": "GHSA-jvfv-hrrc-6q72", + "desc": "Description: The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.", + "impact": 1, + "code": "{\n \"bom-ref\": \"7b0674fc-e326-47d0-b34b-b5bfb523784b\",\n \"id\": \"GHSA-jvfv-hrrc-6q72\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"critical\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"The XMLChangeLogSAXParser() function in Liquibase prior to version 4.8.0 contains an issue that may lead to to Improper Restriction of XML External Entity Reference.\",\n \"published\": \"2022-03-05T00:00:45Z\",\n \"updated\": \"2023-01-27T05:02:46Z\",\n \"affects\": [\n {\n \"ref\": \"ab3bfc00-8d35-4a4d-b314-86573681d910\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.liquibase/liquibase-core@3.6.3 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: ab3bfc00-8d35-4a4d-b314-86573681d910\n\n- Group: org.liquibase\n\n- Name: liquibase-core\n\n- Version: 3.6.3\n\n- Description: Liquibase is a tool for managing and executing database changes.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"Apache-2.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400", + "CWE-410" + ], + "bom-ref": "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "ratings": "GITHUB - high", + "published": "2022-07-07T20:55:40Z", + "updated": "2023-07-24T19:39:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "id": "GHSA-wgmr-mf83-7x4j", + "desc": "Description: ### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c3fdf61d-7886-423b-8a29-b6ab6790c127\",\n \"id\": \"GHSA-wgmr-mf83-7x4j\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400,\n 410\n ],\n \"description\": \"### Description Invalid HTTP/2 requests (for example, invalid URIs) are incorrectly handled by writing a blocking error response directly from the selector thread. If the client manages to exhaust the HTTP/2 flow control window, or TCP congest the connection, the selector thread will be blocked trying to write the error response. If this is repeated for all the selector threads, the server becomes unresponsive, causing the denial of service. ### Impact A malicious client may render the server unresponsive. ### Patches The fix is available in Jetty versions 9.4.47. 10.0.10, 11.0.10. ### Workarounds No workaround available within Jetty itself. One possible workaround is to filter the requests before sending them to Jetty (for example in a proxy) ### For more information If you have any questions or comments about this advisory: * Email us at security@webtide.com.\",\n \"published\": \"2022-07-07T20:55:40Z\",\n \"updated\": \"2023-07-24T19:39:20Z\",\n \"affects\": [\n {\n \"ref\": \"55521fe9-aed2-403e-9df2-75fc5af90f54\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 55521fe9-aed2-403e-9df2-75fc5af90f54\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "affa7af3-427f-4223-8028-d9ac45e80e08", + "ratings": "GITHUB - medium", + "published": "2023-10-10T21:28:24Z", + "updated": "2024-06-21T21:34:00Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "id": "GHSA-qppj-fm5r-hxr3", + "desc": "Description: ## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"affa7af3-427f-4223-8028-d9ac45e80e08\",\n \"id\": \"GHSA-qppj-fm5r-hxr3\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"## HTTP/2 Rapid reset attack The HTTP/2 protocol allows clients to indicate to the server that a previous stream should be canceled by sending a RST_STREAM frame. The protocol does not require the client and server to coordinate the cancellation in any way, the client may do it unilaterally. The client may also assume that the cancellation will take effect immediately when the server receives the RST_STREAM frame, before any other data from that TCP connection is processed. Abuse of this feature is called a Rapid Reset attack because it relies on the ability for an endpoint to send a RST_STREAM frame immediately after sending a request frame, which makes the other endpoint start working and then rapidly resets the request. The request is canceled, but leaves the HTTP/2 connection open. The HTTP/2 Rapid Reset attack built on this capability is simple: The client opens a large number of streams at once as in the standard HTTP/2 attack, but rather than waiting for a response to each request stream from the server or proxy, the client cancels each request immediately. The ability to reset streams immediately allows each connection to have an indefinite number of requests in flight. By explicitly canceling the requests, the attacker never exceeds the limit on the number of concurrent open streams. The number of in-flight requests is no longer dependent on the round-trip time (RTT), but only on the available network bandwidth. In a typical HTTP/2 server implementation, the server will still have to do significant amounts of work for canceled requests, such as allocating new stream data structures, parsing the query and doing header decompression, and mapping the URL to a resource. For reverse proxy implementations, the request may be proxied to the backend server before the RST_STREAM frame is processed. The client on the other hand paid almost no costs for sending the requests. This creates an exploitable cost asymmetry between the server and the client. Multiple software artifacts implementing HTTP/2 are affected. This advisory was originally ingested from the `swift-nio-http2` repo advisory and their original conent follows. ## swift-nio-http2 specific advisory swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-nio-http2 to commit to a large amount of expensive work which it then throws away, including creating entirely new `Channel`s to serve the traffic. This can easily overwhelm an `EventLoop` and prevent it from making forward progress. swift-nio-http2 1.28 contains a remediation for this issue that applies reset counter using a sliding window. This constrains the number of stream resets that may occur in a given window of time. Clients violating this limit will have their connections torn down. This allows clients to continue to cancel streams for legitimate reasons, while constraining malicious actors.\",\n \"published\": \"2023-10-10T21:28:24Z\",\n \"updated\": \"2024-06-21T21:34:00Z\",\n \"affects\": [\n {\n \"ref\": \"55521fe9-aed2-403e-9df2-75fc5af90f54\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-server@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 55521fe9-aed2-403e-9df2-75fc5af90f54\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-server\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + }, + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-common@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: f4a06b14-3945-4381-b3dd-b46407b02b6b\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-common\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "ratings": "GITHUB - high", + "published": "2024-02-26T20:13:46Z", + "updated": "2024-05-02T18:38:19Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "id": "GHSA-rggv-cv7r-mw98", + "desc": "Description: ### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"bc8ec43b-7cba-4167-9a9d-901fcb443ac8\",\n \"id\": \"GHSA-rggv-cv7r-mw98\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Impact If an HTTP/2 connection gets TCP congested, when an idle timeout occurs the HTTP/2 session is marked as closed, and then a GOAWAY frame is queued to be written. However it is not written because the connection is TCP congested. When another idle timeout period elapses, it is then supposed to hard close the connection, but it delegates to the HTTP/2 session which reports that it has already been closed so it does not attempt to hard close the connection. This leaves the connection in ESTABLISHED state (i.e. not closed), TCP congested, and idle. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The client may also be impacted (if the server does not read causing a TCP congestion), but the issue is more severe for servers. ### Patches Patched versions: * 9.4.54 * 10.0.20 * 11.0.20 * 12.0.6 ### Workarounds Disable HTTP/2 and HTTP/3 support until you can upgrade to a patched version of Jetty. HTTP/1.x is not affected. ### References * https://github.com/jetty/jetty.project/issues/11256.\",\n \"published\": \"2024-02-26T20:13:46Z\",\n \"updated\": \"2024-05-02T18:38:19Z\",\n \"affects\": [\n {\n \"ref\": \"f4a06b14-3945-4381-b3dd-b46407b02b6b\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-common@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: f4a06b14-3945-4381-b3dd-b46407b02b6b\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-common\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-190" + ], + "bom-ref": "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9", + "ratings": "GITHUB - high", + "published": "2023-10-10T21:16:23Z", + "updated": "2024-06-21T21:33:57Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "id": "GHSA-wgh7-54f2-x98r", + "desc": "Description: An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\"Header too large %d > %d\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634", + "impact": 0.7, + "code": "{\n \"bom-ref\": \"c8bd5d7e-e9be-459c-b6e2-05de86a00bb9\",\n \"id\": \"GHSA-wgh7-54f2-x98r\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"high\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 190\n ],\n \"description\": \"An integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java 291 public void checkSize(int length, boolean huffman) throws SessionException 292 { 293 // Apply a huffman fudge factor 294 if (huffman) 295 length = (length * 4) / 3; 296 if ((_size + length) > _maxSize) 297 throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); 298 } ``` However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, `MetaDataBuilder.checkSize` allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. In `MetaDataBuilder.java`, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: ```java public void checkSize(int length, boolean huffman) throws SessionException { // Apply a huffman fudge factor if (huffman) length = (length * 4) / 3; if ((_size + length) > _maxSize) throw new HpackException.SessionException(\\\"Header too large %d > %d\\\", _size + length, _maxSize); } ``` However, no exception is thrown in the case of a negative size. Later, in `Huffman.decode`, the user-entered length is multiplied by 2 before allocating a buffer: ```java public static String decode(ByteBuffer buffer, int length) throws HpackException.CompressionException { Utf8StringBuilder utf8 = new Utf8StringBuilder(length * 2); // ... ``` This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. ### Exploit Scenario 1 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ffffffffff02. Each time this header is decoded: + `HpackDecode.decode` will determine that a Huffman-coded value of length 805306494 needs to be decoded. + `MetaDataBuilder.checkSize` will approve this length. + Huffman.decode will allocate a 1.6 GB string array. + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens. (Note: this can be delayed by appending valid huffman-coded characters to the end of the header.) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Exploit Scenario 2 An attacker repeatedly sends HTTP messages with the HPACK header 0x00ff8080ffff0b. Each time this header is decoded: + HpackDecode.decode will determine that a Huffman-coded value of length -1073758081 needs to be decoded + MetaDataBuilder.checkSize will approve this length + The number will be multiplied by 2 to get 2147451134, and Huffman.decode will allocate a 2.1 GB string array + Huffman.decode will have a buffer overflow error, and the array will be deallocated the next time garbage collection happens (Note that this deallocation can be delayed by adding valid Huffman-coded characters to the end of the header) Depending on the timing of garbage collection, the number of threads, and the amount of memory available on the server, this may cause the server to run out of memory. ### Impact Users of HTTP/2 can be impacted by a remote denial of service attack. ### Patches Fixed in Jetty 10.0.16 and Jetty 11.0.16 Fixed in Jetty 9.4.53 Jetty 12.x is unaffected. ### Workarounds No workarounds possible, only patched versions of Jetty. ### References * https://github.com/eclipse/jetty.project/pull/9634\",\n \"published\": \"2023-10-10T21:16:23Z\",\n \"updated\": \"2024-06-21T21:33:57Z\",\n \"affects\": [\n {\n \"ref\": \"d2a5e2bf-ead6-4768-866a-385166eb6709\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: d2a5e2bf-ead6-4768-866a-385166eb6709\n\n- Group: org.eclipse.jetty.http2\n\n- Name: http2-hpack\n\n- Version: 9.4.18.v20190429\n\n- Description: The Eclipse Jetty Project\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"EPL-1.0\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-295" + ], + "bom-ref": "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "ratings": "GITHUB - medium", + "published": "2018-10-18T18:06:08Z", + "updated": "2023-01-09T05:03:38Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "id": "GHSA-w4g2-9hj6-5472", + "desc": "Description: Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"f987bc98-65f5-402b-8b39-7e8e3e730ebe\",\n \"id\": \"GHSA-w4g2-9hj6-5472\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 295\n ],\n \"description\": \"Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.\",\n \"published\": \"2018-10-18T18:06:08Z\",\n \"updated\": \"2023-01-09T05:03:38Z\",\n \"affects\": [\n {\n \"ref\": \"2687d928-5b18-4ce5-ab4c-8ef513f0b48c\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.rabbitmq/amqp-client@4.4.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 2687d928-5b18-4ce5-ab4c-8ef513f0b48c\n\n- Group: com.rabbitmq\n\n- Name: amqp-client\n\n- Version: 4.4.1\n\n- Description: The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"MPL-1.1\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-400" + ], + "bom-ref": "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a", + "ratings": "GITHUB - medium, GITHUB - info", + "published": "2023-10-24T01:49:09Z", + "updated": "2023-11-05T05:04:23Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "id": "GHSA-mm8h-8587-p46h", + "desc": "Description: ### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \"A\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\"Send Finish\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\"Received Length : \" + s.length()); }else{ System.out.println(\"null\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"5acc2eee-8433-4a66-b9c5-3dcc7be5b29a\",\n \"id\": \"GHSA-mm8h-8587-p46h\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"medium\",\n \"method\": \"other\"\n },\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"info\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 400\n ],\n \"description\": \"### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * Use RabbitMQ 3.11.16 as MQ and specify Message Body size 512M (here it only needs to be larger than the Consumer memory) * Start RabbitMQ #### Producer * Build a String of length 256M and send it to Consumer ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Producer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); String s = \\\"A\\\"; for(int i=0;i<28;++i){ s = s + s; System.out.println(i); } amqpTemplate.convertAndSend(s); System.out.println(\\\"Send Finish\\\"); } } ``` #### Consumer * First set the heap memory size to 128M * Read the message sent by the Producer from the MQ and print the length ``` package org.springframework.amqp.helloworld; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.amqp.core.Message; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; public class Consumer { public static void main(String[] args) { ApplicationContext context = new AnnotationConfigApplicationContext(HelloWorldConfiguration.class); AmqpTemplate amqpTemplate = context.getBean(AmqpTemplate.class); Object o = amqpTemplate.receiveAndConvert(); if(o != null){ String s = o.toString(); System.out.println(\\\"Received Length : \\\" + s.length()); }else{ System.out.println(\\\"null\\\"); } } } ``` #### Results * Run the Producer first, then the Consumer * Consumer throws OOM Exception ### Impact Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer.\",\n \"published\": \"2023-10-24T01:49:09Z\",\n \"updated\": \"2023-11-05T05:04:23Z\",\n \"affects\": [\n {\n \"ref\": \"2687d928-5b18-4ce5-ab4c-8ef513f0b48c\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component com.rabbitmq/amqp-client@4.4.1 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: 2687d928-5b18-4ce5-ab4c-8ef513f0b48c\n\n- Group: com.rabbitmq\n\n- Name: amqp-client\n\n- Version: 4.4.1\n\n- Description: The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.\n\n- Licenses: [\n {\n \"license\": {\n \"id\": \"MPL-1.1\"\n }\n }\n]", + "start_time": "" + } + ] + }, + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-502" + ], + "bom-ref": "815a1358-2bd4-4028-bd3e-8219747c78f6", + "ratings": "GITHUB - unknown", + "published": "2022-01-06T23:55:09Z", + "updated": "2023-02-25T00:31:20Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "id": "GHSA-h376-j262-vhq6", + "desc": "Description: ### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"815a1358-2bd4-4028-bd3e-8219747c78f6\",\n \"id\": \"GHSA-h376-j262-vhq6\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"unknown\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 502\n ],\n \"description\": \"### Impact H2 Console in versions since 1.1.100 (2008-10-14) to 2.0.204 (2021-12-21) inclusive allows loading of custom classes from remote servers through JNDI. H2 Console doesn't accept remote connections by default. If remote access was enabled explicitly and some protection method (such as security constraint) wasn't set, an intruder can load own custom class and execute its code in a process with H2 Console (H2 Server process or a web server with H2 Console servlet). It is also possible to load them by creation a linked table in these versions, but it requires `ADMIN` privileges and user with `ADMIN` privileges has full access to the Java process by design. These privileges should never be granted to untrusted users. ### Patches Since version 2.0.206 H2 Console and linked tables explicitly forbid attempts to specify LDAP URLs for JNDI. Only local data sources can be used. ### Workarounds H2 Console should never be available to untrusted users. `-webAllowOthers` is a dangerous setting that should be avoided. H2 Console Servlet deployed on a web server can be protected with a security constraint: https://h2database.com/html/tutorial.html#usingH2ConsoleServlet If `webAllowOthers` is specified, you need to uncomment and edit `` and `` as necessary. See documentation of your web server for more details. ### References This issue was found and privately reported to H2 team by [JFrog Security](https://www.jfrog.com/)'s vulnerability research team with detailed information.\",\n \"published\": \"2022-01-06T23:55:09Z\",\n \"updated\": \"2023-02-25T00:31:20Z\",\n \"affects\": [\n {\n \"ref\": \"c19e7b95-5753-489e-b720-c9dd79f15cc8\"\n }\n ]\n}", + "results": [ + { + "status": "skipped", + "code_desc": "Component com.h2database/h2@1.4.197 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c19e7b95-5753-489e-b720-c9dd79f15cc8\n\n- Group: com.h2database\n\n- Name: h2\n\n- Version: 1.4.197\n\n- Description: H2 Database Engine\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"MPL 2.0 or EPL 1.0\",\n \"url\": \"http://h2database.com/html/license.html\"\n }\n }\n]", + "start_time": "", + "skip_message": "Manual review required because a CycloneDX rating severity is set to `info` or `unknown`." + } + ] + }, + { + "tags": { + "nist": [ + "SI-2", + "RA-5" + ], + "cci": [ + "CCI-002605", + "CCI-001643" + ], + "cwe": [ + "CWE-88" + ], + "bom-ref": "c8a50465-16df-44e0-84e9-7acff5870a51", + "ratings": "GITHUB - info", + "published": "2022-01-21T23:07:39Z", + "updated": "2023-08-18T15:47:05Z" + }, + "descriptions": [], + "refs": [ + { + "ref": [ + { + "source": { + "name": "GITHUB", + "url": "https://github.com/advisories" + } + } + ] + } + ], + "source_location": {}, + "title": "H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "id": "GHSA-45hx-wfhj-473x", + "desc": "Description: H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.", + "impact": 0.5, + "code": "{\n \"bom-ref\": \"c8a50465-16df-44e0-84e9-7acff5870a51\",\n \"id\": \"GHSA-45hx-wfhj-473x\",\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"GITHUB\",\n \"url\": \"https://github.com/advisories\"\n },\n \"severity\": \"info\",\n \"method\": \"other\"\n }\n ],\n \"cwes\": [\n 88\n ],\n \"description\": \"H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.\",\n \"published\": \"2022-01-21T23:07:39Z\",\n \"updated\": \"2023-08-18T15:47:05Z\",\n \"affects\": [\n {\n \"ref\": \"c19e7b95-5753-489e-b720-c9dd79f15cc8\"\n }\n ]\n}", + "results": [ + { + "status": "skipped", + "code_desc": "Component com.h2database/h2@1.4.197 is vulnerable", + "message": "-Component Summary-\n\n- Type: library\n\n- Bom-ref: c19e7b95-5753-489e-b720-c9dd79f15cc8\n\n- Group: com.h2database\n\n- Name: h2\n\n- Version: 1.4.197\n\n- Description: H2 Database Engine\n\n- Licenses: [\n {\n \"license\": {\n \"name\": \"MPL 2.0 or EPL 1.0\",\n \"url\": \"http://h2database.com/html/license.html\"\n }\n }\n]", + "start_time": "", + "skip_message": "Manual review required because a CycloneDX rating severity is set to `info` or `unknown`." + } + ] + } + ], + "sha256": "22b4ee8c7d3d66424b9fe6ad562b5434f836acc2fb780c89216dbea1d0c21bc7" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "bom-ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "group": "org.eclipse.jetty.alpn", + "name": "alpn-api", + "version": "1.1.3.v20160715", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "18383950cc83169b8ed61c03fd926e0c" + }, + { + "alg": "SHA-1", + "content": "a1bf3a937f91b4c953acd13e8c9552347adc2198" + }, + { + "alg": "SHA-256", + "content": "07be99758b699e194f70fb9784d94202dc6c98212877829e3d72b020f2660576" + }, + { + "alg": "SHA-512", + "content": "b9570b3323337dcdc192e640288633743736ef9206adc4cda88db7da77df49732bba0a4e85613225ffec32ac72c415a84fcd2353c04f8708dad85142a2b439f8" + }, + { + "alg": "SHA3-256", + "content": "c7e69d1f5833cd414f62dfb456a8dee75520366e88a1af4db9b76a14d800b356" + }, + { + "alg": "SHA3-512", + "content": "3a4c64a3cb12158119183584c79e5523bc2e460ae942a2927a9f5452e3b0c032442748f4e426466921a3d9f618095901f26a0de77f4e30650c8e22ee79da873c" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.alpn/alpn-api@1.1.3.v20160715?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.alpn.git/tree" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "group": "com.rabbitmq", + "name": "amqp-client", + "version": "4.4.1", + "description": "The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.", + "hashes": [ + { + "alg": "MD5", + "content": "1a2a6feac205524a636c06d86af2df2c" + }, + { + "alg": "SHA-1", + "content": "c442f6501595a6fb9c029409eca94888cc9a3106" + }, + { + "alg": "SHA-256", + "content": "fcbe7ddc4be88823b881f35c12bca55b561c795d03aefe746a0452029ec179cc" + }, + { + "alg": "SHA-512", + "content": "8d78db5a1a3939a20a10b33f41b2ca3adb746672b276e87cc08aabb84dd27a069755294bd23c483ecf0d25c0e669fddae6f96742dd127d8476a9d6a6f8e22e57" + }, + { + "alg": "SHA3-256", + "content": "4866a931a2e38b4b0b4bcec77f77e8b83edf3b4b527913f827767a926c8b3b24" + }, + { + "alg": "SHA3-512", + "content": "a1b503bd1f8762c0b0434af451f6a579b20225aa5f23548cd521e3f007c17fedaf2c9fd7667606c06bbb63cdfbfbce28800de9506bb2c2564020b34447d600c9" + } + ], + "licenses": [ + { + "license": { + "id": "MPL-1.1" + } + } + ], + "purl": "pkg:maven/com.rabbitmq/amqp-client@4.4.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.rabbitmq.com" + }, + { + "type": "vcs", + "url": "https://github.com/rabbitmq/rabbitmq-java-client" + } + ], + "affectingVulnerabilities": [ + "f987bc98-65f5-402b-8b39-7e8e3e730ebe", + "5acc2eee-8433-4a66-b9c5-3dcc7be5b29a" + ] + }, + { + "type": "library", + "bom-ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "group": "org.codehaus.mojo", + "name": "animal-sniffer-annotations", + "version": "1.14", + "description": "Animal Sniffer Parent project.", + "hashes": [ + { + "alg": "MD5", + "content": "9d42e46845c874f1710a9f6a741f6c14" + }, + { + "alg": "SHA-1", + "content": "775b7e22fb10026eed3f86e8dc556dfafe35f2d5" + }, + { + "alg": "SHA-256", + "content": "2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d" + }, + { + "alg": "SHA-512", + "content": "9e5e3ea9e06e0ac9463869fd0e08ed38f7042784995a7b50c9bfd7f692a53f0e1430b9e1367dc772d0d4eafe5fd2beabbcc60da5008bd792f9e7ec8436c0f136" + }, + { + "alg": "SHA3-256", + "content": "9b624360f936e928bc63bf44e475d8fd052148c0d0cc56c3c88c26429b430c08" + }, + { + "alg": "SHA3-512", + "content": "5f0a62a96445cfeaf101d2ddc56472621f5c3dafc54ad4b230a373012833b7da83e96af7c07b60a586768361b3bce3f3626ed2cc09fbbd84e840e0714d6344ee" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.14?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://jira.codehaus.org/browse/MANIMALSNIFFER" + }, + { + "type": "vcs", + "url": "http://fisheye.codehaus.org/browse/mojo/tags/animal-sniffer-parent-1.14" + }, + { + "type": "website", + "url": "http://codehaus.org" + }, + { + "type": "build-system", + "url": "http://bamboo.ci.codehaus.org/browse/MOJO" + }, + { + "type": "mailing-list", + "url": "http://markmail.org/list/org.codehaus.mojo.dev" + }, + { + "type": "distribution", + "url": "https://nexus.codehaus.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "group": "antlr", + "name": "antlr", + "version": "2.7.7", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "f8f1352c52a4c6a500b597596501fc64" + }, + { + "alg": "SHA-1", + "content": "83cd2cd674a217ade95a4bb83a8a14f351f48bd0" + }, + { + "alg": "SHA-256", + "content": "88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c" + }, + { + "alg": "SHA-512", + "content": "311c3115f9f6651d1711c52d1739e25a70f25456cacb9a2cdde7627498c30b13d721133cc75b39462ad18812a82472ef1b3b9d64fab5abb0377c12bf82043a74" + }, + { + "alg": "SHA3-256", + "content": "babce5c8beb1d5907a7ed6354589e991da7d8d5cbd86c479abfa1e1dfc4d2eb8" + }, + { + "alg": "SHA3-512", + "content": "3a8ce565280a157dd6e08fb68c317a4c28616099c56bc4992c38cf74a10a54a89e18e7c45190ce8511360798a87adc92f432382f9d9bdde0d56664b50044b517" + } + ], + "licenses": [ + { + "license": { + "name": "BSD License", + "url": "http://www.antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/antlr/antlr@2.7.7?type=jar" + }, + { + "type": "library", + "bom-ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "group": "org.antlr", + "name": "antlr-runtime", + "version": "3.4", + "description": "A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.", + "hashes": [ + { + "alg": "MD5", + "content": "0e0318be407e51fdf7ba6777eabfdf73" + }, + { + "alg": "SHA-1", + "content": "8f011408269a8e42b8548687e137d8eeb56df4b4" + }, + { + "alg": "SHA-256", + "content": "5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63" + }, + { + "alg": "SHA-512", + "content": "1786aff2df4664483adcb319e64be7b69b643ac9508c3f11796b5aa45b9072b46f53f0a21b2ff7291162afe81506de16161746273e4532ebad75adbd81203f0d" + }, + { + "alg": "SHA3-256", + "content": "3f6cf631e9f792a41128400f8690266d915c0588ef85073a6cae73624a155b10" + }, + { + "alg": "SHA3-512", + "content": "13d1f73c44e807b36946c21cfd506e91e8cbdf685b770cbc0dcb4e55ec28b5bc91bd90eb7f24ebfd13386a47eccf552dd2a1ab277fccabafdb7a9b40aa9d4fc5" + } + ], + "purl": "pkg:maven/org.antlr/antlr-runtime@3.4?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/antlr" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "group": "org.glassfish.hk2.external", + "name": "aopalliance-repackaged", + "version": "2.5.0-b32", + "description": "Dependency Injection Kernel", + "hashes": [ + { + "alg": "MD5", + "content": "99809f55109881865ce8b47f03522fb6" + }, + { + "alg": "SHA-1", + "content": "6af37c3f8ec6f9e9653ec837eb508da28ce443cd" + }, + { + "alg": "SHA-256", + "content": "32a44ed0258c00bb8f0acf7e4dbf000a377bd48702465f6195f878a6dc2024d6" + }, + { + "alg": "SHA-512", + "content": "5afda7e897fb1135e4cf8ceb1f9f2ae68521c6178552dbe38243461e8422d50011f379e4f66d237190e7609e2d1ba2e9c09267637ecd588d7e286c1a6bfb8b4d" + }, + { + "alg": "SHA3-256", + "content": "3808bbe7fc89ea384068d5edf32f4ebf61cead5fe0fff58c7ac13c23392b8860" + }, + { + "alg": "SHA3-512", + "content": "ea988d271b897cb61a17ddd642f7f31935711bb33710947a812e0c1ab3469077c45247a5224e55a9258bfcdfd502f64286064aa1063b2df07dc880a880e034e3" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/aopalliance-repackaged@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "group": "org.apiguardian", + "name": "apiguardian-api", + "version": "1.0.0", + "description": "@API Guardian", + "hashes": [ + { + "alg": "MD5", + "content": "e3695c130292987799af0d18754fa3fc" + }, + { + "alg": "SHA-1", + "content": "3ef5276905e36f4d8055fe3cb0bdcc7503ffc85d" + }, + { + "alg": "SHA-256", + "content": "1f58b77470d8d147a0538d515347dd322f49a83b9e884b8970051160464b65b3" + }, + { + "alg": "SHA-512", + "content": "127f7e6381642f3f0f8298e5129f31cae947b81c4867caaa419803e6dcfeee5da61f0262d2c10c8ad151f24e82f708ce81b2fda217c31dbb21794e6c9ec71e0a" + }, + { + "alg": "SHA3-256", + "content": "a0c6a10c739f2c5d18a639804edb717b2e100aec3ab73b5560e947c28b829f22" + }, + { + "alg": "SHA3-512", + "content": "54879680c4ac863b6eb3dd2528c02f8c977b127ed2a1d7e123e65baec3c9b33c3d80fd5f0de0cf43eb4f912b6899b2a4753f93bf9883d51e2fd8b8766df3e0c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apiguardian/apiguardian-api@1.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/apiguardian-team/apiguardian" + } + ] + }, + { + "type": "library", + "bom-ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "group": "net.sourceforge.argparse4j", + "name": "argparse4j", + "version": "0.8.1", + "description": "The command-line parser library based on Python's argparse", + "hashes": [ + { + "alg": "MD5", + "content": "8a3077fbee51bc51d0e140be455b6df5" + }, + { + "alg": "SHA-1", + "content": "2c8241f84acf6c924bd75be0dbd68e8d74fbcd70" + }, + { + "alg": "SHA-256", + "content": "98cb5468cac609f3bc07856f2e34088f50dc114181237c48d20ca69c3265d044" + }, + { + "alg": "SHA-512", + "content": "d9c1e626403b0ad0143fffb62a055b71aacb7d59c9957b232a2e7b7ab2cd9299932784d19e6ef8b0172736ab1625eb2d1e25101eaf1666acfc566b7fcd7c819f" + }, + { + "alg": "SHA3-256", + "content": "3b8a944e495c72b5d7e185effda10431dbe60cfa30c9e31d7cd5ebfdfe0fb20e" + }, + { + "alg": "SHA3-512", + "content": "718cec233f4b67bc0fe9210629202aa235aea2bf58a3cc65425cb9d43661d3002677c0534685e08cea3b86cdcb9c5021026c4efdb1820c9700158756bd6bc7b5" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/net.sourceforge.argparse4j/argparse4j@0.8.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/tatsuhiro-t/argparse4j/issues" + }, + { + "type": "vcs", + "url": "https://github.com/tatsuhiro-t/argparse4j" + } + ] + }, + { + "type": "library", + "bom-ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "group": "org.assertj", + "name": "assertj-core", + "version": "3.9.1", + "description": "Rich and fluent assertions for testing for Java", + "hashes": [ + { + "alg": "MD5", + "content": "b6b5e7d7ab3e4368244ce2ed48b77b2f" + }, + { + "alg": "SHA-1", + "content": "c5ce126b15f28d56cd8f960c1a6a058b9c9aea87" + }, + { + "alg": "SHA-256", + "content": "b433d96281d663d8f97d7b2eda24f6d05345ef3bd7bf9a4ed440d75728bfdb00" + }, + { + "alg": "SHA-512", + "content": "153df8b2394db5c54db79930a26ce45ac8ddcaacbaeb800988c41f17d4f39356a32ba8d17fbe143c412a79c2006e53cc1877b409f880e43d96888801bf92766a" + }, + { + "alg": "SHA3-256", + "content": "da01a0373df89903d5d40eabb595618fb15b14b7cd6420598b85d05bc72242fa" + }, + { + "alg": "SHA3-512", + "content": "8bf381925a0fb7635e8fafbf1b75930a8b129dd3ae9db2ec9d079ad12442a73eb92d34fa454bc3684b7ad59ee2e40cc1509c8a93f1dcded39368fa78b499cbe1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.assertj/assertj-core@3.9.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/joel-costigliola/assertj-core/issues" + }, + { + "type": "mailing-list", + "url": "http://groups.google.com/group/assertj" + }, + { + "type": "build-system", + "url": "https://assertj.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/joel-costigliola/assertj-maven-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "group": "net.bytebuddy", + "name": "byte-buddy", + "version": "1.9.7", + "description": "Byte Buddy is a Java library for creating Java classes at run time. This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.", + "hashes": [ + { + "alg": "MD5", + "content": "3038371407163c76c89749c3a7c458b0" + }, + { + "alg": "SHA-1", + "content": "8fea78fea6449e1738b675cb155ce8422661e237" + }, + { + "alg": "SHA-256", + "content": "69a9140c11de463789a1badfe6c3dcdc17608c4304cb443c5c3a179585b78b39" + }, + { + "alg": "SHA-512", + "content": "20547c1915d941c170b855babf102b6d4b7b651cb76d4328fdc5e67be4cfb898e22d76512b2ed402ba2486ba4954ee75e1753e7de6303a94201ee12056ffb2b7" + }, + { + "alg": "SHA3-256", + "content": "fa80df92900c958e6c9c957552698a20f0a817a309947ee232b97c699db77d3e" + }, + { + "alg": "SHA3-512", + "content": "50b10f18e33843c1ec103ce809a83698f785de2675dd6f1da386db8c6158a6539e6b93ec2e10d1c82c819c3cf4c1f33ca9c2cd68a21d0a5520a707acb7a072fb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ], + "affectingVulnerabilities": [ + "4ad3464b-09c7-40fa-ab51-754f3f196cd4", + "0cdbb69e-0ac6-4efd-ad09-2f8ead5b2aad" + ] + }, + { + "type": "library", + "bom-ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "group": "net.bytebuddy", + "name": "byte-buddy-agent", + "version": "1.9.7", + "description": "The Byte Buddy Java agent allows to access the JVM's HotSwap feature.", + "hashes": [ + { + "alg": "MD5", + "content": "f2c5583a5856a1b68275f70fca2f96fc" + }, + { + "alg": "SHA-1", + "content": "8e7d1b599f4943851ffea125fd9780e572727fc0" + }, + { + "alg": "SHA-256", + "content": "145ce0fab5390374e69b2b4070d65fedaa2b07c3cfad06b330bea1b6dcfa826f" + }, + { + "alg": "SHA-512", + "content": "3b1344ae23e91e02a4465848757f3436f5a51ff58f8a0fe47b032ce5097086a985d927eb23507cc7b29b7a8917ab22942f039949b376f3f27708d3da232e7afb" + }, + { + "alg": "SHA3-256", + "content": "0fc9f6c6083208ef913a49fd9d61d7202477d6ed4c26e0324f4475e656b4fbd6" + }, + { + "alg": "SHA3-512", + "content": "75a397fe519f03352763554688a7e6432c028b2b154a0553d5d647f7873eb5f066e83f454092438a48976f99cfc0c4b7a41b033852129b9cbc29d09cb22f6ec4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.bytebuddy/byte-buddy-agent@1.9.7?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/raphw/maven/ByteBuddy" + }, + { + "type": "issue-tracker", + "url": "https://github.com/raphw/byte-buddy/issues" + } + ] + }, + { + "type": "library", + "bom-ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "group": "org.checkerframework", + "name": "checker-compat-qual", + "version": "2.0.0", + "description": "Checker Qual is the set of annotations (qualifiers) and supporting classes used by the Checker Framework to type check Java source code. Please see artifact: org.checkerframework:checker", + "hashes": [ + { + "alg": "MD5", + "content": "b6fb2610dacd211a3e2c3d8af1b60d0f" + }, + { + "alg": "SHA-1", + "content": "fc89b03860d11d6213d0154a62bcd1c2f69b9efa" + }, + { + "alg": "SHA-256", + "content": "a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b" + }, + { + "alg": "SHA-512", + "content": "fdecc20efd6943426e7f8bdfb8bef9d28258f9f934cf29090e2f5b297c501454606cc28593cd7d089a5c14f6d2dcafc59f4606053405d7f91d623a0e3202f4a8" + }, + { + "alg": "SHA3-256", + "content": "6332c0be53250aaf67b95786e10337e1134ca645aed3b4cc596c68a3555c07fc" + }, + { + "alg": "SHA3-512", + "content": "74780f6c4d9e615c5be2f7149540721bfccd43e71b2d912054b98cf4f1a5ae5506497eca9c76f9e09f988d988bba8a1ec0588684379722044d894594dc787ea4" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.checkerframework/checker-compat-qual@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/typetools/checker-framework.git" + } + ] + }, + { + "type": "library", + "bom-ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "group": "com.fasterxml", + "name": "classmate", + "version": "1.4.0", + "description": "Library for introspecting types with full generic information including resolving of field and method types.", + "hashes": [ + { + "alg": "MD5", + "content": "85716d3adddffaaacb5e316be6681bf0" + }, + { + "alg": "SHA-1", + "content": "291658ac2ce2476256c7115943652c0accb5c857" + }, + { + "alg": "SHA-256", + "content": "2829acc59abf4aa6b72579697a0391c0fc69df7772ae59c58e0237f909cd6803" + }, + { + "alg": "SHA-512", + "content": "0bb96809e508b3ec20f8da070cdf5c795b71e17311a1a7d09818a93410ceb60cbbd95482c2d13bb920d391f5a5eee3a959cf739533a94f6539775458fe7229d0" + }, + { + "alg": "SHA3-256", + "content": "2cb64a48cd3ca0136553131ce87fe52d5a0f322334d65fbab60132df09d3c8d6" + }, + { + "alg": "SHA3-512", + "content": "56fb69f960f9e15c7dedc17d8d762c03bbae850180c2911ace44c4b7e1f0ce4a6dcad784e6acf01d63cad81a2d3746e4863a8d43a4d78e620506bf125d9340ec" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml/classmate@1.4.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://fasterxml.com" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/java-classmate" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "group": "commons-codec", + "name": "commons-codec", + "version": "1.11", + "description": "The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "567159b1ae257a43e1391a8f59d24cfe" + }, + { + "alg": "SHA-1", + "content": "3acb4705652e16236558f0f4f2192cc33c3bd189" + }, + { + "alg": "SHA-256", + "content": "e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d" + }, + { + "alg": "SHA-512", + "content": "d9586162b257386b5871e7e9ae255a38014a9efaeef5148de5e40a3b0200364dad8516bddd554352aa2e5337bec2cc11df88c76c4fdde96a40f3421aa60650d7" + }, + { + "alg": "SHA3-256", + "content": "90ec34f9701a8b212c65e6167c505ea6417289f910deedcac8517075b8349728" + }, + { + "alg": "SHA3-512", + "content": "101bc04efae2bd16d7923e61bca922c4a006b0e4b34909e0f8865196cb4df4f4f6269737c17880b4dfd0309cb487b806e88d09c6e1a7dc70237563b3f4312f7f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/commons-codec/commons-codec@1.11?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/CODEC" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/codec/trunk" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "group": "org.apache.commons", + "name": "commons-lang3", + "version": "3.8.1", + "description": "Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.", + "hashes": [ + { + "alg": "MD5", + "content": "540b1256d887a6993ecbef23371a3302" + }, + { + "alg": "SHA-1", + "content": "6505a72a097d9270f7a9e7bf42c4238283247755" + }, + { + "alg": "SHA-256", + "content": "dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68" + }, + { + "alg": "SHA-512", + "content": "fb0fe98385496a565678a000c26a3245082abfbf879cc29a35112b4bf18c966697a7a63bb1fd2fae4a42512cd3de5a2e6dc9d1df4a4058332a6ddeae06cdf667" + }, + { + "alg": "SHA3-256", + "content": "4e708ddf8ed0c6dbd8c6bba07e06425b5d263d899884b91bf11f86ec0d6f8463" + }, + { + "alg": "SHA3-512", + "content": "f43e89519e803e976f7b4d756d934be802ab36077cf2dc38dd9aa901eaf7104e58157859f45ccef7b38e072007a60f17270923e2ed7eabd41a4c776dee1458e1" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.8.1?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/LANG" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-lang.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "group": "org.apache.commons", + "name": "commons-math3", + "version": "3.2", + "description": "The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.", + "hashes": [ + { + "alg": "MD5", + "content": "aaa32530c0f744813570ff73db018698" + }, + { + "alg": "SHA-1", + "content": "ec2544ab27e110d2d431bdad7d538ed509b21e62" + }, + { + "alg": "SHA-256", + "content": "6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2" + }, + { + "alg": "SHA-512", + "content": "80fb66a51688c4247b957f9787921e5acb9144d71a4ab0b03b2c30f46427e50c53e6e31ca5ddb04dab2cf5e7c0eedae168103c719f8074be464918ab2e4d6e6d" + }, + { + "alg": "SHA3-256", + "content": "4e5c701b4c417493bdb70d4c3f3bfb6019a6eec3c5f17dcce028158de624318c" + }, + { + "alg": "SHA3-512", + "content": "3a19552d33cbe62a0d174efa39054fbe5e23f7cb466c46616c27480381f232daa2c64c868b354ed965c5d84fbfece08e30e59bc672e3891baf2bb8141b5db8c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-math3@3.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/MATH" + }, + { + "type": "vcs", + "url": "http://svn.apache.org/viewvc/commons/proper/math/trunk" + }, + { + "type": "build-system", + "url": "http://vmbuild.apache.org/continuum/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "group": "org.apache.commons", + "name": "commons-text", + "version": "1.2", + "description": "Apache Commons Text is a library focused on algorithms working on strings.", + "hashes": [ + { + "alg": "MD5", + "content": "c0aec8d4d92fc9e1a4752884f5f880f0" + }, + { + "alg": "SHA-1", + "content": "74acdec7237f576c4803fff0c1008ab8a3808b2b" + }, + { + "alg": "SHA-256", + "content": "d4a57bbc1627da7c391308fd0fe910b83170fb66afd117236a5b111d2db1590b" + }, + { + "alg": "SHA-512", + "content": "97ca47f05b18a8dd67a253bae7d5ec6adab93a061c2565615773f0efc07382193c9ce29ed1f8abdd67dbe62b033e17bf2f71f67a3db2a99abb7aa3215b541c11" + }, + { + "alg": "SHA3-256", + "content": "5527aa3ffcd1303fac2779f9908f3a39bd3745c03a840fbc106aa952d5a0a128" + }, + { + "alg": "SHA3-512", + "content": "1b87bf1800138c403b67c273346fc7ea721fac09903e8cf6b11f8cfa57f2f91c577000834ad1f38e2b21f695685ea6c03ae9bd21323fe4a7690c7dca3344e350" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.commons/commons-text@1.2?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/TEXT" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=commons-text.git" + }, + { + "type": "build-system", + "url": "https://builds.apache.org/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/commons-user/" + }, + { + "type": "website", + "url": "https://www.apache.org/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "group": "com.github.spullara.mustache.java", + "name": "compiler", + "version": "0.9.6", + "description": "Implementation of mustache.js for Java", + "hashes": [ + { + "alg": "MD5", + "content": "9245fdbf50ad59ea81781ebdaa8cdb02" + }, + { + "alg": "SHA-1", + "content": "1b8707299c34406ed0ba40bbf8513352ac4765c9" + }, + { + "alg": "SHA-256", + "content": "c4d697fd3619cb616cc5e22e9530c8a4fd4a8e9a76953c0655ee627cb2d22318" + }, + { + "alg": "SHA-512", + "content": "d29e5022a4e7c99a8cc4b9f171471cf3e96103aeed26f32ae7a5db38e62811b3dc97e47ce8659c0b430fd11f1cb3f679c5465cab0458d7a474fba7e78a987887" + }, + { + "alg": "SHA3-256", + "content": "e17ec4a48044d5cbc941cdd9020fdda30b5402c2d533bec6a910729293d2aa89" + }, + { + "alg": "SHA3-512", + "content": "7e61b2eb36f9e239c4e2679c529d87ab2b2ed0ecb8537cbbd89b604bfce9b09ed716c2a95a80cf9a75eee2d0b85a2958e44bc6540ba5b22f163090a5912c6ad6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/spullara/mustache.java" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "group": "org.dom4j", + "name": "dom4j", + "version": "2.1.1", + "description": "flexible XML framework for Java", + "hashes": [ + { + "alg": "MD5", + "content": "f5710c1d5f5627ae5ce850a0b12ea87a" + }, + { + "alg": "SHA-1", + "content": "3dce5dbb3571aa820c677fadd8349bfa8f00c199" + }, + { + "alg": "SHA-256", + "content": "a2ef5fb4990b914a31176c51f6137f6f04253dd165420985051f9fd4fb032128" + }, + { + "alg": "SHA-512", + "content": "547da0752ffb12ce40800449376f2f7e20f053f816de4ae8adf1a4fad5a3b87ce4e98e95650671a6c9cdcbbf7c20a4b61e711e5ae8d324c923d508bcb07e02e1" + }, + { + "alg": "SHA3-256", + "content": "e0d00e2f06b89df74355383e657d0b7b2a67b4fe3b5de58967eaa27fa0efad90" + }, + { + "alg": "SHA3-512", + "content": "00e4ce0afa1bff9f0abd1d9fd07d76157f26347b4d6931314f6f082c528bb5e60c32eb9bb16c23f5adc5ee5dcb902135fed2a4a5cb3995afb143f1fe1f938959" + } + ], + "licenses": [ + { + "license": { + "name": "BSD 3-clause New License", + "url": "https://github.com/dom4j/dom4j/blob/master/LICENSE" + } + } + ], + "purl": "pkg:maven/org.dom4j/dom4j@2.1.1?type=jar", + "affectingVulnerabilities": [ + "55ebe39e-12f6-4360-aeba-9913ef7efb68" + ] + }, + { + "type": "library", + "bom-ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "group": "io.dropwizard", + "name": "dropwizard-assets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3719b35ea00aaf249df2f6c237e0d461" + }, + { + "alg": "SHA-1", + "content": "f2aa63c48a04fc2fdbbc43d3bb25c306417c30ab" + }, + { + "alg": "SHA-256", + "content": "81df72b28d351db2a8df88899ef172c3fefc8135149e6e5016c3f88db340fdcf" + }, + { + "alg": "SHA-512", + "content": "1136296518c97a285e68b0bbd6800c3183b8cd208e2b316ecf0e6b24147b278559e479705b7df3ce83913df5b8d93108afd20ca91ddfaa23d1924d6534f82d11" + }, + { + "alg": "SHA3-256", + "content": "fe44aa9d27c700520603cec3f51df630e228e0f73d1c450e01c3f9e21f02610e" + }, + { + "alg": "SHA3-512", + "content": "ef1c4284b016ba0c303aa74ce20271314cdd9c63686837c73b55656eacf0a22f2d3d883732f6e513dac055842b6b1c1d0e9fa970c7017d969b82ef1c77b2f8de" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-assets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "group": "io.dropwizard", + "name": "dropwizard-auth", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "b70d5efcdd606fa0dc0d866a0ba76e0b" + }, + { + "alg": "SHA-1", + "content": "b232e9397558341feed096a54e04e32ab81c7aad" + }, + { + "alg": "SHA-256", + "content": "94927a479eb07d3cab2242750463569dd6da9c75908b93986dab8c2eda5300b7" + }, + { + "alg": "SHA-512", + "content": "33c794f002c01a3f2880aef2b64b12af4a1d612bc2e7e751f24d65a178e49f7b2158c00486515b1392c340471d7a5e52d73259da7673c32d6b9dfc3870eeffa6" + }, + { + "alg": "SHA3-256", + "content": "d13a6eedc14842abeadc3c0e773ff1bd759de2157099a8df5d62ee1d6da1f949" + }, + { + "alg": "SHA3-512", + "content": "c5ae17254f77d668b20aa32542daf77ef398d428fc34601e6e6aebb8f0676fc8c16c5f0dc8906b58f7ecef3623e29386d296aff07d7f7d54618591da72edb88d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-auth@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "group": "io.dropwizard", + "name": "dropwizard-client", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a7e212ddc51872656b8cde14c6375558" + }, + { + "alg": "SHA-1", + "content": "774ee66da2e18ddb9757c309a9f288a7a95d4ab5" + }, + { + "alg": "SHA-256", + "content": "e1f12b97fab5cbfbefd54f7206f708b1abb767f7db2979ee67a12cced9145af7" + }, + { + "alg": "SHA-512", + "content": "a15aa34a681004c1c41380a85f0f99b5117e426bfbac1bef90fade5f9644443b63e74caf9022fa53fde98eddc915ce52ed37c59a06257b7c21b9fc55367f9995" + }, + { + "alg": "SHA3-256", + "content": "77d63d4f7774e74722101d0e3fe4a3d7aa1aa0dac2d95f823cacf7ea445d372b" + }, + { + "alg": "SHA3-512", + "content": "3856b47365e22680311c71e7740f4327786a88af275fe7d2f6a44b34dc12227b3a76396d87c101c31994993d2fa78db6fbfcffc848c5739d5bc9231186fe4681" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-client@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "group": "io.dropwizard", + "name": "dropwizard-configuration", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "a53483c0d1034d24eb068eacc2b18cc2" + }, + { + "alg": "SHA-1", + "content": "64ede8340cf7e51e9d679876bb8873b5e4900bcb" + }, + { + "alg": "SHA-256", + "content": "a579796dd6a5476f35a7d3e3fde89321c0f1e5afb6c2fcfecf34b1d1b7c2db57" + }, + { + "alg": "SHA-512", + "content": "fc3e2bfe3e0b9ec39a09a6735fa477ea2296d4dbbda6f92a4bf624f3ecdc4e0a226a44f3e433a74e6343012012e1e80b483483696ae6b846249167e5255f207e" + }, + { + "alg": "SHA3-256", + "content": "851afb7c02c5ef78a1b4d8e4a6ac6393b1d105643a4de355a767fa665e44aa13" + }, + { + "alg": "SHA3-512", + "content": "b837c8c006d5909453293a262a826ea24a533a89f9a7c53a67129b3597a07a77b5ba0e95f391806087ee7f82cb12592e6149dbf26bf75fc0c54cab84a9b2c56d" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-configuration@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "group": "io.dropwizard", + "name": "dropwizard-core", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "74aec7bf09a957081b1f607b25bfd532" + }, + { + "alg": "SHA-1", + "content": "53889ab39746957180bddc1636f6680eca0db5d7" + }, + { + "alg": "SHA-256", + "content": "a2799ff0fa69d1b0945f9170e6dd29cdd77ed9618ab48abbfcc56111e85effb5" + }, + { + "alg": "SHA-512", + "content": "1fb1b50c2575c36cb518f48e9153a1253d11c0c5e4576dd3866df0d5171694c8507d8f9b78ca983749dd6a8156b81ceac66e8012583d2bb1d6e55c0f5920fd3f" + }, + { + "alg": "SHA3-256", + "content": "19e5d7375794f5eece12bb30304c2a7fec0076902c1bfba468ee96d9ac83f110" + }, + { + "alg": "SHA3-512", + "content": "b955d7c995291eddc86eee34f8c75301f580c4ce6431053b94f197c03f15ed90cc02025214d7ba1864ba76b809af2c2afe8942b5595993ba81a57078b2946852" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-core@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "group": "io.dropwizard", + "name": "dropwizard-db", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d9ddd3b9a686d7332cdec2628f5b752e" + }, + { + "alg": "SHA-1", + "content": "88dfe54a2b0b04d4254c39b5929a6bccb73c0fb8" + }, + { + "alg": "SHA-256", + "content": "718fc5d891166a4febb26f92560148b8b7a1c39a9f4c5719ca7380974430634f" + }, + { + "alg": "SHA-512", + "content": "3615d6aa65fb7df9f5338d2bd4bccff6e0cebbaceaa067bae04e43a7a1a6852157b23f929ea6a6212fe2928b8b1c6ad3282dfe4c37e60e77df7eea3b716105d5" + }, + { + "alg": "SHA3-256", + "content": "e49bcfe1ce234abeefb3fe5f739322eba64b36ebb0a13cca193da7ab496d29fd" + }, + { + "alg": "SHA3-512", + "content": "6ff81a052e35eb6a923c2af9dea65ab43048e5a839ff8cb94dfd2d13d8666f2ce5bf3160bbd98ef81bea4f7b5e42f8019d4f25e1d93c16411027c8e3e40c4c90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-db@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "group": "io.dropwizard", + "name": "dropwizard-forms", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4038942f9fa1f452cc8ab9fb395e0dae" + }, + { + "alg": "SHA-1", + "content": "171287fe38f430ed81bef0dc5808a6f58f01bd48" + }, + { + "alg": "SHA-256", + "content": "cf55b3d0ae45c0b905380a374a3bfd14fee33f3ec5b5f16a046dc66d505ab4c4" + }, + { + "alg": "SHA-512", + "content": "89e4509a55811c296371099ff91850faa32992eede0f9224c25f395a4d93560f0a4a846060bedc1747fe3bf5a4596b928a4237894292dcbe23762b4ae9c40ea3" + }, + { + "alg": "SHA3-256", + "content": "f205cd66f09419d7e958c1c9be0bb3c3226c74a34cefa4a092474612532ae5c2" + }, + { + "alg": "SHA3-512", + "content": "6f336ddb136efabe64b158f60f11dbcccf606df36600a2195d5cac15d2900f5625ba8eb5a0dba213f4e27386423233e5214f9b188f77816d08e75435cb8047f5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-forms@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "group": "io.dropwizard", + "name": "dropwizard-hibernate", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "449361636c3b63eb9d3acb08c1d36297" + }, + { + "alg": "SHA-1", + "content": "56eda4258aa81aa3abde8e6663bbe6297b870495" + }, + { + "alg": "SHA-256", + "content": "5589a9532d592c6dead117b5990386c178a81d4ec7cb8eab9888a576ce47d24d" + }, + { + "alg": "SHA-512", + "content": "bc121e23e932a8989bb81eb72ce3a65822406dd1b9358f9169f2db7c817585420d7725b0e4a011e8ac82b64879167437180a55469a9aa21ec706d9953f4f8e96" + }, + { + "alg": "SHA3-256", + "content": "782695767ab3f4bd238716842e98c56c4311098d142b388ecb08e92159a85873" + }, + { + "alg": "SHA3-512", + "content": "5e6c66c0cf9fa889b516e485cd233af2234b3e2a4f82962b03c59e95a731392744be7fde88f13c3576141b8866dfb6e6915ed20183a6b06e6aa11226ebaec623" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-hibernate@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "group": "io.dropwizard", + "name": "dropwizard-http2", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "fdc320175f8ebf1f5931a5f8943cfc32" + }, + { + "alg": "SHA-1", + "content": "b8573b698da0fe8b2cf30becf2d4c069085e230b" + }, + { + "alg": "SHA-256", + "content": "c21be0fb74a7e086a39d48f464ffb0b730dc8c2292935f8f6524aa217c36f135" + }, + { + "alg": "SHA-512", + "content": "67759f73350a276e2dda77608f16e2fb6d2b2908af7bb5fc83687508793bd27bcc6998c570945e4ec3e49caeeb05e9ee4d3d4fdb8a77b2147bbc5fd1d1c573e3" + }, + { + "alg": "SHA3-256", + "content": "085dd33c5b983cd03552e8eb69e47ae5a3de85aa363175526e5470bce0f4f69b" + }, + { + "alg": "SHA3-512", + "content": "43a4af9e25df30b2e3c561f921bcdbebc9d782b94faa85f8706e1c79ca77bdeae161b18a4f707509599564115d49152ac03f7bab14bb2cb9d130a4975d8f7315" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-http2@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "group": "io.dropwizard", + "name": "dropwizard-jackson", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "cce5d50fb36cf2ccb1f6020cf2c53092" + }, + { + "alg": "SHA-1", + "content": "498fdd1b14e0341fa4b2ed480520d632470709c0" + }, + { + "alg": "SHA-256", + "content": "1ddb7e6852bcc605f52e5dd4927a532e6e4f6970e8477329cc0cf6e02bcb11bb" + }, + { + "alg": "SHA-512", + "content": "54920733f634fff24fa42e16048e60cbcd8ca9e348c4dae5e8eb6d1606e36d86ba8c32f49a9fb00418a9e2038781599383cc3c1d01353d8e5117d4c366f414e5" + }, + { + "alg": "SHA3-256", + "content": "6dfe904993c5350ef8f04f9eea9335ea5f5179e9d02b2cc057426f96a0aeb485" + }, + { + "alg": "SHA3-512", + "content": "d2e9bddc00edf43a43bc91ee0e74cbf3beff49627fc02fee1870888cc552a9e7a2a518149f0b628a744d5ae00a4f47b3912edba8081c0b5f40e3b289a7fe0822" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jackson@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "group": "io.dropwizard", + "name": "dropwizard-jersey", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "5d4b25a8d01ef9534d6291f004ca8421" + }, + { + "alg": "SHA-1", + "content": "5045bfc77cd931d0020e9d67ef5d3d47916d978f" + }, + { + "alg": "SHA-256", + "content": "3e03434acca7bf73d6e8dc72239d41b28e087200d3cd3759b26319aa49c5cccf" + }, + { + "alg": "SHA-512", + "content": "389fdc36005f478f75687d796f147800d81bafca189233ba7bd6bad263ced8ba2bed450b73b7a2ebe14750186da51970f006835c7dbf6380f5535bece7bb947d" + }, + { + "alg": "SHA3-256", + "content": "7c9a03749ca86a271678b15d9278890b605bf1fe85927c07d4412f481483c45f" + }, + { + "alg": "SHA3-512", + "content": "59da92cfc19ce969cfbb29f597519cdb692d838d191a93d02a6014d896091a8669bd6ed5ddff39bcaabd14866106131be23b6a984b6a8a7813fd655faede4b81" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jersey@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "group": "io.dropwizard", + "name": "dropwizard-jetty", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3e61f73e3ad1a7c63d7b16bcfc6038a0" + }, + { + "alg": "SHA-1", + "content": "bd34674496ae9997dd20d88a9fcda937bd21840e" + }, + { + "alg": "SHA-256", + "content": "7657190b578c7647d3e6d91de4a959580320a0317378b210d9a416635f4e1384" + }, + { + "alg": "SHA-512", + "content": "cb92715afa048b32d0879593f9709d558e4b1b6aa468802b8a1d08b7b6b1fa72eae12c8658c329ef0d8e073fb7a1bab4a9b833bac2887ccaa5d953625470f4db" + }, + { + "alg": "SHA3-256", + "content": "38e8c121e10d2af68bdde88d8136622d76139d018df01b944c7708c8dd9cefe6" + }, + { + "alg": "SHA3-512", + "content": "7cfe066ea4e585b3bc0077332b0a08db9f998e9d83b95480cc148054895728ea72fe5e3b20e249f603e96cbe09ee9985eea527f207d88abef0914b19940af1d5" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-jetty@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "group": "io.dropwizard", + "name": "dropwizard-lifecycle", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "52e054873a8e62623e81231c43cd56a9" + }, + { + "alg": "SHA-1", + "content": "f26a5a8be815680b9d6fcf4df7495c33ff403f80" + }, + { + "alg": "SHA-256", + "content": "20abb321d0095312b8d618b30533d84b12f37d9c3e7bfc473ce205a56a8cf4a5" + }, + { + "alg": "SHA-512", + "content": "fc9ae0ff1d4c94b2456777d6e7b68a8017ff13a04fb49f85344904f6b010fc638f33e8e6ebf9119a450232e5e74c70a8ed55b980afe47d827f320019ab9973a7" + }, + { + "alg": "SHA3-256", + "content": "cba7094cc6a46821fab3edc413e5d07c36e78b7760ba6c5e44df94acaaca98e8" + }, + { + "alg": "SHA3-512", + "content": "daba93cc2420eab38f11389a1eabd408713855ea97772dd87d6be05cd8cf60de1e2de303785721daa85f61e246e75c4bbeaf7602a580d88b2585c090d8957dab" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-lifecycle@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "group": "io.dropwizard", + "name": "dropwizard-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "8f56476f15da17fb8aff8d06a8cd39c9" + }, + { + "alg": "SHA-1", + "content": "3df1411464adf080b5ac7360926eacab3f5120d7" + }, + { + "alg": "SHA-256", + "content": "fcaaf6bcb2f29a0443f4740d5515f6a8b12a0c38e626fa6a503d9bb685275a38" + }, + { + "alg": "SHA-512", + "content": "32435101cf0981814396444592a7d805d35d073fff7c06b2ae1551e6cc6ac7e7686cc740dec87a05a15026cc4d89b208986c770cbf999e3993980c8e4112db47" + }, + { + "alg": "SHA3-256", + "content": "2d848583811a6d544b4212f63805bdf65b849da145e4fa3f6be66d387e34a5e5" + }, + { + "alg": "SHA3-512", + "content": "2daa20182aeebbcd99ff706f08f3a10a68db0ff2874ed93811eb8922b71ca2bb516213ae53eff4efc412c5ea1a940268d9a832fe8e680151f5cacbfe62ec5844" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "group": "io.dropwizard", + "name": "dropwizard-metrics", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "231e9b5003b31c72836118b2b60e6b9c" + }, + { + "alg": "SHA-1", + "content": "4dcf98534424a25e2666c714e0bb4f8ce6c7cc61" + }, + { + "alg": "SHA-256", + "content": "fe67a902fa099d798179aaf8cb73fa2881e18a820b762422e9e25bda84968304" + }, + { + "alg": "SHA-512", + "content": "80d4133cdc506a51f34bdfa35f9e79d11d9e1a6cfbda6d13e10035a286f200a172314aa52b737a7bc4d8a334b6725c20a45cb4d8cb56dabdbbd8378e9aa1b355" + }, + { + "alg": "SHA3-256", + "content": "55e8d3aae67454a70282570b80e4a5b50d19cede8ed6db54609bdba3b7291309" + }, + { + "alg": "SHA3-512", + "content": "88be53fa6a98860edd603e40320f2d59206e08451a11356e089f28bcb9ee36586012f9cb6d0c63ca6b85b527f8f0434c3aa1e3619cf607883a7aed8817fdbdfa" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "group": "io.dropwizard", + "name": "dropwizard-metrics-graphite", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "014be7a674c15f505dc0816c5c544314" + }, + { + "alg": "SHA-1", + "content": "d5be85278fe138a4736bc0e229c73dcd1de2b400" + }, + { + "alg": "SHA-256", + "content": "0739188661d32b28544377073c1966d29a56ea9e28776b5ae7e201c50c580f09" + }, + { + "alg": "SHA-512", + "content": "f2e433cc520f4e49d62cf5af209d353629409d9b1ad3f1b6613d0bc1790a575f528bc88784e0b2517ea044e46e9e67ecef5b1d02cc7f6c1a510d75457bea2c16" + }, + { + "alg": "SHA3-256", + "content": "dba4bed00333d55d4dc55ddd9b9815fdb3b9b575faeae3ba8ff19ef949ee6f61" + }, + { + "alg": "SHA3-512", + "content": "24a0c90e1f97326dd032e5c657792d6623c727efa7144891be439e00bff5323f4e3e9d35e34005b7348ec92f97f3c4210aeb4b7e15930ef7a910735d0f982d62" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-metrics-graphite@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "group": "io.dropwizard", + "name": "dropwizard-migrations", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "3d2f7b15b764e2906916c0d4bfc75bc6" + }, + { + "alg": "SHA-1", + "content": "74a81b867ab00475910d013fe18d4a788984cccf" + }, + { + "alg": "SHA-256", + "content": "156a9c79a74c81d173637d613a9931451188228bea38cce621f63f51bee1c2f9" + }, + { + "alg": "SHA-512", + "content": "3cfff65847ee29772f5c8f091557373ce3dfa59974e82c0bbfd0eaa636fdf91361b753e777810d0f5878c4b5534ef555a5b260af29a6be9af0851c4a2de56c5e" + }, + { + "alg": "SHA3-256", + "content": "1150637f334a3f0354d00cc21e7e180e8fd647ba3b9f6028c4eafd30c614c157" + }, + { + "alg": "SHA3-512", + "content": "8340a3fb797a8fdeedfc31e50c5d28ad3b3eb204f262f45f390c1a8c3a8ff798cb2f8235d97dd9bbe6947d2d986bb4b91d332f5d0ed23fb7dc0bece454b29d90" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-migrations@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "group": "io.dropwizard", + "name": "dropwizard-request-logging", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "4ed78ec6ad895643d486a210151c6da3" + }, + { + "alg": "SHA-1", + "content": "fcd1015d1762059bd9aa27ee06f7fff9a9857d7b" + }, + { + "alg": "SHA-256", + "content": "1795c56717239e25f835211356963f307f596d0efdd16550337ffccbab08bbf3" + }, + { + "alg": "SHA-512", + "content": "f8c521200f29a6301fd92d87eb21ffb765d7c2a05f65fdbfa572955f91b6870604628df1b0f18d4c3d73482d1398bc5730fa2744c6b19b51f909758d614e4de8" + }, + { + "alg": "SHA3-256", + "content": "5cde2026d5ac54d5b1baac22503608eaef11b8753954473d0102d5f87565f944" + }, + { + "alg": "SHA3-512", + "content": "8d0dfb8c508948c131f0f92b8debf3a9f7ed3f1ec8e1dc4341a68132658143dcecaf890cc11aa22ff9e1959e96a51f311d15ca6d49bc7090c71c9457fedaca29" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-request-logging@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "group": "io.dropwizard", + "name": "dropwizard-servlets", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "c738851aae5f6e431c4bad54ef8bd30f" + }, + { + "alg": "SHA-1", + "content": "f93e103f42b677e1fdeca6fb6cb6c22353a78b57" + }, + { + "alg": "SHA-256", + "content": "b5c9432f659aad54fbe25209366a5c93a43f2c8a0cc5428440c28f3576a5bf61" + }, + { + "alg": "SHA-512", + "content": "07fff649594cf8bf3eb10bad998cc0ccb5fe1049d21c47ca3321b6187eed0f480caa52c5683e454f9abcf107f1e3d6fa5e3d6858e4d250ba65a36e81dd20c5ee" + }, + { + "alg": "SHA3-256", + "content": "eb28576f779876ffe7218c4b596ba2f2f302daa85375fc57784da3d050062086" + }, + { + "alg": "SHA3-512", + "content": "e2ce67e331b95a1e7dea43a174e3e4a1b0c9653716c4378656114d54b1858fa818142f2afee7ffeb86439b7dec848a09eee12efa963be0c00b71d038051c448b" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-servlets@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "group": "io.dropwizard", + "name": "dropwizard-testing", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "800103447329e58030242b6bfc2e9cca" + }, + { + "alg": "SHA-1", + "content": "cee4838ba05de7920309985229df59917ff6e58a" + }, + { + "alg": "SHA-256", + "content": "d52ef3eda88a2b93e01731b035bbd277eb4d395c3a076c6f5cd6a3874f17e433" + }, + { + "alg": "SHA-512", + "content": "c2ccc3c13d2007b728574b1c3df388043c2517ed3efb8256dde9c09ebbed6c18ac5e7f3281ce7b35b9e2c969124772ef0062234bfb195c27898b0674fa0900a4" + }, + { + "alg": "SHA3-256", + "content": "f7fba2c7f9ccb345c29c4e52bcda601a6528d20527f32af63f8cadfaeca04a0f" + }, + { + "alg": "SHA3-512", + "content": "e0c421a568cf98a63432088a1b5f18382cce3095db4ce8cfd1ccba7e9dc95aa7d2ec365b1d8b25614c4700d28f7f75744acac96c5358de4c50946fea4a2a2e5f" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-testing@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "group": "io.dropwizard", + "name": "dropwizard-util", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "e73fff60736c50b06c0afcfb5d5f003c" + }, + { + "alg": "SHA-1", + "content": "4e2a956ce355a40fb7e1c8d5772eab956a8f7f5c" + }, + { + "alg": "SHA-256", + "content": "3bc2379c8d410405cab54636b1b8129a53e5227acc6cb286adea720fa73f03f0" + }, + { + "alg": "SHA-512", + "content": "3a1b826aa9ff4fe9543aaff7b5f5d191164cc0a488365158502eb2c52b5e215ea96395767f2feed880376c3b569ea672414ef951667ea5628236920dbf2026bf" + }, + { + "alg": "SHA3-256", + "content": "9cadcfa4c2db331cc05c069a66d1445d3a156605a75f8741eb80935834ae56a4" + }, + { + "alg": "SHA3-512", + "content": "df9fc0e1dcebe145a5cfff74ca87470923f0163f78ead0a93bf5b4f1c905ad5aaf7034891ae0cab005927cbbbea86546f1222e7f271c90cb4d3b0f745f8cb78e" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-util@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "group": "io.dropwizard", + "name": "dropwizard-validation", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "0557207f6f05c684958ff0c524ed97de" + }, + { + "alg": "SHA-1", + "content": "d82c4a2157cd8b4ed6f85d12fcc5f63e7f2ee9d2" + }, + { + "alg": "SHA-256", + "content": "6141e64cfed3633ad729e9d343eac4bfa475232c90c83c178f02da2d4c3e7360" + }, + { + "alg": "SHA-512", + "content": "e3f832e4b6ea092229b2ecbfad0790170a086b043be74c58cd2f0169cae4fc219d4a7163e6e581350efc7441dd8908e7cfe395b19c802e93834443eb45888d67" + }, + { + "alg": "SHA3-256", + "content": "95187066ffe37d52916b0ec33bce13baa8d76afa80502c4526205fb3721c01bc" + }, + { + "alg": "SHA3-512", + "content": "39a0130b80426db95faba737c484fb2e0c1db64f8e81e21cffcbd0b27b4dff4c4334cf9698b0c067549d0e8adaf7669dce867f2ad962c25f647b35829fbfee61" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-validation@1.3.15?type=jar", + "affectingVulnerabilities": [ + "f2fa9b19-418a-4901-9840-a8631227701e", + "00bc944f-fead-400b-8bbd-0c5b56ba2b14" + ] + }, + { + "type": "library", + "bom-ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "group": "io.dropwizard", + "name": "dropwizard-views", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "ffa529c90a76cf83b7468c63c24c2da9" + }, + { + "alg": "SHA-1", + "content": "27b9dfe51ed0740b2359c28eca9942388247f877" + }, + { + "alg": "SHA-256", + "content": "69ba25bd9f7b5577aa29b79337b3e716be629a784a83d9a2af1456a556800dfd" + }, + { + "alg": "SHA-512", + "content": "818f881806c644bfd0518d2864d1f0c2c6b132e6b81ca1e4b272e20ab91294e954805f986f55ba5389b9ffa5c6573dde827929d6a82b8b4066b2344d003e0f40" + }, + { + "alg": "SHA3-256", + "content": "021a6eba574c0c79246d1a8b446c4655f5a7183e24fcc9df010bffb11ea680f2" + }, + { + "alg": "SHA3-512", + "content": "9ed4dd16ddabeaf7e7933cdef7911ac194a14a93a4a8a4d057554dfc094ca5ed84090922e6b5e53f23a24af582209c8d5a9b50521d3b35132a32e74399d5e055" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "group": "io.dropwizard", + "name": "dropwizard-views-freemarker", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "d78343dfbf1f4c99fc5115aea93b6382" + }, + { + "alg": "SHA-1", + "content": "9b64dcbd00e184c4683a8a44ae4ff4726595c73c" + }, + { + "alg": "SHA-256", + "content": "621f2168b343cc24618b63e5c0c07ca330eef8e1f930c1a4c374ab210fd5ea44" + }, + { + "alg": "SHA-512", + "content": "19298c6ae1500e0c16575b55d30f2ab34cbab881cd735fefc203118c326dd4a47604f8f8d595b32cec4ecbaae032129d2ede99dc36325bc8f4a18ffa5e786aeb" + }, + { + "alg": "SHA3-256", + "content": "1870845187ef726d85d29ee42ccc35b66018304d23167f614b79a7deb3768e2c" + }, + { + "alg": "SHA3-512", + "content": "389d2cd752a7269b28815c723ed68700c47c0f5f6780df2bc35f18eb3ea4b77cdc18ca83d556f4de80c1f3e434f399f73b03a76b88d1da2af520b09195a938c1" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-freemarker@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "group": "io.dropwizard", + "name": "dropwizard-views-mustache", + "version": "1.3.15", + "hashes": [ + { + "alg": "MD5", + "content": "99d7beaccb842cbe8a68c37361e665df" + }, + { + "alg": "SHA-1", + "content": "1a2a4e775b77f452893189020c2e34d60c0235a2" + }, + { + "alg": "SHA-256", + "content": "19ce7554a48be097bac2b3c51f55fe468c7253a60d1a43683ae830cfe06a58e3" + }, + { + "alg": "SHA-512", + "content": "1f24026f35f9a4e4316d04ac41a7cdcf440fc510075e5f8297a55b63d95d3f1e5deb06acd8ef9a61b73fbf1fc054ea370c6d74ed1a06aa19ba673069aebad294" + }, + { + "alg": "SHA3-256", + "content": "7856836a099d2a7f326dbc033442e49b176213fd340a8b2aa2d9dea3a9175ab6" + }, + { + "alg": "SHA3-512", + "content": "af431eff733b17b92ae1718165b3b10e103376bb216e63b8e39284f3572b69926084937fd370a42a018f62389744a7212a0c68959e0e76950ad751ba3ba9745a" + } + ], + "purl": "pkg:maven/io.dropwizard/dropwizard-views-mustache@1.3.15?type=jar" + }, + { + "type": "library", + "bom-ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "group": "com.google.errorprone", + "name": "error_prone_annotations", + "version": "2.1.3", + "description": "Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/", + "hashes": [ + { + "alg": "MD5", + "content": "97504b36cf871722d81a4b9e114f2a16" + }, + { + "alg": "SHA-1", + "content": "39b109f2cd352b2d71b52a3b5a1a9850e1dc304b" + }, + { + "alg": "SHA-256", + "content": "03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8" + }, + { + "alg": "SHA-512", + "content": "bd2135cc9eb2c652658a2814ec9c565fa3e071d4cff590cbe17b853885c78c9f84c1b7b24ba736f4f30ed8cec60a6af983827fcbed61ff142f27ac808e97fc6b" + }, + { + "alg": "SHA3-256", + "content": "5c7b2ffc8d4073700647681ed44dd783049648aa8e174f37d2510339a65f5466" + }, + { + "alg": "SHA3-512", + "content": "3f05def83905268da5044c8bd6fbf62b89499d77351b56a357de8d27ef872c6c300385a6bca009590d61be90a39a0f417c4d8358a13b09847ba0452ef416db06" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.errorprone/error_prone_annotations@2.1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/google/error-prone" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "group": "net.jodah", + "name": "expiringmap", + "version": "0.5.6", + "description": "A high performance thread-safe map that expires entries", + "hashes": [ + { + "alg": "MD5", + "content": "fd4b2d42dac784648fe6fd1b2b612d12" + }, + { + "alg": "SHA-1", + "content": "11833abbdd64050d455187f374dc096944f9ffb0" + }, + { + "alg": "SHA-256", + "content": "06f1ac1fdb0044a83bbf5cd55e86f88ded92175cb2a7a0b57ba53eb011600a52" + }, + { + "alg": "SHA-512", + "content": "3e7bf8da26296f1de8da960e4f8b9b25962d3db1a941c0818c649174c61bf571a6c7b0336b154be104c853a8fa148cd0f007f8a210a98854036a09fe1069eded" + }, + { + "alg": "SHA3-256", + "content": "a421ccc1ee40dad4e7239f21862e7f35a8eb6493d3eccf6e245202d1f3d1e9a8" + }, + { + "alg": "SHA3-512", + "content": "2ebbaf3eb9f96fcd4cc5b5c28e68d8a6d1aa8735dca7d763cc18daeeec2706d3370384c535dad32463ba8da92ee8a3ddfecd7f2559847772829782964d05a0aa" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/net.jodah/expiringmap@0.5.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "group": "org.freemarker", + "name": "freemarker", + "version": "2.3.28", + "description": "FreeMarker is a \"template engine\"; a generic tool to generate text output based on templates.", + "hashes": [ + { + "alg": "MD5", + "content": "c5e35d814518da7b0247d42311b8e296" + }, + { + "alg": "SHA-1", + "content": "7200064467a935052f99d114c2c05c3d189bc6d6" + }, + { + "alg": "SHA-256", + "content": "de92d103d3a86c2287307218ff50dc1c941de283f7b9e1fb23e93fc7220838bf" + }, + { + "alg": "SHA-512", + "content": "44435cb2b6ba02abacdc4a21bea44a2dc50faa1b486fc5b2f79097a68f1f98ca24aa835448ac5dec33a1869eed1b8a32ac285e95fdabbdafaa810d575951894e" + }, + { + "alg": "SHA3-256", + "content": "d55883bf61b72d616dcd12e87d6f90b3b1fc761fcbcf5b8f3860e17bb34fc654" + }, + { + "alg": "SHA3-512", + "content": "7664cb34b0598e0eec19ecba1fba7b83ff09b574bf2320b84a09016d88aaabf902460e3bcd2b2290f59988462b8594e817eebcd777321608762dc141c1335a20" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.freemarker/freemarker@2.3.28?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://apache.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.apache.org/jira/browse/FREEMARKER/" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/freemarker-dev/" + }, + { + "type": "vcs", + "url": "https://git-wip-us.apache.org/repos/asf?p=freemarker.git" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "group": "com.google.guava", + "name": "guava", + "version": "24.1.1-jre", + "description": "Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.", + "hashes": [ + { + "alg": "MD5", + "content": "361459dd415a18e4750b7fa0cdd9e747" + }, + { + "alg": "SHA-1", + "content": "2e3014320a8005e3f3c1800cb246ed42db8cab81" + }, + { + "alg": "SHA-256", + "content": "490c16878c7a2c22e136728ad473c4190b21b82b46e261ba84ad2e4a5c28fbcf" + }, + { + "alg": "SHA-512", + "content": "f7b02666ecd26e8865d4f6040a14a87d08e38124a625252594b05fa9d1a00e7c5a1fd30c5bd08ca9399bad50eef5fcaf7c95e17a59a2462ac42d7fdd4aaf516c" + }, + { + "alg": "SHA3-256", + "content": "182f368980a8c526ec88c65acd877738fe2bad06b72ab9756edb66f2b281d083" + }, + { + "alg": "SHA3-512", + "content": "245bcf15e331889bceb96faa2f9f67baf442fe1cb291601fa92a0e3327382a636d30788939d8f0ccd05a735b8149637e3d44c7e13a636a19950d0e7a33ae9517" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.guava/guava@24.1.1-jre?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/google/guava" + }, + { + "type": "issue-tracker", + "url": "https://github.com/google/guava/issues" + }, + { + "type": "vcs", + "url": "https://github.com/google/guava" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ], + "affectingVulnerabilities": [ + "b7a12947-7a8d-4031-b59d-640d33dbad6a", + "bb03c210-ea12-450d-85df-17d81a75ede2" + ] + }, + { + "type": "library", + "bom-ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "group": "com.h2database", + "name": "h2", + "version": "1.4.197", + "description": "H2 Database Engine", + "hashes": [ + { + "alg": "MD5", + "content": "f9893acfa22b7fe1492dd9c515af2e5b" + }, + { + "alg": "SHA-1", + "content": "bb391050048ca8ae3e32451b5a3714ecd3596a46" + }, + { + "alg": "SHA-256", + "content": "37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842" + }, + { + "alg": "SHA-512", + "content": "aa4af17f766a1cfb0326d0301e1c40fc884b27e73aed4e60141d284275da70f483a3ce54d65f79f9ba66e9a53c5a68102dfc5e40a36e9d2c0a2aa9a7f7321688" + }, + { + "alg": "SHA3-256", + "content": "ef7da52a3b656aee47bc85b9e98db3bb91d7f079d19012787fbbd65c32151203" + }, + { + "alg": "SHA3-512", + "content": "1a5538cc48c5b99e496ee5924f80df410fecc555e3619a79b8c6204156dc333cf0cbebae05bca5a8144ab89b2f2fe4802080128d76b1e94a51acced8aedb4354" + } + ], + "licenses": [ + { + "license": { + "name": "MPL 2.0 or EPL 1.0", + "url": "http://h2database.com/html/license.html" + } + } + ], + "purl": "pkg:maven/com.h2database/h2@1.4.197?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/h2database/h2database" + } + ], + "affectingVulnerabilities": [ + "815a1358-2bd4-4028-bd3e-8219747c78f6", + "c8a50465-16df-44e0-84e9-7acff5870a51" + ] + }, + { + "type": "library", + "bom-ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "group": "org.hamcrest", + "name": "hamcrest-core", + "version": "1.3", + "description": "This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.", + "hashes": [ + { + "alg": "MD5", + "content": "6393363b47ddcbba82321110c3e07519" + }, + { + "alg": "SHA-1", + "content": "42a25dc3219429f0e5d060061f71acb49bf010a0" + }, + { + "alg": "SHA-256", + "content": "66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9" + }, + { + "alg": "SHA-512", + "content": "e237ae735aac4fa5a7253ec693191f42ef7ddce384c11d29fbf605981c0be077d086757409acad53cb5b9e53d86a07cc428d459ff0f5b00d32a8cbbca390be49" + }, + { + "alg": "SHA3-256", + "content": "f679af77deedf69b3c3066f7916583848c6fd32a950f9c0b0e2ef1da121717ba" + }, + { + "alg": "SHA3-512", + "content": "bca821931e438a1977b7b4356b5f8cebf485634f82159d505c48267c34e6a0f4fde9c2917331365f66dc0e52e2ca3a2db5256863584110c27ecebefc28741f63" + } + ], + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:maven/org.hamcrest/hamcrest-core@1.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/hamcrest/JavaHamcrest" + } + ] + }, + { + "type": "library", + "bom-ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "group": "org.hibernate.common", + "name": "hibernate-commons-annotations", + "version": "5.0.1.Final", + "description": "Common reflection code used in support of annotation processing", + "hashes": [ + { + "alg": "MD5", + "content": "2a9d6f5a4ece96557bc4300ecc4486fb" + }, + { + "alg": "SHA-1", + "content": "71e1cff3fcb20d3b3af4f3363c3ddb24d33c6879" + }, + { + "alg": "SHA-256", + "content": "9431ca05c335f9b6ec550f5d65ad56047a5f336e2d41cce4067591d20c4e51df" + }, + { + "alg": "SHA-512", + "content": "5714692bef862355cf7f9fcf82aa663321da193920adf4b584fe69f559535555c4c53858a2465410ffb990aad7847124dbea28ed95dcec5df525a1164288791f" + }, + { + "alg": "SHA3-256", + "content": "60cf1ea8120252eaa90e0e86662f4d0b97f718c3c6c09422f2b85c1b36222ea5" + }, + { + "alg": "SHA3-512", + "content": "a2972a8464a8b38468994ef496d6e816262eef6e9422f4c83d5eb998aea4134ac1160726c71fb577df664064fa13c564c52c6fa577ad2477515291ed825fe79c" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HCANN" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-commons-annotations" + } + ] + }, + { + "type": "library", + "bom-ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "group": "org.hibernate", + "name": "hibernate-core", + "version": "5.2.18.Final", + "description": "The core O/RM functionality as provided by Hibernate", + "hashes": [ + { + "alg": "MD5", + "content": "a5e6ac320c1b5fd739d213dc050cfc29" + }, + { + "alg": "SHA-1", + "content": "c1861a015d47f55ffc6cb120216d17af177e0b90" + }, + { + "alg": "SHA-256", + "content": "4688003fc081063f0d73f43424b309bac9bd8589fecb5767e0ad26788a5bfdff" + }, + { + "alg": "SHA-512", + "content": "1b8c1f0d64ec27e8daf8b4b9b1be9511d0a5e99573836c527c79f026048c5acfe10aeda34a5b0c77bf30fc6ebd92976838eb43a065f192e9871531116d686b37" + }, + { + "alg": "SHA3-256", + "content": "ce9cffadac4242733e7743f88c0abb2f659526e54ddab26e60a180cd658a0782" + }, + { + "alg": "SHA3-512", + "content": "4e4006d93d10553191cf914ab76f486f222e82ca30d81d786913142c599f6463be48892b5fdb4b5e3dec75c20290f11a0f3d3600dcc306bff81c114e24eba66a" + } + ], + "licenses": [ + { + "license": { + "name": "GNU Lesser General Public License", + "url": "http://www.gnu.org/licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-core@5.2.18.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://hibernate.org" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/browse/HHH" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-orm" + } + ], + "affectingVulnerabilities": [ + "1f182b73-afb8-424c-8e08-533a0f702076", + "8ba20df5-3877-4825-a8f2-b52e2d2f86d8" + ] + }, + { + "type": "library", + "bom-ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "group": "org.hibernate.javax.persistence", + "name": "hibernate-jpa-2.1-api", + "version": "1.0.0.Final", + "description": "Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details", + "hashes": [ + { + "alg": "MD5", + "content": "01b091825023c97fdfd6d2bceebe03ff" + }, + { + "alg": "SHA-1", + "content": "5e731d961297e5a07290bfaf3db1fbc8bbbf405a" + }, + { + "alg": "SHA-256", + "content": "ab46597e3a057f99c8339fffe14c1d27f9dbd2409ae840c62121b00d983c78bd" + }, + { + "alg": "SHA-512", + "content": "696dd1548504c9ea8d8526411e81bee8b752f12861979da2707d1059b35a8ccb3f018a1d4e2d12436e7c9daec8e63b97fcf980e03032981867cea63d4301f3da" + }, + { + "alg": "SHA3-256", + "content": "fdbf800d9175e82d7e68f9829f1372b65768252d3e165dfeee9c0345b817b8be" + }, + { + "alg": "SHA3-512", + "content": "8e1e5baa5e4b6f67019bad7ed90a9abf41096ff00b62c9d6f326a756b8ee7e5b62d41068441aa5d9050369a1000a5fbd7898155cb8b18e80367e9cb7c0d3b137" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/org/documents/edl-v10.php" + } + } + ], + "purl": "pkg:maven/org.hibernate.javax.persistence/hibernate-jpa-2.1-api@1.0.0.Final?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/JPA" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-jpa-api" + } + ] + }, + { + "type": "library", + "bom-ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "group": "org.hibernate", + "name": "hibernate-validator", + "version": "5.4.3.Final", + "description": "Hibernate's Bean Validation (JSR-303) reference implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "ccae8426d40e4fa16ecde928b84965f6" + }, + { + "alg": "SHA-1", + "content": "7c3d91629e81937b33dffd5b170956ef9c76af97" + }, + { + "alg": "SHA-256", + "content": "8abc0fb282075e145efe50d742f4512bb1f2c0222e78e7562f34f8809cf22d25" + }, + { + "alg": "SHA-512", + "content": "38c1bc5692588fabc86904f75dd3481ca13be43bfda2f33278cb91a0ae229c7abd0f095989fa23e25b78aff51b2b7232f271579e13bd062595e498f9c92ea830" + }, + { + "alg": "SHA3-256", + "content": "176d9129f2812df9a71514c72d0ffe1efb86ceb73310ebeee2b416bf752c65f4" + }, + { + "alg": "SHA3-512", + "content": "0fec7612fa9d4698e183cc954381e172a3f8cf188a1b2e0518a39f9cd4cb15163720183d306d050757e2d979a3a1d224a3edd7e9c2ee59b938df48e4f4eb1342" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.hibernate/hibernate-validator@5.4.3.Final?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "http://ci.hibernate.org/view/Validator/" + }, + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://hibernate.atlassian.net/projects/HV/summary" + }, + { + "type": "vcs", + "url": "http://github.com/hibernate/hibernate-validator" + } + ] + }, + { + "type": "library", + "bom-ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "group": "org.glassfish.hk2", + "name": "hk2-api", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "93322931c4ec277c5190c7cddf7ad155" + }, + { + "alg": "SHA-1", + "content": "6a576c9653832ce610b80a2f389374ef19d96171" + }, + { + "alg": "SHA-256", + "content": "b3fe4f295ab8e74ea9d641717dc55e5768f1e5db3709e84235346a4d6bcde5c2" + }, + { + "alg": "SHA-512", + "content": "9f143940ff31e6abdc5bce5223c12ea91fe1852338f317aa614221bec67bd5252ef905075d78125ba777ff2f36c5d39fe35a5b3876ea19255fc91da949179d00" + }, + { + "alg": "SHA3-256", + "content": "7dbffae41a1edb93e525d9841a6831f574fc408edb7568b5b192d7b026aeb750" + }, + { + "alg": "SHA3-512", + "content": "594dc7b77f5a85574331483bbc2b795c1456fe174b55ca7253519a8fe94bd914167face505c561f3829c9738b7d9e7f80421f5b97427952cdd78fe388c17c282" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-api@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "group": "org.glassfish.hk2", + "name": "hk2-locator", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "5baf0f144cf8552a9fe476b096fc18a7" + }, + { + "alg": "SHA-1", + "content": "195474f8ad0a8d130e9ea949a771bcf1215fc33b" + }, + { + "alg": "SHA-256", + "content": "27cacf80e8c088cc50f73b56344b779bdb7418e590a037659ab66b2b0cd9c492" + }, + { + "alg": "SHA-512", + "content": "4b8819cfb299d4b5be13fee8c5a04c803010abe7636eab9d126a40a41bc79131753ff09ea062c624c6ecc5785749b120a3f6f0411307eb05b74e6bc46a1bd410" + }, + { + "alg": "SHA3-256", + "content": "3b0c862b6be53e5a085e9caf77f6a90fe45365dc58cc4a69cf1bd13e20b91536" + }, + { + "alg": "SHA3-512", + "content": "9d3acd0f1048b63ca1c30a864463d10c3b2d724d4d245c2bc0116dbd8597772fecb9ace1601d60d9abae9058a2b9fc50422333be583189e00b31c3bbd21c59de" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-locator@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "group": "org.glassfish.hk2", + "name": "hk2-utils", + "version": "2.5.0-b32", + "description": "${project.name}", + "hashes": [ + { + "alg": "MD5", + "content": "acc873aece4f8e89814ac0300b549e3e" + }, + { + "alg": "SHA-1", + "content": "5108a926988c4ceda7f1e681dddfe3101454a002" + }, + { + "alg": "SHA-256", + "content": "3912c470e621eb3e469c111f4c9a4dee486e2ce9db09a65b7609e006b6c3d38e" + }, + { + "alg": "SHA-512", + "content": "1d100879b218d4ed75760514b78a3833f43f67126691dc7cab6566af8488c4cb9e72258b649f8a4eef0376813c25df326ba29d6f29c275e8f75e549cfc17fdf5" + }, + { + "alg": "SHA3-256", + "content": "699d1fba60b9403b292ce22cb0db2d6b070a1152531afe3f2c08a5196779b3a9" + }, + { + "alg": "SHA3-512", + "content": "47ad643c3727bb9fb45b6748e4da67c4788aeac69783c56c60f73ccf37f979972f699ffa96714056c551cb29109dba6722ac3b57004eea1ae47f8833f9c73d34" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/hk2-utils@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "group": "org.eclipse.jetty.http2", + "name": "http2-common", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d4f0dede20f81acfb53f97c01fae71cf" + }, + { + "alg": "SHA-1", + "content": "6e3306d394aaaf41876220a818fb639faf5963b0" + }, + { + "alg": "SHA-256", + "content": "d402e22a14230a49a93e045dc922d62ab330f99b26b928ca3fc6c6761941f601" + }, + { + "alg": "SHA-512", + "content": "79af5a27a59a8706769cb2d500869029bf1c6762bbc4908ffea56bc57f578e14d46e271e8fa2d40fa68dc8fc0e33cf297186df8b4b231db50547d98a10d0d6c4" + }, + { + "alg": "SHA3-256", + "content": "edba30c10f03aaa94eec187d3709ca23d1082d555e0031dbddbcb21a2e6cd451" + }, + { + "alg": "SHA3-512", + "content": "4d4d7e9a24b0d2f0814f071f0b352a104b2c91974213c10ca434c4d119c3ca15ac679f06f5aea3586ef11e5b4280d9db505ef8f4b63b19893c07cdf646d03a15" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "bc8ec43b-7cba-4167-9a9d-901fcb443ac8", + "affa7af3-427f-4223-8028-d9ac45e80e08" + ] + }, + { + "type": "library", + "bom-ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "group": "org.eclipse.jetty.http2", + "name": "http2-hpack", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0323c6dd472c456a99d068f171cbd661" + }, + { + "alg": "SHA-1", + "content": "aa5f5c2b0cec925ad7f2e73a1dc7a3b3dc496e87" + }, + { + "alg": "SHA-256", + "content": "7f2fde0ed27abe088933dcd5b1516e6ed08701ff19aa8b00d12a4ef30344c9bf" + }, + { + "alg": "SHA-512", + "content": "075e9b42f4204aabb15fb1e0f0e08ac67b6a2ea4dff9bcd69db778fc0868d1959b38c4ac3e5a4738b8c3acab26f8416ea8c89d2e4fa66e474ca366e14ee55ebd" + }, + { + "alg": "SHA3-256", + "content": "f4680627e9212635d69a27456bcc815eec595a64d9541b572a7d16667cfb7636" + }, + { + "alg": "SHA3-512", + "content": "efb34683d51d2c09abc7894f5cbf7957041449f66e78f50bc4aeeed48fbcb92bcbe60713b084346ce93d0552955f7b8c53a3c557386894959d27667b8ac808ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-hpack@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c8bd5d7e-e9be-459c-b6e2-05de86a00bb9" + ] + }, + { + "type": "library", + "bom-ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "group": "org.eclipse.jetty.http2", + "name": "http2-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "9c82833f49671905299a1a0d0edc031d" + }, + { + "alg": "SHA-1", + "content": "6d0ca7e7ee2e5d55fb6fb03c4c1a248b1dc3d31d" + }, + { + "alg": "SHA-256", + "content": "99f96c3656c87d674d069ec1039a6fd7cbd979bb81a083823a04bd529c73308e" + }, + { + "alg": "SHA-512", + "content": "49a9f2c895244d0a632e5b267661f99e812d8e90299085df37479667517ad991575808d97d32204f34bf8a130804d4d2b87c9405d3e61b6d9d410d62a25373f6" + }, + { + "alg": "SHA3-256", + "content": "866de2610f4bbe4ce7b551b31f7f9a51e26e9607e54f112de194b3d92bd90132" + }, + { + "alg": "SHA3-512", + "content": "447c34744cdc616cf90742043ee49c431823ff46e745417eac6d21b78d1e9a00b36c1c93b0e291187e00e7c4d5d9b6a98f32afcc9d0671b63a02cd23f48f37ac" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.http2/http2-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c3fdf61d-7886-423b-8a29-b6ab6790c127", + "affa7af3-427f-4223-8028-d9ac45e80e08" + ] + }, + { + "type": "library", + "bom-ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "group": "org.apache.httpcomponents", + "name": "httpclient", + "version": "4.5.7", + "description": "Apache HttpComponents Client", + "hashes": [ + { + "alg": "MD5", + "content": "deed71468af21d6f0cf02bf853ac02ec" + }, + { + "alg": "SHA-1", + "content": "dda059f4908e1b548b7ba68d81a3b05897f27cb0" + }, + { + "alg": "SHA-256", + "content": "807e9c73f27a4b19dd04b1b67126532fc74b0a37bd8d13fbad073ad74d078330" + }, + { + "alg": "SHA-512", + "content": "459349c2482338644578502cbdfeb7110c3eaaa71f8bbc715d53556b186f16ad1256244e752cec7c32c66f77e08228bdadf7c9138542b0aa8e845a249e2e0bac" + }, + { + "alg": "SHA3-256", + "content": "9e5093efad2b3a44e71b077eae4ca7df86e2fd2ad78d5ca25541e4316ce631c8" + }, + { + "alg": "SHA3-512", + "content": "f16fb6262810546026c6c68842f69eb17831669e444cafb75832ae3567f47407504424c13fea596e9c02ccf853f6b55d54a904cbf2d21e171f77cc615d740014" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.7?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCLIENT" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ], + "affectingVulnerabilities": [ + "8c0002e8-9326-40f7-9209-51020755ff02" + ] + }, + { + "type": "library", + "bom-ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "group": "org.apache.httpcomponents", + "name": "httpcore", + "version": "4.4.11", + "description": "Apache HttpComponents Core (blocking I/O)", + "hashes": [ + { + "alg": "MD5", + "content": "9299550b06219959d0f2223b1a8bb337" + }, + { + "alg": "SHA-1", + "content": "de748cf874e4e193b42eceea9fe5574fabb9d4df" + }, + { + "alg": "SHA-256", + "content": "d799522d579aac06b170603f8f080f6e3248dadc01f9652cdd7ea7bc318c21ce" + }, + { + "alg": "SHA-512", + "content": "1f45a26f97e5488bf1985f5f5c88c5e2744f46d422040708f7641deb14bb04561bcec35c9284c1dce606fcdcb768edc3ef970ef965bd6bb591ec362dfd417c74" + }, + { + "alg": "SHA3-256", + "content": "0807acdffb841394a948175382b04dfdb49087e19212851dbb63fbfadfae6f5f" + }, + { + "alg": "SHA3-512", + "content": "10f7974d10971a2c0911a1050e3418e898c4255300a120959ef38f546d10dc5ba5217a32a53a21577613ca13034a8200393b0b7ddee0b195f26b92f3e6b2f1cf" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.11?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.apache.org/" + }, + { + "type": "issue-tracker", + "url": "http://issues.apache.org/jira/browse/HTTPCORE" + }, + { + "type": "mailing-list", + "url": "http://mail-archives.apache.org/mod_mbox/hc-httpclient-users/" + }, + { + "type": "distribution", + "url": "https://repository.apache.org/service/local/staging/deploy/maven2" + } + ] + }, + { + "type": "library", + "bom-ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "group": "com.google.j2objc", + "name": "j2objc-annotations", + "version": "1.1", + "description": "A set of annotations that provide additional information to the J2ObjC translator to modify the result of translation.", + "hashes": [ + { + "alg": "MD5", + "content": "49ae3204bb0bb9b2ac77062641f4a6d7" + }, + { + "alg": "SHA-1", + "content": "ed28ded51a8b1c6b112568def5f4b455e6809019" + }, + { + "alg": "SHA-256", + "content": "2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6" + }, + { + "alg": "SHA-512", + "content": "a4a0b58ffc2d9f9b516f571bcd0ac14e4d3eec15aacd6320a4a1a12045acce8c6081e8ce922c4e882221cedb2cc266399ab468487ae9a08124d65edc07ae30f0" + }, + { + "alg": "SHA3-256", + "content": "275370eeb5f02c15358168ea134c4eab1afed8d27750a8a326b9f9f506dfc9f2" + }, + { + "alg": "SHA3-512", + "content": "d9e2a3943373e1eab933b45f49997b24e01466eb99a177c40f21c7107c9f21ebb135e14d191b0a5b699e3985d20de8e87662e92c0bf59e5e054d3da85fd777dd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.j2objc/j2objc-annotations@1.1?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "group": "com.fasterxml.jackson.core", + "name": "jackson-annotations", + "version": "2.9.10", + "description": "Core annotations used for value types, used by Jackson data binding package.", + "hashes": [ + { + "alg": "MD5", + "content": "26c2b6f7bc704ccadc64c83995e0ff7f" + }, + { + "alg": "SHA-1", + "content": "53ab2f0f92e87ea4874c8c6997335c211d81e636" + }, + { + "alg": "SHA-256", + "content": "c876f2e85d0f108a34cdd11ccc9d8d7875697367efc75bf10a89c2c26aee994c" + }, + { + "alg": "SHA-512", + "content": "6b1ae1d7036ce2fff81bf8fc2a3a55e4ea7eb081de806ad05301d2eb126bed1dda487027f3ccfa618c488e680e2f5ff22bc3f106e7c0af27b34d327d83083b46" + }, + { + "alg": "SHA3-256", + "content": "6ebca301e4a201a89630bd7235d27e48a795c7e6fca7727ac08f3cc87e6a5049" + }, + { + "alg": "SHA3-512", + "content": "8d33540c9df56541a0dca99ca51432a8d0d9642813377c62f6df5602af1c8d04c3d62cf24a9cde5c79fcd63b287de19cfc84ea475f8dd0ca037a72baed3d50ee" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-annotations" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "group": "com.fasterxml.jackson.core", + "name": "jackson-core", + "version": "2.9.10", + "description": "Core Jackson processing abstractions (aka Streaming API), implementation for JSON", + "hashes": [ + { + "alg": "MD5", + "content": "d62d9b1d1d83dd553e678bc8fce8f809" + }, + { + "alg": "SHA-1", + "content": "66b715dec9dd8b0f39f3296e67e05913bf422d0c" + }, + { + "alg": "SHA-256", + "content": "65fe26d7554a4409652c86ee38f2e94bc42934326d88b3c78c61f66ff2222c53" + }, + { + "alg": "SHA-512", + "content": "ea053f07b73b087fe81ef49d949ec812bf03e536a8a608d6b7c7ff9f001e6764e86125c5e99d46ba4002d7aab620f57527e246fe8ca754b47cfd812976a3e337" + }, + { + "alg": "SHA3-256", + "content": "0cd87bff64e1569e1ae1fa6023caf005c17d5feb6f75c2bb587546d9e3e43efa" + }, + { + "alg": "SHA3-512", + "content": "936d596d972971e8fc02a6adc7ef11b9d3ac302fbc4134982f3bf128f61741b6bc8c34dd0d16d0ef52a7760a2ad5bcc20b26c4d9c6e8345e826b8b2a83f8fb4d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-core" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "group": "com.fasterxml.jackson.core", + "name": "jackson-databind", + "version": "2.9.10", + "description": "General data-binding functionality for Jackson: works on core streaming API", + "hashes": [ + { + "alg": "MD5", + "content": "ff43d79c624b0f7d465542fee6648474" + }, + { + "alg": "SHA-1", + "content": "e201bb70b7469ba18dd58ed8268aa44e702fa2f0" + }, + { + "alg": "SHA-256", + "content": "49bb71a73fcdcdf59c40a1a01d7245f41d3a8ba96ea6182b720f0c6167241757" + }, + { + "alg": "SHA-512", + "content": "18db8ee61a24498803352c6fc40b83cc1f277033fd4cd743505e3bfa1660c84d8522a70b06401f834b405cbc6e686f6f5c4d54aff034751e9addbf1b4603b2c2" + }, + { + "alg": "SHA3-256", + "content": "470b46a826c8edeb12852d9cbab9f5ab0c3a0b0989a7f2b0a8756c9a88aae89f" + }, + { + "alg": "SHA3-512", + "content": "35616596eff2bafc2e047ce7cbfc4c0b8ce83af277953a2af6b41e43885c74b0809d14dd339290991c2ecb82e82190832b616bca0e3225aa113bfb483fa1b2b8" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-databind" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ], + "affectingVulnerabilities": [ + "d097e083-0b0a-4e3c-9f29-fc936f27ec6f", + "f57dc81d-6b2d-4060-8c15-7613c1a37981", + "600ecfb9-66c7-4fc2-88e8-2bf9efe40628", + "36dba0ba-dc6c-4f8a-822c-e51ca444d1bf", + "e5cba611-d1ce-48a5-8fc2-ac68ba133947", + "9e292de9-f4f7-4d45-9ecb-846c4b972f6f", + "343cd240-f667-4770-aecf-ddc11f9d0172", + "0f7e16f6-f01e-4cc0-a835-08f3ba72625f", + "c2e5f22d-f91f-4689-bdb1-782974d6fa7a", + "49fa1888-bfa1-480a-8564-3b62b8bf5c3c", + "97981cb2-9228-4b8b-a172-ad12f550a19f", + "941d2fac-724b-4a2c-a8ba-c5a434fa3bf7", + "7e3a7481-266e-4cb7-af3b-94dcaf462942", + "db7cfe67-0b1d-4504-af8b-da26e12af73a", + "7c0af63e-ef57-43aa-9c91-d79c7e37ab20", + "c037af59-a132-4727-8cc3-c6095c490df7", + "0b8d112a-b683-414d-93b6-48fa2cabb7c9", + "e8b21aeb-ce1d-4df2-8102-577b813e712f", + "e141c668-bc18-4738-b3b6-e7ba1057d124", + "7aec5714-d04e-4e86-8f4c-51f5cf2568d9", + "6af6635c-bedd-40e5-88b8-324d3a80a33e", + "3ad04380-a25c-41d8-8fad-259c2561795b", + "86f78c35-adfb-48e4-9428-88084373e1c0", + "6d73d38a-3ff6-4fac-8c03-b09b64e9e537", + "00033bff-66dc-4a36-ab38-a10b0625409f", + "14e2856b-f78d-4a6d-99eb-470c8566df29", + "c224f923-be9a-4faa-a930-ef4db611bc2b", + "5201940b-1f04-4668-ae86-8261448d817d", + "b267fb08-27eb-4c71-a2a7-f17fe5fbf4fd", + "4fcb77a9-67b3-4b3f-bc01-684b8ba72294", + "950cff67-088e-4f41-9818-25943c9e17c0", + "53eda8c2-268a-4866-89ac-234bfe7f74ce", + "9edaa51d-929b-457e-aab5-0fffecdb4938", + "6d5189b4-d549-419a-b886-43a62cc43d40", + "135c6dab-529e-4855-ab72-a0138e2110c8", + "57f41366-73de-4a9c-ba15-4d09c9f60e33", + "ccd0ef88-c0fe-4a10-a648-c779ce82b888", + "726a055c-f364-4cb7-a75a-d3c541dad0fa", + "75d8b4d7-7c79-4627-b229-8d5e38fc5d8b", + "cc0ff323-0529-4064-8a2d-1f7a8e2a1332", + "7c4227e3-a0a9-4361-8eab-6ab5fa9550b2", + "87742746-bd8b-423d-979d-d9aa81a8ccfd", + "5c0b94e1-0577-42c9-8028-f244d68f61da" + ] + }, + { + "type": "library", + "bom-ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "group": "com.fasterxml.jackson.dataformat", + "name": "jackson-dataformat-yaml", + "version": "2.9.10", + "description": "Support for reading and writing YAML-encoded data via Jackson abstractions.", + "hashes": [ + { + "alg": "MD5", + "content": "ebecc5b67b96874c08068151fd89d0b5" + }, + { + "alg": "SHA-1", + "content": "561275877edf6321692f29e66ae5ccc7b1664939" + }, + { + "alg": "SHA-256", + "content": "338e27fd71a825c948c98a2a3fedd79bd14e6c7bcc9b6d21fd8b17abfd28bcc0" + }, + { + "alg": "SHA-512", + "content": "6730698c771ee3308c57b8336c35c3c1d437c7ef2e8f1a6bc66a251404449ae7f531fb240c5c877097a5c85a99e6a77c885265d61ad0d8da18c68da13c89eea4" + }, + { + "alg": "SHA3-256", + "content": "189e39704cf30896198937a59f48dca0230a882f0613ceb941241f327f4f1c2c" + }, + { + "alg": "SHA3-512", + "content": "336fa4689e758f35a45ebc5648f3bfb395bf8ff7387b783b7fa62d431e835760782df3c6f5c737224853970891eca22c69b990ad8d7b96e628002b5ef6a88305" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-dataformats-text/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-dataformats-text" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-guava", + "version": "2.9.10", + "description": "Add-on datatype-support module for Jackson (https://github.com/FasterXML/jackson) that handles Guava (http://code.google.com/p/guava-libraries/) types (currently mostly just collection ones)", + "hashes": [ + { + "alg": "MD5", + "content": "bf3d62117a113e2ad3442aede0565365" + }, + { + "alg": "SHA-1", + "content": "fe2fe045ca3bd6f9ea1bba5b03d228b4abf8c1cb" + }, + { + "alg": "SHA-256", + "content": "f6f05294767905ebfe3e982ec456eb0982e52b8e89cfcf02f46722f87414e87e" + }, + { + "alg": "SHA-512", + "content": "d12fc51a0261d7af4319c2659b5168f7bbe91c235ecc013056ae444917d87281137df52bae9c4f345cf1874220f7b2aebc314cf74d4334dda96c3a3cca3de3da" + }, + { + "alg": "SHA3-256", + "content": "d7d456bb103296753158c2e16328887d8b6f339e941f34328229c9c62a2f1cac" + }, + { + "alg": "SHA3-512", + "content": "c5741407e1a9054dc65f40fd6e70483c867a8b9847bfe7ff0e9fabe24be1827c75d7ce561100db82d25c7fd0f12c16ba18a3ca8038ba4a99da7fc394dc63b39f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-guava@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatypes-collections" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-hibernate5", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Hibernate (http://hibernate.org) version 5.x data types.", + "hashes": [ + { + "alg": "MD5", + "content": "686f24ec51b113e18d8a7a6e656830af" + }, + { + "alg": "SHA-1", + "content": "391c524dbc0414399dec5a405760744d3ed600a8" + }, + { + "alg": "SHA-256", + "content": "de588c8a51eb6d11cced0d2c140d66e9c51266622ecda28ccbef92050f671f0e" + }, + { + "alg": "SHA-512", + "content": "854f01a862d1ea67a47863bbb3481b63deb1839d3b89ca616362fe097e55ebc87196f4ed7ae48ed8557b4244d72db72f3c293b6a7dc3965fa787a6a67d634998" + }, + { + "alg": "SHA3-256", + "content": "ff874c69d9dc846e993d16b1bcb74a4d3d81865aaffc16b6063ff83e0f1626d0" + }, + { + "alg": "SHA3-512", + "content": "312371566e7eacb4621ecec83b7e99a4dfed8be158ba71c77e9b9fcd91577104771dec04d7eeb1c12e574e4b8ca247bd2b4faeef7ba69aa384d93cb67672b5a3" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-hibernate5@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-hibernate" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jdk8", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support JDK 8 data types.", + "hashes": [ + { + "alg": "MD5", + "content": "e35c18c99ad1737571b1c8004ca8528d" + }, + { + "alg": "SHA-1", + "content": "6aa764caf0a275d98b8765f6687bd4ec6c8cb9eb" + }, + { + "alg": "SHA-256", + "content": "b305510c0fec81480cbc3516948f9ac5b326811e35c4b6563d2ccfe330079db6" + }, + { + "alg": "SHA-512", + "content": "e537db4253733d8ca0e93e6245c2f25eef366333480a5fd0901603e69a8cf92dd69ec0ffa813c2fef685849f383b7e3850b2b286d255486192f7ff9698fc6c46" + }, + { + "alg": "SHA3-256", + "content": "768bc29f9f15aa07b9c2294d3c3b1bf06396b507397a6b1da2515eefbbc85172" + }, + { + "alg": "SHA3-512", + "content": "734b59492a053eec994840092c8e4f4d703e03b481d8a603b0d934b4fab25261fd98504f72fd0512705a8735dde4b36299c2295f0359afb0f18d129c0dfc70c5" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-joda", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support Joda (http://joda-time.sourceforge.net/) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "7ef56a5376978b3befc264d5c7f690ba" + }, + { + "alg": "SHA-1", + "content": "b8b45ff38fb46eaf8bdf19586743a4f446c485fd" + }, + { + "alg": "SHA-256", + "content": "ec60ff466ec6bf489e58cf83bb012dd3d2735eb581be47113b17b1ce6499cdd8" + }, + { + "alg": "SHA-512", + "content": "589f9ef55f9aef7b2e4c1fe45bad157e566042f304989ffe8257a5547426c7dea281326cf66cb1af84add2cb0531b623d04bc15d9e3ac0da25052f8c2109ceec" + }, + { + "alg": "SHA3-256", + "content": "7a4e62a859262aec2ae33d7b6ec5b0ddadcf0897c1a90984cbdd82f8e2c8abb2" + }, + { + "alg": "SHA3-512", + "content": "bf11f541461a5ab4fbb3372d8c8d617a7b20a2dda00d8af733ac8d496cf4a7e1f7f422d90d11b17b7d783ed2a25f4323046468c264ea204bd672adff82a3477a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-joda@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-datatype-joda" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5694b066-2847-4855-8230-77e902b37502", + "group": "com.fasterxml.jackson.datatype", + "name": "jackson-datatype-jsr310", + "version": "2.9.10", + "description": "Add-on module to support JSR-310 (Java 8 Date & Time API) data types.", + "hashes": [ + { + "alg": "MD5", + "content": "8353db784cc75e2ef48439c89ffb962b" + }, + { + "alg": "SHA-1", + "content": "bf7ea35ca4fafa385701580163ef983622e0bfb1" + }, + { + "alg": "SHA-256", + "content": "a86f035a641f1a36aebacce8415e14568ce5b0088e3ad5b8cf3ea3c9c0c5b64e" + }, + { + "alg": "SHA-512", + "content": "c9e27a5a2c7a7edacdacc2cd93371561ed991e85027e06820004bc47802f32df3aa99fe6d94667805c7862467fcc9e4e0555f1e5a3317c239e8ec0f37fc48b89" + }, + { + "alg": "SHA3-256", + "content": "ee3952b4ffb44ea67445ed736ce33410ed631146ab47071c5fa4ae578623c446" + }, + { + "alg": "SHA3-512", + "content": "434938cf7a81ea81511bbf14a0942eaa790c71ab2e4a5e3049dfbb5cc1523034eacd0d14d0b520e88155376b4213129cc59cec21a2a93940b7fba5658d46c8f0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-base", + "version": "2.9.10", + "description": "Pile of code that is shared by all Jackson-based JAX-RS providers.", + "hashes": [ + { + "alg": "MD5", + "content": "3dde182860e6f59fea3871880b1875b9" + }, + { + "alg": "SHA-1", + "content": "8f13207626ffab14943da9e7447dc065f7762a4e" + }, + { + "alg": "SHA-256", + "content": "4a76bd0d1f5f66293867bb9e021bcf8ba179bdd69cf69852d623204297fe85eb" + }, + { + "alg": "SHA-512", + "content": "608054e863d9233f92fcbf9ea6896a78caa0e1fac197a3b15f7833231f25bc10ac93e54f362d0364a60e7348825e505107e507590269edef11e3fd1e136b1ab5" + }, + { + "alg": "SHA3-256", + "content": "3b43e3742dec5d06ca7a73b45e485120e0adf0f0e66208b9afa56d329ccf0768" + }, + { + "alg": "SHA3-512", + "content": "512f238b2f5d2f70c48cd60dc45da652e2e3ade8aaf03f8031ad0a1ab9222726a82f53a9dcd15b5ecb49e8f8b9aef6789c993d8edd8c68acddd7776bf835f948" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "group": "com.fasterxml.jackson.jaxrs", + "name": "jackson-jaxrs-json-provider", + "version": "2.9.10", + "description": "Functionality to handle JSON input/output for JAX-RS implementations (like Jersey and RESTeasy) using standard Jackson data binding.", + "hashes": [ + { + "alg": "MD5", + "content": "5a6659fa62763f65fb7e187dca166346" + }, + { + "alg": "SHA-1", + "content": "89a2f5d0adc42c3e37a7167e0759641de55aafdd" + }, + { + "alg": "SHA-256", + "content": "0fe7309bb8d0fa8f48cd6846bc3a27eef04b0263b6533ac58ef7ad85b1bdf38c" + }, + { + "alg": "SHA-512", + "content": "254d53edb320ecc9f697d3bb4c7dd1e385d04759bad65caeedcb5beda7fa29f915636324309bec3052205fa91ec29892fed809c8da4e7d284cc0d62b8cf29508" + }, + { + "alg": "SHA3-256", + "content": "1e98e50a06dd5830aa5517da99a0f503760f745029a9fe992f21b45f2417fb76" + }, + { + "alg": "SHA3-512", + "content": "ee026cf5697ab3d3785aa59d1a69e074d6c7db0af06478b36bb19f0d7b303db888bdb6fbd6bb7ffb0b14a4425d3fb0fb9ec971d59db2c7312f979ad83b107a1d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.9.10?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-jaxrs-providers" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-afterburner", + "version": "2.9.10", + "description": "Jackson (https://github.com/FasterXML/jackson) extension module used to enhance performance using bytecode generation to replace use of Reflection for field access and method calls", + "hashes": [ + { + "alg": "MD5", + "content": "eb3073cbfad846a44d81df8bc31c8bf9" + }, + { + "alg": "SHA-1", + "content": "6cca4a73cb54aa8631775023ca8cc37626373cc8" + }, + { + "alg": "SHA-256", + "content": "6d8dd1bdaa13a1e2239e9d8fc008066b02d6fc7d79166fd73e4c3b6e1856ad14" + }, + { + "alg": "SHA-512", + "content": "b56f7485f72c2225cd276e6955e154bae31849a394f5f03ee5d205075a154c27417d1cd7c071c9ba12a7712e23f7b6e8da368aa12acecf53c5c28a5376d620e1" + }, + { + "alg": "SHA3-256", + "content": "488cf9674f84c7d221e4f5955d45f6fc008bca1bd4abf2134d91578a9c1bc0aa" + }, + { + "alg": "SHA3-512", + "content": "d2324aca720bf6816274e93186fdf7d0eaefce8859685dc5c76a96fa8696cd104d64787598bd94473619aa0b89406dac1da8cc697b05104491b8017a54d95e1f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-afterburner@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-jaxb-annotations", + "version": "2.9.10", + "description": "Support for using JAXB annotations as an alternative to \"native\" Jackson annotations, for configuring data-binding.", + "hashes": [ + { + "alg": "MD5", + "content": "fe4cda4049277f5c8758f32a00f2b633" + }, + { + "alg": "SHA-1", + "content": "b7fc3212e95586f42a0d3b5cf1311e42a3ac0248" + }, + { + "alg": "SHA-256", + "content": "72a8ef1246f7a2dc680de67bc5009cc5de71b3825adf98726d290643a36576c0" + }, + { + "alg": "SHA-512", + "content": "df36f846fb1c04e23657f1d7568d05cc589207dc3f751db357ccf33b2b6c7491abf1251aee29763b69b524bf4652e5d04dc77f93d8f001fb23728fc46304f4f0" + }, + { + "alg": "SHA3-256", + "content": "f38cc147a5ef75e5a5f153a2db7c996eb8fe469079b1ef7c843249e8adbf06eb" + }, + { + "alg": "SHA3-512", + "content": "9ba7e2c66e3495260dcd320b179db20fe37d2dd695e1c1a01aaa13a0cc5bd5adaa1c9041c2f4ff6b19607d375c49fcbfc4a962c4939e05a0dd68cc8cdedcc7fc" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-base/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-base" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "group": "com.fasterxml.jackson.module", + "name": "jackson-module-parameter-names", + "version": "2.9.10", + "description": "Add-on module for Jackson (http://jackson.codehaus.org) to support introspection of method/constructor parameter names, without having to add explicit property name annotation.", + "hashes": [ + { + "alg": "MD5", + "content": "e8835d22f3153408ace94284be8fa821" + }, + { + "alg": "SHA-1", + "content": "dc8c36832c229df0209dfc98fab5be36cb99af5f" + }, + { + "alg": "SHA-256", + "content": "2b14de63be1abc99d25c1cdc8ca9003dd0e345e87f5d869588c5981f75cffc8a" + }, + { + "alg": "SHA-512", + "content": "452daf576e303ec15480750844e9a49715670ea9b7fa44d3a3d69ef4c90d7177583daabfc25d2a938e0015bba0c21c5fa71c175d2a0a95f3d6f13a92a3a6d611" + }, + { + "alg": "SHA3-256", + "content": "68f9053afc670c7ef2b042f62e7ac34dc7cf5c65fdc2e178b31970c64f0e9353" + }, + { + "alg": "SHA3-512", + "content": "10bdc0751a0dd140f35dd69045dbc1beea08f65d6ce773dcc2c888af4fc013f8af4c09bcb45e1e36c65b86e7e3cca9775c5da472184af784aa577a952c74c073" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.9.10?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://github.com/FasterXML/jackson-modules-java8/issues" + }, + { + "type": "vcs", + "url": "http://github.com/FasterXML/jackson-modules-java8" + }, + { + "type": "website", + "url": "http://fasterxml.com/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "group": "org.jboss", + "name": "jandex", + "version": "2.0.3.Final", + "description": "Parent POM for JBoss projects. Provides default project build configuration.", + "hashes": [ + { + "alg": "MD5", + "content": "77db6e55da888349f5466d2dcf150b14" + }, + { + "alg": "SHA-1", + "content": "bfc4d6257dbff7a33a357f0de116be6ff951d849" + }, + { + "alg": "SHA-256", + "content": "a3a65250cf954f102e74bab23df12540780878231195b585a7a86f4364a53727" + }, + { + "alg": "SHA-512", + "content": "ad557228414fb1d75750f4495ced69517deac0d26beaeb81e3233fe21254e3b7e3ccefe381971ffb8dbb0d9e0c1e70973623948ffec31efad99298f1107830ed" + }, + { + "alg": "SHA3-256", + "content": "8e4cbfe8f79e619190a121200bb907e2d06c03b5449b3742a6607580a898a2d9" + }, + { + "alg": "SHA3-512", + "content": "5afc9d16fc77ecbc3dd653628b11ddfb419a5fae2efa72eca87eaa55c7c6014d03e9fcd190ae9c7c3e50edc78e6a30fe439269439cf7c383c27aaaa43281e975" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss/jandex@2.0.3.Final?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + }, + { + "type": "vcs", + "url": "http://github.com/jboss/jboss-parent-pom" + } + ] + }, + { + "type": "library", + "bom-ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "group": "org.javassist", + "name": "javassist", + "version": "3.24.1-GA", + "description": "Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java.", + "hashes": [ + { + "alg": "MD5", + "content": "527cebd64b0f941d5058bae3d1726d06" + }, + { + "alg": "SHA-1", + "content": "921b466d6a14a8edbe25923c973fd767fc71c045" + }, + { + "alg": "SHA-256", + "content": "5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553" + }, + { + "alg": "SHA-512", + "content": "b1920ad0b291ab4a7d5d6184e7a6fca91a27576560adc257e4d38a3122865cefa7081df46375a462fcd7e4bfe20c3eeeef140408922cad9cfabaa8c338be1056" + }, + { + "alg": "SHA3-256", + "content": "793f21feb3c4c58edf94d49579b8cd658e44e792e05fefbc23f1b84b7170caf2" + }, + { + "alg": "SHA3-512", + "content": "94f77c5a3ef42bef47e44c9cb9c71a5eeae3b5f94bec53637e8ef3bb5b29b0675c02166241987ac3f3872be09d87bbcfe0235a55731735f4b787a8574714fd2e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.javassist/javassist@3.24.1-GA?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jira.jboss.org/jira/browse/JASSIST/" + } + ] + }, + { + "type": "library", + "bom-ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "group": "javax.annotation", + "name": "javax.annotation-api", + "version": "1.3.1", + "description": "Common Annotations for the JavaTM Platform API", + "hashes": [ + { + "alg": "MD5", + "content": "9a936313da62e705ebb16e81b62f4096" + }, + { + "alg": "SHA-1", + "content": "20a2c0583598d68b0835474bbe07792d4f3b219f" + }, + { + "alg": "SHA-256", + "content": "bc1110630bb4290e798a533ca40a60517826c8804b79f91f8738d18ca425adc5" + }, + { + "alg": "SHA-512", + "content": "9b0c8e45c750f049015da652dcfb43250c24aa72c0cf8fcf917918a486c50b70d6c19201638ae4c23a822551e12ed85215222a59b9bcfb135557c0aca80c00ef" + }, + { + "alg": "SHA3-256", + "content": "81a7132a97ca91c7bf14400e8dc845e3124df73c91b3e2f0a62c4aa3abd84b6d" + }, + { + "alg": "SHA3-512", + "content": "1b7b5f5a5dcf8076155e13d17fe8665b88394c5871583508211f58336cf8d2dae9b3225df8de94e6820a2cc5e077cbd4382c88249c1b0c79e482ce7ae726997b" + } + ], + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://javaee.github.io/glassfish" + }, + { + "type": "issue-tracker", + "url": "https://github.com/javaee/javax.annotation/issues" + }, + { + "type": "vcs", + "url": "https://github.com/javaee/javax.annotation" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "group": "org.glassfish", + "name": "javax.el", + "version": "3.0.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "9b413b6b4c57f68cc3e8649f754153f5" + }, + { + "alg": "SHA-1", + "content": "dd532526e7c8de48e40419e6af1183658a973379" + }, + { + "alg": "SHA-256", + "content": "5ed77b9150c1cb6bdc1a195bb536eef6eb65f46f4412e26c24288690ea8033ec" + }, + { + "alg": "SHA-512", + "content": "a31efb2e99fe2429c8f39dbd8b23fce7dc30c3945ad3e6011dd1495a63a74f1d5e8ac422735de37c01938c492832155b73941614e19e06145477f65f4bc9043f" + }, + { + "alg": "SHA3-256", + "content": "6c59f62728693b7a7234a6c93d6329391633de19cd65753ddb74d78a1a79427b" + }, + { + "alg": "SHA3-512", + "content": "7193e9af5274a89a3fa9e04dcb9790db5efd6abffc8d0549c2bb597f61237544e758f98b4aaf55dfad258697bbaf4e4583695f6f5c277c06e98cd9ce21265982" + } + ], + "purl": "pkg:maven/org.glassfish/javax.el@3.0.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://glassfish.org" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/EL_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/el-spec/sources/source-code/show/tags/javax.el-3.0.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "group": "org.glassfish.hk2.external", + "name": "javax.inject", + "version": "2.5.0-b32", + "description": "Injection API (JSR 330) version ${javax.inject.version} repackaged as OSGi bundle", + "hashes": [ + { + "alg": "MD5", + "content": "b7e8633eb1e5aad9f44a37a3f3bfa8f5" + }, + { + "alg": "SHA-1", + "content": "b2fa50c8186a38728c35fe6a9da57ce4cc806923" + }, + { + "alg": "SHA-256", + "content": "437c92cf50a0efa6b501b8939b5b92ede7cfe4455cf06b68ec69d1b21ab921ed" + }, + { + "alg": "SHA-512", + "content": "ce72626ebacfcbb1a022d0af22d7f3ae8a0f38db939e5f0b893efb9e3545c74328fa139a92c3b9bf7d833300a2830d7b883f748b0d758ed58abd6b0ce192620a" + }, + { + "alg": "SHA3-256", + "content": "da07452e3cbd7bf8e934d72e70149d317d7299fefa8de7840ac251e3e7fab17b" + }, + { + "alg": "SHA3-512", + "content": "db226d92d3e50eb91d892c9dee1832aedcdc2c11ddbc5948da4a33d10d286906fb1554e226223384bbbe7b30fa2b7b023eb7df03beb46affdd9e012722d66b67" + } + ], + "purl": "pkg:maven/org.glassfish.hk2.external/javax.inject@2.5.0-b32?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/HK2" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/hk2/lists/dev/archive" + }, + { + "type": "vcs", + "url": "https://java.net/projects/hk2/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "group": "javax.servlet", + "name": "javax.servlet-api", + "version": "3.1.0", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "79de69e9f5ed8c7fcb8342585732bbf7" + }, + { + "alg": "SHA-1", + "content": "3cd63d075497751784b2fa84be59432f4905bf7c" + }, + { + "alg": "SHA-256", + "content": "af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482" + }, + { + "alg": "SHA-512", + "content": "32f7e3565c6cdf3d9a562f8fd597fe5059af0cf6b05b772a144a74bbc95927ac275eb38374538ec1c72adcce4c8e1e2c9f774a7b545db56b8085af0065e4a1e5" + }, + { + "alg": "SHA3-256", + "content": "8acc3481503989e1a78ad619bcbdc005b616c13736522b52e5ae5d782e8a0216" + }, + { + "alg": "SHA3-512", + "content": "ab5f85d424640ddcf6fc13a41d12ffdee0be9508cd4cdc581168b31cf7917323f6e0d984a0631068e0e01c098098fe0037d1c4176352fd89ba3a4da5d641ca3d" + } + ], + "purl": "pkg:maven/javax.servlet/javax.servlet-api@3.1.0?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/SERVLET_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/glassfish/sources/svn/show/tags/javax.servlet-api-3.1.0" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "group": "javax.ws.rs", + "name": "javax.ws.rs-api", + "version": "2.0.1", + "description": "Java.net - The Source for Java Technology Collaboration", + "hashes": [ + { + "alg": "MD5", + "content": "edcd111cf4d3ba8ac8e1f326efc37a17" + }, + { + "alg": "SHA-1", + "content": "104e9c2b5583cfcfeac0402316221648d6d8ea6b" + }, + { + "alg": "SHA-256", + "content": "38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d" + }, + { + "alg": "SHA-512", + "content": "4a85d3b61ea018f354a4dfa43104f3b4967cb4719df203956f82f7a696f75bee9d660540fc0f7bb61e0a5f826461de8929144eddd5622f9cb59a4da289d7297a" + }, + { + "alg": "SHA3-256", + "content": "7d439b6efe13a02aa996c27db07de14c1f14e8c95b60a9205c073cfbe9cbcda1" + }, + { + "alg": "SHA3-512", + "content": "e4bc8aab836157e258f659fe687e59499d445889c6c706d9539e5bbd48a6e80a1a1029e9ae47d25871f5ddf1434c5449ce2bc67b147b5a7b58990309f7aa60a4" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/javax.ws.rs/javax.ws.rs-api@2.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JAX_RS_SPEC" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jax-rs-spec/sources/git/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "group": "org.jboss.logging", + "name": "jboss-logging", + "version": "3.3.0.Final", + "description": "The JBoss Logging Framework", + "hashes": [ + { + "alg": "MD5", + "content": "bc11af4b8ce7138cdc79b7ba8561638c" + }, + { + "alg": "SHA-1", + "content": "3616bb87707910296e2c195dc016287080bba5af" + }, + { + "alg": "SHA-256", + "content": "e0e0595e7f70c464609095aef9e47a8484e05f2f621c0aa5081c18e3db2d498c" + }, + { + "alg": "SHA-512", + "content": "6cd839a07c55a75befa9a95c7cb2e4a87445432d475bc747410fce625ad4496ee5cc6631a445420940ef1cb408d74873980504e4d785d8ec851223301a76807b" + }, + { + "alg": "SHA3-256", + "content": "12fa4c6092728e4d1d780db85e3567ac16a8ec515daac930326513a471f60bd4" + }, + { + "alg": "SHA3-512", + "content": "3f2a0f9e1ce18e1fce8b658a9ce7603eae6a2eeb96b8c26c0a49fde515ea97b319e94f48617fdbd8b102cd51c6a3c957528b456b821e2287ac1b35a3442c35c6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jboss.logging/jboss-logging@3.3.0.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss-logging/jboss-logging" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "group": "org.jboss.spec.javax.transaction", + "name": "jboss-transaction-api_1.2_spec", + "version": "1.0.1.Final", + "description": "The Java Transaction 1.2 API classes", + "hashes": [ + { + "alg": "MD5", + "content": "4d3a6329aa429d92e7bf0c2d34302660" + }, + { + "alg": "SHA-1", + "content": "4441f144a2a1f46ed48fcc6b476a4b6295e6d524" + }, + { + "alg": "SHA-256", + "content": "d35b340768f11e683045d0b3b8c2cf0554a0495a675ae8aab5680b34e5d2a69c" + }, + { + "alg": "SHA-512", + "content": "fb751362223bd2f58d40326018b742ecb8bb49e2362b8babbfa6592e10fb0bd4c52192859771d5b4c67954bf3876bda38581795d54a566bfca66f3fdb0bfd4fb" + }, + { + "alg": "SHA3-256", + "content": "5fec9250840d8ae18ebe934e2b302d9f3c91a7166c5f6e90e8a38d19d5463f4a" + }, + { + "alg": "SHA3-512", + "content": "f4846473a8385f28649593671d9307d0a0a1362c9b36a24ea1b6f72daafb59e05b4945ed45bcadc22e52024a5c3cce9c47e9edadcc7a08f1e391b33a510cd971" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License, Version 2 with the Classpath Exception", + "url": "http://repository.jboss.org/licenses/gpl-2.0-ce.txt" + } + } + ], + "purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.2_spec@1.0.1.Final?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jboss/jboss-transaction-api_spec" + }, + { + "type": "website", + "url": "http://www.jboss.org" + }, + { + "type": "issue-tracker", + "url": "https://issues.jboss.org/" + }, + { + "type": "mailing-list", + "url": "http://lists.jboss.org/pipermail/jboss-user/" + } + ] + }, + { + "type": "library", + "bom-ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "group": "org.slf4j", + "name": "jcl-over-slf4j", + "version": "1.7.26", + "description": "JCL 1.2 implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "06ceba253db8a4d836921324015c9ca5" + }, + { + "alg": "SHA-1", + "content": "33fbc2d93de829fa5e263c5ce97f5eab8f57d53e" + }, + { + "alg": "SHA-256", + "content": "2800417ecc5c927cce2b8a2cd22f0933e4006023c4e4fb255985a27746f5573c" + }, + { + "alg": "SHA-512", + "content": "40c1c8a523687ba06041d5a3c8ae295ae57ea18c0909f106ae9154ee79eeec9d077f7e0c79cb977fdebf2c930c6972372850b528f94e69bb57e95124ff691359" + }, + { + "alg": "SHA3-256", + "content": "8e61ec106e655eb957cf915a6a2ab96d9f78298598af0edb5526d66317695f69" + }, + { + "alg": "SHA3-512", + "content": "bfb810653f89ac499283aa7d860f89369133a07b65398a4112a6f654d53cce6d4a74d2f45acd9ba669233604c94bd338247751171bb8f21d62a183bbe91ba90d" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "group": "org.jdbi", + "name": "jdbi", + "version": "2.78", + "description": "jDBI is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "ea7256f4877d929815d317c3f918de7e" + }, + { + "alg": "SHA-1", + "content": "7281bb97a89ec38db81a901a3c07ed7204efe828" + }, + { + "alg": "SHA-256", + "content": "a833944751416b95a397768c530b6796fd22fe01ff3d56f44ab80c2087096572" + }, + { + "alg": "SHA-512", + "content": "0699d1cee041bbb7f2e9857f0d4265e55af3c93e62c1d10090fa3472a3af4f052c4b6c1431eca53bf2e2ddb1df1358ac29fba6776fb0406a2c3edbe30fe73607" + }, + { + "alg": "SHA3-256", + "content": "85bab22465bd6c4128b3a3805184b780dd41c6984d6e056d7ec22b904b94649b" + }, + { + "alg": "SHA3-512", + "content": "0d3f050c4f71bfab5404ac1674306bd837ff7710b9b04893dcfe88baa3d0d3f647ee515c3b0a3159d4f6d3791f187927dabed54f05fcfa3b42bd4f0bbae93586" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi@2.78?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "group": "org.jdbi", + "name": "jdbi3-core", + "version": "3.5.1", + "description": "jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "bee3bded3f553bb751676f66de7051d8" + }, + { + "alg": "SHA-1", + "content": "fdb08f92dd4762d9a12864b685961cbef3807adb" + }, + { + "alg": "SHA-256", + "content": "05ba5a61131fee448927dd7d06fe2e0699b9c4756ece6bc844431dc1f5a3b671" + }, + { + "alg": "SHA-512", + "content": "3b8de628e4b5ba4acbedb21b4f74cbf7003fa1ce68125e8e2c8c9bb49ba38c478a34b27505bcda18e5072b47ae706a280e3db7fb53f90196d3f87543148e9b3d" + }, + { + "alg": "SHA3-256", + "content": "7b63cdd3df09bd5e6881f455db13e74d5a4f80764072d376d80814eaf28a423c" + }, + { + "alg": "SHA3-512", + "content": "9de02c1b6f19a44b6a29054da8c80e9139d03c2eeee8e908dbb8592bbffd8926a95f45f9e56f1aee85f77665cf24e2abe7e4d888ebe407fbb01be6f541c9befd" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-core@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "group": "org.jdbi", + "name": "jdbi3-guava", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "0f692ba6379649453c8ceeb1c1e567ba" + }, + { + "alg": "SHA-1", + "content": "0b7a55d0eda75405221a8287993c05891ae2dd9a" + }, + { + "alg": "SHA-256", + "content": "dd2c0c13c6d29758235a9b365768cc521b5ee3c86678794e81ca5a9a7aa1de83" + }, + { + "alg": "SHA-512", + "content": "9e74b320cd5ed0ba7de5f2976dac092039ca6efcd5ab070281ce040aab9249d2299d73b3f1566cc495e6b33cd2de7fdb8e82f9410f970650daceb049daeb2bd3" + }, + { + "alg": "SHA3-256", + "content": "fb088209586cf011f4cb41752223e4cb14ca32cf8605ce6bebaa30913a120ef4" + }, + { + "alg": "SHA3-512", + "content": "5e64a7584e5585f922a7bbc3c83f76645752e0a78274d741b4ae8cb7f174ac6b2d840841ce749234955ab1d090b552dcceb7a46c2a1a0eafe95dafa26c1c2819" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-guava@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "group": "org.jdbi", + "name": "jdbi3-jodatime2", + "version": "3.5.1", + "description": "Jdbi is designed to provide convenient tabular data access in Java(tm). It uses the Java collections framework for query results, provides a convenient means of externalizing sql statements, and provides named parameter support for any database being used.", + "hashes": [ + { + "alg": "MD5", + "content": "a1936dd03d5410d8abe4f52bd8a4c219" + }, + { + "alg": "SHA-1", + "content": "76d39448cd536140a737ee7d1eca00cf919dd51e" + }, + { + "alg": "SHA-256", + "content": "693462cf417ed3faadb54f22618b3f7bfd6f8d3cd77cdadde7733c6d9666d2fb" + }, + { + "alg": "SHA-512", + "content": "da80a01e7da71aee51c9c8f9de62a394ac6a1b849675a5a80e0490c4494bc58c5dbd15c34e8f21152cc3355f8259a2d838afeb2f9802063fd3a40b9bbc4d93d0" + }, + { + "alg": "SHA3-256", + "content": "472060a39fbf46395d0fe7b6c2e5610c1532969115b27ac82d0c1434e952012b" + }, + { + "alg": "SHA3-512", + "content": "b54c0e9dc8be03a4b7a0b4ffc2ca1fa90f0beebceabba58abe0f2ddb93b0074141eab88da889577abe3c4eb2c0137cb8db907346882e88185cc0d460531d64c2" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-jodatime2@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "group": "org.jdbi", + "name": "jdbi3-sqlobject", + "version": "3.5.1", + "description": "jdbi SqlObject transforms simple annotated interfaces into full-featured DAO implementations.", + "hashes": [ + { + "alg": "MD5", + "content": "fef7548d2dd71524d4e555c8d406449d" + }, + { + "alg": "SHA-1", + "content": "88a6bb67f81900f7e3b4c02e80fbe03c14180b8a" + }, + { + "alg": "SHA-256", + "content": "f5aee0d5ded32e49eddaf51fded6478d01f816a957bccd5ba62fb9eb944793d5" + }, + { + "alg": "SHA-512", + "content": "435126b915d81c594a2fc3194498a815dbd6307c8bd852d421ba866e11d4335bfd825352a58c60dadbe8cbd57a2962b0d8414c46491bd171071f7e606c41b56e" + }, + { + "alg": "SHA3-256", + "content": "8706b9badb23159cd1c690e44d10f7050d82682c025d4a0fb6c2f74cf5982444" + }, + { + "alg": "SHA3-512", + "content": "a61809da92143a4f96e16d97e5d85179f50fac762fbbc8bc36676b8868e4fb8f69cce89c93c8c0e89e3e492c6434725546c29de5b7960b1515a4fe3f0853b959" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/org.jdbi/jdbi3-sqlobject@3.5.1?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/jdbi/jdbi/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "group": "org.glassfish.jersey.connectors", + "name": "jersey-apache-connector", + "version": "2.25.1", + "description": "Jersey Client Transport via Apache", + "hashes": [ + { + "alg": "MD5", + "content": "1249f4c7b0e42fb205fd6479f8212b7f" + }, + { + "alg": "SHA-1", + "content": "778d56a186caae0c0e321afb7bf497452f60ecc6" + }, + { + "alg": "SHA-256", + "content": "98236fdeb22a34405095a70099e63cdfe72c726c3c6588c8105092b234bbca3a" + }, + { + "alg": "SHA-512", + "content": "cd9d72b8e24524fd017fad60bea318cf72b7260bfe9826f3019181d8749f906cc579ff4b25c50d869edc9e7ad92c1a216e4c143957de5d5f810f14f3d2124058" + }, + { + "alg": "SHA3-256", + "content": "51423295a961ef5c2c0b70f2a3e80ff7cd9d356b9fdf0951dbc0d42ee7d283c5" + }, + { + "alg": "SHA3-512", + "content": "f95bb4d125a7146cfe7ff8e9d4480c3f479bffa0fcb5398400a2b2faa1851c3ebda38e1bbf49a0d4d5671dd336ebc665ef1fef26a4ad8f65d715c118f703de36" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.connectors/jersey-apache-connector@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "group": "org.glassfish.jersey.ext", + "name": "jersey-bean-validation", + "version": "2.25.1", + "description": "Jersey extension module providing support for Bean Validation (JSR-349) API.", + "hashes": [ + { + "alg": "MD5", + "content": "f1860b7577c9d0c89758ad14a60485a5" + }, + { + "alg": "SHA-1", + "content": "01971927d79cad0ad2b5a3bfda24967748a2023d" + }, + { + "alg": "SHA-256", + "content": "c7f8b632016d78ac9679c8a77a7333a7979b3a446c56f6c4aa0702495beafcf0" + }, + { + "alg": "SHA-512", + "content": "723afa0898fb909c199491173caa96bf32c5b4a9f8e7211989434f1be4ec581737b1d17e2094890074fd5fd94b640002b98b9f06cb042aa755864ff9e1eb5eb8" + }, + { + "alg": "SHA3-256", + "content": "5eb1703f460fc87775426f894b776891b46e2060d209d8649fbbbf0046ff5541" + }, + { + "alg": "SHA3-512", + "content": "b538a16717eba2f15bae433116819aecfb842d17e9838cb4c67ec3242cf7f62517d7d8ddc9245d26aed83b15489988bba10a792935968c5d9731b0e07902a251" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-bean-validation@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "group": "org.glassfish.jersey.core", + "name": "jersey-client", + "version": "2.25.1", + "description": "Jersey core client implementation", + "hashes": [ + { + "alg": "MD5", + "content": "cbc88e55529984d664eb6ef1b65b3684" + }, + { + "alg": "SHA-1", + "content": "4d563b1f93352ee9fad597e9e1daf2c6159993c6" + }, + { + "alg": "SHA-256", + "content": "10671e430dc7c841eb0bc54c9f3e265dbb60e9f85efaad71d1e39807057e405c" + }, + { + "alg": "SHA-512", + "content": "2355cf157c2c6f6973db046b8eb9f0ac1fad6791e5e62457d37a2aa0d70c180a6dd8eacdf78b987bab5720091cc8197866ba1ac14b209b374db6389f187a0c58" + }, + { + "alg": "SHA3-256", + "content": "88b865b79a07061bda2f0c1b57e4aea4555da1604946eccb83343ea665ac615e" + }, + { + "alg": "SHA3-512", + "content": "ab1297141ee25407b3aaf92ce2d7441aad23badc8d9b2e68e1bb143c7155f5861a273d816d4447ade4045dba027ba6264b22d6823e798d9ebac7514f8a4eef52" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "group": "org.glassfish.jersey.core", + "name": "jersey-common", + "version": "2.25.1", + "description": "Jersey core common packages", + "hashes": [ + { + "alg": "MD5", + "content": "d1f25f421cafb38efb49e2fef0799339" + }, + { + "alg": "SHA-1", + "content": "2438ce68d4907046095ab54aa83a6092951b4bbb" + }, + { + "alg": "SHA-256", + "content": "4df653fc69d5feec7ad1928018f964e12a7513bcea7b5e8b1aa4b1f5a815815f" + }, + { + "alg": "SHA-512", + "content": "2c99617c7d5bbabd39902cd93e028e48ef3917f1017b7417873607681b0bfc31e8d5197bd06c587f64867944d81bb63c0201fe5df66962737d23fdfd7fe88fe0" + }, + { + "alg": "SHA3-256", + "content": "d5d9d3bca931954bed7bf031b299f45e0e29c92e250501f46f12400e475aaf3e" + }, + { + "alg": "SHA3-512", + "content": "dbd5ac4985d2c8e71e3606e491a7814e50ca6ccb1e3571e50073ddcf92bbf484e28ae0a4971d1e487df4d95a4f64016583e88891724a65d9c1c80f20ff7664fb" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-common@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet", + "version": "2.25.1", + "description": "Jersey core Servlet 3.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "80ebd9481c44844884fc70ac0ba333b4" + }, + { + "alg": "SHA-1", + "content": "cf5f7a76fcea38158b890ab7a0142d4db709a882" + }, + { + "alg": "SHA-256", + "content": "3669c50bef23aeeabdae02e5e4b214c9f1eb1019fa4d559f2eeadb563ba598e4" + }, + { + "alg": "SHA-512", + "content": "8db651ca49cebb031823cb6363e3af78f2f400c4857a5cef51b2be2d58ccaad6c06ee5320cb6ceff6f2a053136f00943feb6f98189d847d49ea2455312529d84" + }, + { + "alg": "SHA3-256", + "content": "c77550b169ec358ff293d1599b2897fb4f3ebedaed222257893d83b7343fa915" + }, + { + "alg": "SHA3-512", + "content": "75115f1e1a14cea1e939e3cc30b9af2cd0de853a30d41007f72361e216362cc16a35901434330292840f48edf0dd98ac9ec8bc3e5461c0668eac4a883d7b2be7" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "group": "org.glassfish.jersey.containers", + "name": "jersey-container-servlet-core", + "version": "2.25.1", + "description": "Jersey core Servlet 2.x implementation", + "hashes": [ + { + "alg": "MD5", + "content": "e31db34014609174609f8879d00e0d2a" + }, + { + "alg": "SHA-1", + "content": "400e30bb035a0cdf3c554530224141ce659a0d1e" + }, + { + "alg": "SHA-256", + "content": "232f4f4e59e5944098351379a12aecc715906831c96a855624a81da552192ac4" + }, + { + "alg": "SHA-512", + "content": "beb539ae8f16b5748db941e1beabf21482791ccf04b7adbee50d58a06c224c21e918198badf8496243ab7730284b8abcd71da9e5439702fa7a4d06ba22fa1960" + }, + { + "alg": "SHA3-256", + "content": "bfb3dbfe53102c61b1092ddc80b119fef28b6ee65e020ebdbfcbe51aacc701fa" + }, + { + "alg": "SHA3-512", + "content": "7fe6468606f4ff4c7389e9ca816f82a03c9282b296472112573047d93389b9845a49f6c1740ee67d2e93be9dbe312d89189acd681ba489b9e09716cd20965e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.containers/jersey-container-servlet-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "group": "org.glassfish.jersey.bundles.repackaged", + "name": "jersey-guava", + "version": "2.25.1", + "description": "Jersey Guava Repackaged", + "hashes": [ + { + "alg": "MD5", + "content": "08dc8642c4e990b054882cb4f422f88b" + }, + { + "alg": "SHA-1", + "content": "a2bb4f8208e134cf2cf71dfb8824e42942f7bd06" + }, + { + "alg": "SHA-256", + "content": "8a88a8ebae65cb4d77830b40f681bf742b55ec62e7a44cf91b8577a9396b9f81" + }, + { + "alg": "SHA-512", + "content": "38a59b4e7bf60d373a266e08dbd1703cab87b519e128629aa81abf314cf849ee41a26f8c0404182c6f7364a3bde40eefa61c1be561276e141c4574faf988c5d9" + }, + { + "alg": "SHA3-256", + "content": "0ffbb680d62fc28444cf2c2975cf2947d23bae403c30a381f610af5cf05ede86" + }, + { + "alg": "SHA3-512", + "content": "847cca16e534072ddf9610dc0bd56166deade9aa4efaa3aec1717664b3546964cb0573e4970a38dee5537a09fab81077ea9bd35d988e7cb68b6ca137b31679ea" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.bundles.repackaged/jersey-guava@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-jaxb", + "version": "2.25.1", + "description": "JAX-RS features based upon JAX-B.", + "hashes": [ + { + "alg": "MD5", + "content": "43c2fe9a2848343cb562f855b06b7047" + }, + { + "alg": "SHA-1", + "content": "0d7da0beeed5614a3bfd882662faec602699e24b" + }, + { + "alg": "SHA-256", + "content": "05526bed0ffc07c2cea6b399f4e61ae3c99e44021e28a4af926ed1d867ba3fbe" + }, + { + "alg": "SHA-512", + "content": "589328af6d727d73617a1cff3e7e75bbc858d417cdbcaf8e63ea3ed0086df645fe0f83538a311941744e5afd828d1d7827933b44b8c74f6f8b912c2d7f3e1be4" + }, + { + "alg": "SHA3-256", + "content": "cbc11448fe72f34353de7de8c8b1084530ebf4a7b262bde33219cab6beeea29d" + }, + { + "alg": "SHA3-512", + "content": "18313498ba720e5c1a307927f9782cee90140984ab5c6762cb6b966040d42c2610e39f41d06b9c2ac528aba2fe1b72ba5d1255f92e01848b4580eee11b95b1e4" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-jaxb@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "group": "org.glassfish.jersey.media", + "name": "jersey-media-multipart", + "version": "2.25.1", + "description": "Jersey Multipart entity providers support module.", + "hashes": [ + { + "alg": "MD5", + "content": "0ea1375a975020b60bbbbfd47a76d69c" + }, + { + "alg": "SHA-1", + "content": "1d2db0078ee1b740c4e7ec7413d328a8a7e1c480" + }, + { + "alg": "SHA-256", + "content": "909b669f76b8883a9218fb0fbc5022a286ead7d17b29aafa532b31f19ab4afcc" + }, + { + "alg": "SHA-512", + "content": "17e40bb9186289cd21edcd67cab68765e79c3cce5f2b29ac0ae6dd653395d93c3b8e29c734288e729bf26a59084393680b448ce617689e2064151ab09250c6ad" + }, + { + "alg": "SHA3-256", + "content": "8d8299e02fcbed88c708ae2c948fca016bd985aca513f61304431169441b3bba" + }, + { + "alg": "SHA3-512", + "content": "a8f03f1e4e02c76548b03f77dfc65bad4d97b305a39e17b21e3a380155b85ea428957d0e0f0d4d4b615826d491acbfbb433a3dc9cb31ba29ba0f08bc4665bbb8" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.media/jersey-media-multipart@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "group": "org.glassfish.jersey.ext", + "name": "jersey-metainf-services", + "version": "2.25.1", + "description": "Jersey extension module enabling automatic registration of JAX-RS providers (MBW/MBR/EM) via META-INF/services mechanism.", + "hashes": [ + { + "alg": "MD5", + "content": "b02f1bc0acfdaeba09346c53a49a6b0d" + }, + { + "alg": "SHA-1", + "content": "83376116af614791a26f51a93af1070520345782" + }, + { + "alg": "SHA-256", + "content": "21339af4788eb2e02e144231f6bed95c30a019fe9bdc219725da095e15d8f7e7" + }, + { + "alg": "SHA-512", + "content": "7b4bef415a18702498bd594cea37a2d17fe60b319f40fd4028b5c5e778195bc26df1563332bc359d67bcd0029957d8fe629650ec55216d1a6f84fd7ab4daec90" + }, + { + "alg": "SHA3-256", + "content": "fd690ea72f6586355206aa12a77b03e198776261bcbb1b79a3dcbc234c0c8675" + }, + { + "alg": "SHA3-512", + "content": "822c4d091069ccfd523fbe463124a1827663b488a2df3ce8f5ea9892b8b6dbbd637e52e89ea2533c010601222f3ef7660ff45276b178082f3b928dc314681e39" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext/jersey-metainf-services@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "group": "org.glassfish.jersey.ext.rx", + "name": "jersey-rx-client", + "version": "2.25.1", + "description": "Jersey Reactive Client extension implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "2c180a0fe223e22fc0e0b0b81eedd18f" + }, + { + "alg": "SHA-1", + "content": "b31b3313f48583220986877365f5e2413541f207" + }, + { + "alg": "SHA-256", + "content": "c51bad47579898505a3283f06939c5caa4df5f1bf47ebf114069e04d3cdd33eb" + }, + { + "alg": "SHA-512", + "content": "5743abf930cc5a53cac24b1b3a8a9abcba71ec4c56c11943d8b68f6b8806eccae6268c4659b7321d05ff039f2f7a21daef62308ef4746b65083cbb925bf9c570" + }, + { + "alg": "SHA3-256", + "content": "6c9cde47931076cfade1adbb27e7d708b9ed5549b599677e69e9e7617fa32e84" + }, + { + "alg": "SHA3-512", + "content": "8b9a6428336db948562751a37ad6758cd1b6a678a70759da3dba1a43d5312b86a97dd6ced61d48c5473b9d73a0fa450e103a7d687a791733f0c2edde4e880cf2" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.ext.rx/jersey-rx-client@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "group": "org.glassfish.jersey.core", + "name": "jersey-server", + "version": "2.25.1", + "description": "Jersey core server implementation", + "hashes": [ + { + "alg": "MD5", + "content": "92dad916eab7a19c5398838a78ee9cab" + }, + { + "alg": "SHA-1", + "content": "276e2ee0fd1cdabf99357fce560c5baab675b1a2" + }, + { + "alg": "SHA-256", + "content": "4b9cdae8eae88b75762614b9a458f5aac47cf6486fe408206fc64e38b80469ae" + }, + { + "alg": "SHA-512", + "content": "85d77edd81efcc32a6ac26ca91cc6a8f9f66083897f2b10de5f7576d1e869d96c64dcce4e52112341ffae1a73fff3b18eec466fc484e709ba581d1540fbe44ce" + }, + { + "alg": "SHA3-256", + "content": "60be02edbd8f39c5c33726c0b9602c580a38e22b7c30cf98c0aea1bdfe713ef5" + }, + { + "alg": "SHA3-512", + "content": "065c0c4b5a60ebc0e0ca53e6630e27f7678c762ba4cdf28f2b2cb7d0ac9cd96bf4a92dc6c2235d77d55931e0006f445debc2cc1098d4ddace06c07a08491ad43" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.core/jersey-server@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "group": "org.glassfish.jersey.test-framework", + "name": "jersey-test-framework-core", + "version": "2.25.1", + "description": "Jersey Test Framework Core", + "hashes": [ + { + "alg": "MD5", + "content": "92495cea9331aced97489263f2cb191e" + }, + { + "alg": "SHA-1", + "content": "9368dc18933a8b9f2526c86ab310b02781969aa3" + }, + { + "alg": "SHA-256", + "content": "69343548538ec2489fd4a992ea16e42453e96af94538c586fe3345e364bc578b" + }, + { + "alg": "SHA-512", + "content": "c2a8a227427d3c80cdaf773ef8813fb2609ecc4c64911ef8c8ee8a09a4ab0f4c608d7433901511c132ba39d49141be85f45032a06757a17e7f2e43efd6a22f6f" + }, + { + "alg": "SHA3-256", + "content": "7dd7ace7d4414db08bd4f2dd4d130629d9eef806d3dbd03a582f8f78372dbe63" + }, + { + "alg": "SHA3-512", + "content": "fef833f17bf0c8c9023ffdce1fc6d860d4ce119915fcabc7d8aa48853066fe0967c5220a33c03b41b45c312da4430e1057085652e0db57f5c03485b44715b273" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework/jersey-test-framework-core@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "group": "org.glassfish.jersey.test-framework.providers", + "name": "jersey-test-framework-provider-inmemory", + "version": "2.25.1", + "description": "Jersey Test Framework - InMemory container", + "hashes": [ + { + "alg": "MD5", + "content": "08b74a5a1bd1726464f8cc389dc015e5" + }, + { + "alg": "SHA-1", + "content": "d0bf8edcb87a8e886cf4552e9b5b9a4fddc70794" + }, + { + "alg": "SHA-256", + "content": "95b76e6b4131ec8cc04f3397e3c162219ef34cf661ad52ac86a977ce0b3912b9" + }, + { + "alg": "SHA-512", + "content": "9fcd31b1c2cbb5e615c1412425088c6dbd6f4acbd4b768a178d2c0a8c545486d5a3a6ad266a6b2faedeff65fa2035017e498b6a9a5bf206646e7d14e3b75d529" + }, + { + "alg": "SHA3-256", + "content": "0a4492d926542aee9f91b73691f712157c031388153270aa6121c3b60e638387" + }, + { + "alg": "SHA3-512", + "content": "a1db62f01942f3abb36d5fa867e5fb5f4372965c9c57e0f76d992421e85ce6481a34490ac15682656eb11a410c6f7b803e70cbeed635ac86b0d125f50b832074" + } + ], + "licenses": [ + { + "license": { + "id": "CDDL-1.1", + "url": "http://glassfish.java.net/public/CDDL+GPL_1_1.html" + } + } + ], + "purl": "pkg:maven/org.glassfish.jersey.test-framework.providers/jersey-test-framework-provider-inmemory@2.25.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "build-system", + "url": "http://hudson.glassfish.org/job/Jersey-trunk-multiplatform/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/JERSEY/" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/jersey/lists/announce/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/jersey/sources/code/show" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "94e9fc820f29e4ca7c4d1008b3e52f34" + }, + { + "alg": "SHA-1", + "content": "1379b37b505dc379559e75ae7424941eee924fc7" + }, + { + "alg": "SHA-256", + "content": "f843740357ea316e196703782bcc21313ee77b665f059a28d62ebbbc37aa07ae" + }, + { + "alg": "SHA-512", + "content": "a574f37273ebf3f6d0dc18491cfcfb32288063667cd51962218575438dc3eb4f6202f862a6cef71a9caa16282cac17b77a1696dc632f1852979060e8c1b9c9ef" + }, + { + "alg": "SHA3-256", + "content": "2428547743abb3f101da2f812300e1a3778b672ea26be987b1262821fbc0c693" + }, + { + "alg": "SHA3-512", + "content": "476eb0180972b5b6bb48dfccb1eccebd607420aea3562782f1a19292ecbdadc659bf28aeb11a28e3367bad613677dae9486cb4bfb2dc2168acb8cf612b39ae2a" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-client", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "7dadc5243abb6a0979518998d5c97eeb" + }, + { + "alg": "SHA-1", + "content": "2245454abf7e6374ce92f3ef9222c7dbd43c8f1b" + }, + { + "alg": "SHA-256", + "content": "e629a9bd50ac7d361389dcc21c86f7ee12fd9f9e1c0e92664d01492df135aab1" + }, + { + "alg": "SHA-512", + "content": "592ab00b4aefbfd03fa3eb9619b39be6a59cc5a60dac993cef999433e31bf89d35a97136227966af7ec2fd84e483995b6e3390dc159aa72763246683ec02207a" + }, + { + "alg": "SHA3-256", + "content": "5fc8987e14b500cd8ef3e355548129be984b7d88f02a3b3a9718dc83e2550cbb" + }, + { + "alg": "SHA3-512", + "content": "6e4d74a8ce366f9b1c41ca2636a098566b8e2800b0f2ce3653856d499e3ff683a1ca2afdeac18661a47bd8e319987903dec3b0a3c1cc16ebccb2cc2ff3a00afe" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-java-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d1e615dd0774f828e80f51cd217dadb1" + }, + { + "alg": "SHA-1", + "content": "a4129b6ad87da0b14ee60dc4cd04321ab7b6928f" + }, + { + "alg": "SHA-256", + "content": "5ac060f9d0f802010aba3ce0452d567ff6ec1f724a8cde860cb3e83aa87918c7" + }, + { + "alg": "SHA-512", + "content": "dbe734b1a1bcd194e3ff275b620aed38fb713a250d24cfa6548d047de12a2cd394840650ad46de122b53ea8103f64cf4c0d7570e781b70e45372dda9180607e3" + }, + { + "alg": "SHA3-256", + "content": "6ca9ed2338f90de1498b7e52c35ff2eae7e13463f9fed7f36f9b797ca0d6f443" + }, + { + "alg": "SHA3-512", + "content": "a591913206657bca1c3be20220c911359537100af3f6561f5d4a454635edbc7a83c51b897efeb8b075996fce37945a1c7836296873d6817e07b7ad3a46cf5450" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-openjdk8-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "6176ca5468f46113d03982b26b569645" + }, + { + "alg": "SHA-1", + "content": "cd588787b7a232e9db4d2442ef9260baedfe33b1" + }, + { + "alg": "SHA-256", + "content": "13b0943572cc330a0371317cbfbbb0f737655387b89dc75ba9a8ab8d083e1c11" + }, + { + "alg": "SHA-512", + "content": "07373c3c34ce2bb1a84200e09b4f540d6a4cd83ee9fc65084949a449a7f510bce5a91d9cd44d7cb8454e9a2090dd636da2506c10312e5b5be693682a1024afc4" + }, + { + "alg": "SHA3-256", + "content": "26c9e9d164a3471c386bf44e1c3d3150e03d54be8d947d65306bf74e26954edc" + }, + { + "alg": "SHA3-512", + "content": "90a662aad53125f7f1eebd642a62316606a249dfe04ec3ab6673deea2fbc8d51fdc83f02e403c0f1085aa7d5600b1e11b9b171fefb0903dd5aa8c6bff905c072" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "50a898e1-523d-4041-9250-b25394071a77", + "group": "org.eclipse.jetty", + "name": "jetty-alpn-server", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "1ca2253ddcbcbcc691c51938f2e341b4" + }, + { + "alg": "SHA-1", + "content": "288afd48f2eb1816889c4848a0bb8e7783ad7124" + }, + { + "alg": "SHA-256", + "content": "2d78640dc6b6035e41d763ddb9c97f07f441665be36d0a7d1e592d683df12acb" + }, + { + "alg": "SHA-512", + "content": "7ee426bb8079daf27fd03694563e534cda147d2cb38e4b50e08c3644f1a3dd88e172ad36b322bb113c67cabbbed4b11740f72ef82cc899341aae9d6427dace43" + }, + { + "alg": "SHA3-256", + "content": "1ea3606b67b91542a4d71d7b145792dcb25dce3c52037e3a32d551678ce5fda1" + }, + { + "alg": "SHA3-512", + "content": "943a863bd2beae196d07aa13b72b5d27bd5ee56a8e578b549a5c272034a232dc4f8a3f015af81837524cd37e467871bfb66c6768a279502ab4cd05e97421347f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "group": "org.eclipse.jetty", + "name": "jetty-continuation", + "version": "9.4.18.v20190429", + "description": "Asynchronous API", + "hashes": [ + { + "alg": "MD5", + "content": "bf4683a840d240010acacc4cc9739525" + }, + { + "alg": "SHA-1", + "content": "3c421a3be5be5805e32b1a7f9c6046526524181d" + }, + { + "alg": "SHA-256", + "content": "ad2e8fa193f06989ef6f0ca09719e1e30572e6099e7c889777836076068cbfbb" + }, + { + "alg": "SHA-512", + "content": "1ca79b0b2011ae4f5dd2f64447ec39d5140ddae6fdcdc9e1104ece137113951efeeccd7fbaa2cb174c11a944d7a6d79d94a6cf2f5a645b21016a3ba1b1421152" + }, + { + "alg": "SHA3-256", + "content": "e54fd5d441a318d250a84414eb391c6af739a5a167c7cbc70963a0cd12a60371" + }, + { + "alg": "SHA3-512", + "content": "d4fd7624498cd4113fd86ef1e71fe4f0c4d0684d34e2700b0d472decf55ae5b3d9aa59447a7ec2856ba5a2348da09057f5f3730f3e91715d2746d16d20bd5fa9" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "group": "org.eclipse.jetty", + "name": "jetty-http", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "0f5299204d64fb561a8062f594185dc6" + }, + { + "alg": "SHA-1", + "content": "c2e73db2db5c369326b717da71b6587b3da11e0e" + }, + { + "alg": "SHA-256", + "content": "a2626684486590535bc928a6a40c6915f99ffda96b7a14d4310bdda566b5aa73" + }, + { + "alg": "SHA-512", + "content": "93f9852cd4689993c06629ffba24b1dc9715bcf3dfb560088669459f9484373cd5541e81c18cfb3502c9ab62fab3a7061ee5d9afd0c17fc61fe23e25fa04a1c9" + }, + { + "alg": "SHA3-256", + "content": "84caddcb2c12e244dc03f0f3f8ab41fdcb96ec95c5776c00664e8916f6bfea86" + }, + { + "alg": "SHA3-512", + "content": "08d0dba27f81c3b596d46728e01b3b1f0027d9271befab6ada56e6757ef7f64e700c242cc8f9000a2792bf5053c5c16126718d6f8fd1923331a7e3d00b3c2efb" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "c19b779d-2699-44de-a189-a0d18d8dc953", + "a2897b13-bdeb-4a6c-802e-abf09fef10a9" + ] + }, + { + "type": "library", + "bom-ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "group": "org.eclipse.jetty", + "name": "jetty-io", + "version": "9.4.18.v20190429", + "description": "The Eclipse Jetty Project", + "hashes": [ + { + "alg": "MD5", + "content": "d430c2038527a0788675049f9d48760e" + }, + { + "alg": "SHA-1", + "content": "844af5efe58ab23fd0166a796efef123f4cb06b0" + }, + { + "alg": "SHA-256", + "content": "f953810e6d5349a8c1101710bf99310e0bcd3bc43d819c06858c75f419b4cbd0" + }, + { + "alg": "SHA-512", + "content": "2f7f9f8ecff8fceaa422923ed698f5945e2e4583898115ea97e2a69f2f4c7093f07c1f9e189af0ffd6b08b669074c9e3cdd5492e42aa2ba4f0bba3ad6db85c50" + }, + { + "alg": "SHA3-256", + "content": "a6a1c14235256382171a33faf4e2869e65756b87e686e70e41aa34380fdeeac9" + }, + { + "alg": "SHA3-512", + "content": "aff9eb92b24300c2395b5ee808c54abf4c8c97224bc819b0b5bbaa6977f5806037eeb34691f6b9d9534a454ae28f3e8e9b13bd0649369af5b331e80e4c703405" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "group": "org.eclipse.jetty", + "name": "jetty-security", + "version": "9.4.18.v20190429", + "description": "Jetty security infrastructure", + "hashes": [ + { + "alg": "MD5", + "content": "ea1d2d43fdc539ddf8192e2782f45e79" + }, + { + "alg": "SHA-1", + "content": "01aceff3608ca1b223bfd275a497797cfe675ef4" + }, + { + "alg": "SHA-256", + "content": "c307c68eb402979b2b6ae75a587476c9fecafbf5f4a53db22125f9af2324926f" + }, + { + "alg": "SHA-512", + "content": "140364d32cab3e7f1acd1222c14228038db35c96e22fe55d90c810308c6ed06f72972d4a40514e664e1bcdd542c25014719082b8828b8afd29a9a760b440dfe9" + }, + { + "alg": "SHA3-256", + "content": "fb9e4fd12fc7912c3ad20ec205efa02532b05af85d22b4d4e93e2e19906dadb7" + }, + { + "alg": "SHA3-512", + "content": "df87f8e4a2ac262620c8e805695d52427421e9c25225747fedba6503916bc867c4868d04b1d786d52f64917fef4bd27013ff640297da21a49e97cd2db80007d2" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "group": "org.eclipse.jetty", + "name": "jetty-server", + "version": "9.4.18.v20190429", + "description": "The core jetty server artifact.", + "hashes": [ + { + "alg": "MD5", + "content": "b0bc6045c38e309d41f84d3c60fb31cd" + }, + { + "alg": "SHA-1", + "content": "b76ef50e04635f11d4d43bc6ccb7c4482a8384f0" + }, + { + "alg": "SHA-256", + "content": "2737c60b231e804082cdb68f1118a1aa179c8f92d50345c7444d96391ac005ce" + }, + { + "alg": "SHA-512", + "content": "b16d05236e809d1494f67aeab195190faf5a301cb131ae7033c1d62bd0f4db41e025b18cb75e0c9f7cc8146debb2d34d006318c0bd0e65dcccce9cb176acbc4e" + }, + { + "alg": "SHA3-256", + "content": "755dfbda1a8bd62b465a55c8bfd761412b81fa79fb0326c6835f0b009ea76c7c" + }, + { + "alg": "SHA3-512", + "content": "bdfd84f7b1bfadce0fd4c918b00410ad596e66bd69433260439cebb516f4d44b55e1adbf96cc866ae3e9a8f96823772e2e6633c21bba41c1588067842b7540ee" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "17d2faa1-cd26-4ac7-8c68-c4a44ec398a8", + "f32ca540-f068-4392-bea0-c0d7b050b7d1", + "6d35c4e5-f5ee-4572-af28-1ca71cf48158", + "d5c5815d-1742-46b6-953a-a4ed90fdd920", + "f6ff72c7-6603-4627-899d-658f8f7c5f23", + "ebc03317-a0b4-4b53-9cd0-7ae4281c02e6" + ] + }, + { + "type": "library", + "bom-ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "group": "org.eclipse.jetty", + "name": "jetty-servlet", + "version": "9.4.18.v20190429", + "description": "Jetty Servlet Container", + "hashes": [ + { + "alg": "MD5", + "content": "63d8201a1db1aa10454015245472fdd4" + }, + { + "alg": "SHA-1", + "content": "290f7a88f351950d51ebc9fb4a794752c62d7de5" + }, + { + "alg": "SHA-256", + "content": "58b778613867b59bdd6587c57010249e62d10104e01113459453343e9c4ecaa4" + }, + { + "alg": "SHA-512", + "content": "ed6d46eac69dcb275c684e516e1bd627aa2e8b35aa022d68e256b1ec7d145525cc03ad9f55e0794026590f1df17536465c11d25c961df3ee530586a01dcd7f55" + }, + { + "alg": "SHA3-256", + "content": "bd41d1a2332a05b8826eebefc9e1e43b2924c9a810e5c14d97cc8437a4817f6d" + }, + { + "alg": "SHA3-512", + "content": "d4e1c6d118f9ad0890f69efef3141d5d6583703fc6eba5a6c069636d6cde8d48f97d9e5ed5d58e070dd6539c4a744035840e5c8a145f6223f5d9b0dd2ba9ab27" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "group": "org.eclipse.jetty", + "name": "jetty-servlets", + "version": "9.4.18.v20190429", + "description": "Utility Servlets from Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "ed9e6c52ea1c28d92b81bf5c4cff5e22" + }, + { + "alg": "SHA-1", + "content": "e5d174950a44c8f93e27cc2528eff5a6b55da2f3" + }, + { + "alg": "SHA-256", + "content": "134e7f3fd037865cc95c3a69381088ff1c86f110fb0ea62e9a6824cb7ef48abc" + }, + { + "alg": "SHA-512", + "content": "ebd6e426972fb2833bb2173017edd8937ccc64135b6a2dbab0444b25f1528e3d50bdafe39e4749300a8ae46a5eb853a130e918339f29eea308fa9212b615c76a" + }, + { + "alg": "SHA3-256", + "content": "843c3095b2f0e5f71352baf20dfb1cba119ca110fc6e3e01751551154986aac3" + }, + { + "alg": "SHA3-512", + "content": "7eb486c3cac4a8950de6aca0006a07b1b4e9be737fa0902c229e15b27c3c61ddb353ea34f7d4d397dc5cba7da91e2cbee7d086a67506d2b303717f2743b46b0f" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "d8add710-4eed-448d-b198-ecff8ffe86ea", + "123b8eaf-5572-4945-975d-21ed3c2f101d" + ] + }, + { + "type": "library", + "bom-ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "group": "org.eclipse.jetty.toolchain.setuid", + "name": "jetty-setuid-java", + "version": "1.0.3", + "description": "Administrative parent pom for Jetty modules", + "hashes": [ + { + "alg": "MD5", + "content": "24990c296784e354afb446ccb739e826" + }, + { + "alg": "SHA-1", + "content": "73ae4ab171d396103f32e392970641e985d1a845" + }, + { + "alg": "SHA-256", + "content": "192cb1941aa1afefd9851d984fa39a2076f9200c434abba43dab1d410bfaddbd" + }, + { + "alg": "SHA-512", + "content": "11afcd8eb8968878ce4efb2b54956b04f1a28900b8be6edc1a3482388a3dddd2880b61d1a5c083de41d0cecaa3c8a32d4077f3f15b3f38dcbc71aa64bf40c524" + }, + { + "alg": "SHA3-256", + "content": "b6e2a6fdb8cc4021d17fdc85fb8bea172d25b206eca5c5f49ac5d4e6d1a6f704" + }, + { + "alg": "SHA3-512", + "content": "224c5ce3bbddf418eb2f1f43f9c3fd3f332ac6b557839942e54fc229e6a8e009ed11aab9e86a78e2642262d0ba43d5c2ff29aa9e96b89c68726d46365d46a000" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty.toolchain.setuid/jetty-setuid-java@1.0.3?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://git.eclipse.org/c/jetty/org.eclipse.jetty.toolchain.git/tree/jetty-setuid" + }, + { + "type": "website", + "url": "http://www.mortbay.com" + }, + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Jetty" + }, + { + "type": "mailing-list", + "url": "http://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + } + ] + }, + { + "type": "library", + "bom-ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "group": "org.eclipse.jetty", + "name": "jetty-util", + "version": "9.4.18.v20190429", + "description": "Utility classes for Jetty", + "hashes": [ + { + "alg": "MD5", + "content": "0e98accd79ef0f0709e67b32d1882712" + }, + { + "alg": "SHA-1", + "content": "13e6148bfda7ae511f69ae7e5e3ea898bc9b0e33" + }, + { + "alg": "SHA-256", + "content": "db2ae97679e4d9dd0b96e0e2e04423d41407977a87edfa0ed1714c44eb5c7aa1" + }, + { + "alg": "SHA-512", + "content": "e1994547ad741cfcc0776e856178c530687bd3f20354ebbaf4d10ed6c6773cf0b9d2201359ffaa9328606aaa7170c125433dfd83c40db8e03ad6f17d43753392" + }, + { + "alg": "SHA3-256", + "content": "af0fd5e8b166a754626964f211eebf7e5bcff175dc852e5dd28b48d32437921b" + }, + { + "alg": "SHA3-512", + "content": "da788326e973cb92399d84ea58fd884a11a82666741514f2aefe150ed47809189ebd98553bbe7b56bde0d892b51294ddbf24af341f68a2854737622a6439356e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ] + }, + { + "type": "library", + "bom-ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "group": "org.eclipse.jetty", + "name": "jetty-webapp", + "version": "9.4.18.v20190429", + "description": "Jetty web application support", + "hashes": [ + { + "alg": "MD5", + "content": "044d3037d9a5b94c8ed938d89045e06b" + }, + { + "alg": "SHA-1", + "content": "9c2f1a2b61bdc2d24f8a980c6c614aa0b588216d" + }, + { + "alg": "SHA-256", + "content": "3e7a715fb8f5ebe79d54b940f630d562629ecf91d1b3fd1403ff9700d0a3e125" + }, + { + "alg": "SHA-512", + "content": "09861241011a4f5dee0ffb7087f033f7882decda7e8bd9641fe1c759f558af28c01f050f0d904fe3f06fba3769efc887d50156cdb7567322ad5fbcee1fc7c2ea" + }, + { + "alg": "SHA3-256", + "content": "a958bee3bbb5d03e76f34e8e70552614aeaaa1fd63a56d5d56d12f552b9e4df4" + }, + { + "alg": "SHA3-512", + "content": "c2b790b16923ca0e1171b76cbb8c852b1e338cab09cc2f46f17b4479370e3d0a0308ca15bfc2d0421655c7db200bb5813a771e80cb6ed566dea9656f232ef403" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "4bb1fb03-b1bb-4ddf-bcf2-d5314c0c6442" + ] + }, + { + "type": "library", + "bom-ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "group": "org.eclipse.jetty", + "name": "jetty-xml", + "version": "9.4.18.v20190429", + "description": "The jetty xml utilities.", + "hashes": [ + { + "alg": "MD5", + "content": "637f8a266afa4cb043e1d142c7cacb33" + }, + { + "alg": "SHA-1", + "content": "dcd2806ee48e646fd4dcff81c7c6867fea2b52e8" + }, + { + "alg": "SHA-256", + "content": "2189c5316c4ef2721166353a3f6800803b2ffd06cfc4c7b16ebdef9b00108ca6" + }, + { + "alg": "SHA-512", + "content": "f60127983e3115b9df5ececcfe5a75bf4b1de0597e050d52b65d8e60875305741a3d3256d12d198e25be58b8b236a34ecc6747c05faf30465be27095b02e3206" + }, + { + "alg": "SHA3-256", + "content": "acb83341c830c2e5944c91021cac1d486e73fd5d570abfd4572346242b847940" + }, + { + "alg": "SHA3-512", + "content": "53c27e9e1c64a2046793b9f02880813669b71d534737ec84f16eadb8bdb63a717b664e602a17f1e071f411e318d6c233812910db8ae3bff933047eed08110290" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0" + } + } + ], + "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.18.v20190429?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://webtide.com" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/eclipse/jetty.project/issues" + }, + { + "type": "mailing-list", + "url": "https://dev.eclipse.org/mhonarc/lists/jetty-dev/maillist.html" + }, + { + "type": "vcs", + "url": "https://github.com/eclipse/jetty.project" + } + ], + "affectingVulnerabilities": [ + "76910119-ee18-4144-855b-b2fdab20e33c" + ] + }, + { + "type": "library", + "bom-ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "group": "org.openjdk.jmh", + "name": "jmh-core", + "version": "1.19", + "description": "The jmh is a Java harness for building, running, and analysing nano/micro/macro benchmarks written in Java and other languages targeting the JVM.", + "hashes": [ + { + "alg": "MD5", + "content": "be8d2b77f24b93d14b3590a2c2cc9eba" + }, + { + "alg": "SHA-1", + "content": "1ea93b88f8154f0a35c16b46d76cfb2febcf4916" + }, + { + "alg": "SHA-256", + "content": "5b920f4033b55f78af121c6594e2afcc84c16f2030beef6d035463b126fc9f46" + }, + { + "alg": "SHA-512", + "content": "9bc30e04a4ee999cc1dc45be32bd60ad4248070073424efacdce85b02777dc1ef9f8aa9f57693cc4cc6964c6c934ce3c251f8db26f70bad54353c2d0849aee83" + }, + { + "alg": "SHA3-256", + "content": "b21c8a03f99e3ccadc461f35e5ed3aa3904ae25cbb44ca2dd02eb0d2f8a6582c" + }, + { + "alg": "SHA3-512", + "content": "96f2d4874d54c13b4c9392628415ce62bdff000c142901f08d3eef24c707b5cd656c328a3ef846303a85dc3dfbff69062e0167b2065b5200e52c764afe0ba418" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-core@1.19?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://openjdk.java.net/" + }, + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "group": "org.openjdk.jmh", + "name": "jmh-generator-annprocess", + "version": "1.19", + "description": "JMH benchmark generator, based on annotation processors.", + "hashes": [ + { + "alg": "MD5", + "content": "0edd4d9828437ef68acbe301910de6eb" + }, + { + "alg": "SHA-1", + "content": "e5bb13308963df412877e88fede84c1bd869ca03" + }, + { + "alg": "SHA-256", + "content": "b104c8c3c971d6aa4ff4c7a73e70cfb3e6201084332e4007ba9516a43f27003e" + }, + { + "alg": "SHA-512", + "content": "f4bdd594e25586047d93375f76fc2c85ad302b222ace4dae8e7418a24e1d75ab1ecd3f4d75d362baf3af6388bb6b3f3db7a932e8a003a8ff0c1412059e0c0c5b" + }, + { + "alg": "SHA3-256", + "content": "ea48f22ddf27853d67194836e0a13bb9a6c20a480e03252ce75403bc303a2a8d" + }, + { + "alg": "SHA3-512", + "content": "37ae2a6c8b2f38fcfcfea1343debb71cbb63af15c402fa32dc38e1913c75af7d2f4951a21edbc7cacfeeb789dbbc6fa9be9f24ccd426e1f9344de0f344a9e773" + } + ], + "licenses": [ + { + "license": { + "name": "GNU General Public License (GPL), version 2, with the Classpath exception", + "url": "http://openjdk.java.net/legal/gplv2+ce.html" + } + } + ], + "purl": "pkg:maven/org.openjdk.jmh/jmh-generator-annprocess@1.19?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://hg.openjdk.java.net/code-tools/jmh/" + } + ] + }, + { + "type": "library", + "bom-ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "group": "joda-time", + "name": "joda-time", + "version": "2.10.1", + "description": "Date and time library to replace JDK date handling", + "hashes": [ + { + "alg": "MD5", + "content": "488e6b287cde4fe6142c0da65495ab63" + }, + { + "alg": "SHA-1", + "content": "9ac3dbf89dbf2ee385185dd0cd3064fe789efee0" + }, + { + "alg": "SHA-256", + "content": "d269671656767e05a58dd634cbafc36ed70d417220b058d11c0d88dfd281616d" + }, + { + "alg": "SHA-512", + "content": "b92f67c1a8b293e3771bc2c56e5280f6a9cb523b38db7b1c8f56c427ec7147d9fec1fa425d25582060195a433005797294680e5e071fc49272575cc67f8fe58c" + }, + { + "alg": "SHA3-256", + "content": "ace6d9b18b8de8281dde7a10070f08a11a2b1aca804e2031983d8cffc61a11a2" + }, + { + "alg": "SHA3-512", + "content": "1ae2b49ee5c492a7b83f2c72e5405db0e784b0a34dee7a8d634f6a1e11023bd87653903d4c8a31a964624eb6137db0f612a0d54d509e7a4c39b09c09d30309af" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/joda-time/joda-time@2.10.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://www.joda.org" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/content/repositories/joda-releases" + }, + { + "type": "issue-tracker", + "url": "https://github.com/JodaOrg/joda-time/issues" + }, + { + "type": "vcs", + "url": "https://github.com/JodaOrg/joda-time" + } + ] + }, + { + "type": "library", + "bom-ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "group": "net.sf.jopt-simple", + "name": "jopt-simple", + "version": "4.6", + "description": "A Java library for parsing command line options", + "hashes": [ + { + "alg": "MD5", + "content": "13560a58a79b46b82057686543e8d727" + }, + { + "alg": "SHA-1", + "content": "306816fb57cf94f108a43c95731b08934dcae15c" + }, + { + "alg": "SHA-256", + "content": "3fcfbe3203c2ea521bf7640484fd35d6303186ea2e08e72f032d640ca067ffda" + }, + { + "alg": "SHA-512", + "content": "18bf59191d7a456e7675c841df8411ebe425da40532e103db95483be5d2a75510d8a38ad9755cdd4e0be27afe7cfd0b358599388a84fcec1ee27e89caa37f5af" + }, + { + "alg": "SHA3-256", + "content": "e5c7a060e6bd75fb9ef2b7eeac082550bd4f01049c0da929c57ae71fef59b32a" + }, + { + "alg": "SHA3-512", + "content": "6b35fe9fcb3497a9e3a4b0c55dab300b63155c76bbce88fae9b3dcc1012f2c55d7c70216173299817830328071f5c3af079a67ce9af96c25b6befbcef915b049" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/net.sf.jopt-simple/jopt-simple@4.6?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "http://github.com/pholser/jopt-simple/issues" + }, + { + "type": "vcs", + "url": "http://github.com/pholser/jopt-simple" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "group": "com.google.code.findbugs", + "name": "jsr305", + "version": "3.0.2", + "description": "JSR305 Annotations for Findbugs", + "hashes": [ + { + "alg": "MD5", + "content": "dd83accb899363c32b07d7a1b2e4ce40" + }, + { + "alg": "SHA-1", + "content": "25ea2e8b0c338a877313bd4672d3fe056ea78f0d" + }, + { + "alg": "SHA-256", + "content": "766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7" + }, + { + "alg": "SHA-512", + "content": "bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804" + }, + { + "alg": "SHA3-256", + "content": "223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff" + }, + { + "alg": "SHA3-512", + "content": "3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://code.google.com/p/jsr-305/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "group": "org.slf4j", + "name": "jul-to-slf4j", + "version": "1.7.26", + "description": "JUL to SLF4J bridge", + "hashes": [ + { + "alg": "MD5", + "content": "2bb060120bc3feda3d964bf5be845fbf" + }, + { + "alg": "SHA-1", + "content": "8031352b2bb0a49e67818bf04c027aa92e645d5c" + }, + { + "alg": "SHA-256", + "content": "0f3b6dfbfb261e3e2b71ea88574452f36c46fec016063439eb8f60083291918e" + }, + { + "alg": "SHA-512", + "content": "201d8fc50e94469cfddc79faa6d7492602243a13454dc58e42d6422f1e7f1d1b352474930bf13c1784c252721bee92a636723a1f75d3cb578fec200b42275e2a" + }, + { + "alg": "SHA3-256", + "content": "dd6032a174bd7527a7195462617a613dbbb0dbbcebac49aca1c3fb2b4db79e3b" + }, + { + "alg": "SHA3-512", + "content": "2bf9adba76cbd0541b1462e952cce50baedb6feac8d963f59db8374a895469d340f5787defeffefb48162a0171f54dbfe1d173de7ec08b080c01260611dd7e25" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "group": "junit", + "name": "junit", + "version": "4.12", + "description": "JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.", + "hashes": [ + { + "alg": "MD5", + "content": "5b38c40c97fbd0adee29f91e60405584" + }, + { + "alg": "SHA-1", + "content": "2973d150c0dc1fefe998f834810d68f278ea58ec" + }, + { + "alg": "SHA-256", + "content": "59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a" + }, + { + "alg": "SHA-512", + "content": "5974670c3d178a12da5929ba5dd9b4f5ff461bdc1b92618c2c36d53e88650df7adbf3c1684017bb082b477cb8f40f15dcf7526f06f06183f93118ba9ebeaccce" + }, + { + "alg": "SHA3-256", + "content": "02b1f076652120813646a0cb34350f0c73a3299b221567e089f6aaadf8ab444a" + }, + { + "alg": "SHA3-512", + "content": "9e8f7057647c11564178e4569cf4f5682d3688b49d81acc60fd301f61053932ee9ac109c19cb639f7710d23afc76cb106ebde0f8143e2fe5fa08605201720a8b" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.eclipse.org/legal/epl-v10.html" + } + } + ], + "purl": "pkg:maven/junit/junit@4.12?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.junit.org" + }, + { + "type": "build-system", + "url": "https://junit.ci.cloudbees.com/" + }, + { + "type": "distribution", + "url": "https://github.com/junit-team/junit/wiki/Download-and-Install" + }, + { + "type": "issue-tracker", + "url": "https://github.com/junit-team/junit/issues" + }, + { + "type": "mailing-list", + "url": "https://groups.yahoo.com/neo/groups/junit/info" + }, + { + "type": "vcs", + "url": "http://github.com/junit-team/junit/tree/master" + } + ], + "affectingVulnerabilities": [ + "499117ae-d134-4505-8674-ed498531e7a9" + ] + }, + { + "type": "library", + "bom-ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "group": "org.junit.jupiter", + "name": "junit-jupiter-api", + "version": "5.2.0", + "description": "Module \"junit-jupiter-api\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "d85d733ecb4120eb7ad5be3134d09053" + }, + { + "alg": "SHA-1", + "content": "9cd901df48d88d8e605a6ccb2c3f140c92db6bf2" + }, + { + "alg": "SHA-256", + "content": "47f7d71b35dc331210b9ab219bbb00d54332981aa12eb5effe817de17e1ae7b3" + }, + { + "alg": "SHA-512", + "content": "8b54b50e8e10b9aed8a1d65338b86d3cd28fabba15f536df457689b99145a451f0144c703eaa848e0bf5c7dc7719ec442b479bac1b7d88cb9ba2cddffd0f1f13" + }, + { + "alg": "SHA3-256", + "content": "2a215014d5df1141f50d9c800b004d9bcb391163b05365ba3f9d145a71e69171" + }, + { + "alg": "SHA3-512", + "content": "1cb1e7a4279d2949081aad395cd158bf28a8ad12682a3f8962da50f1b3c2b4f64a206089145bdc8e4730b689f791e1f306361c4f8e0044dd88fa9f38f1916cd1" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-api@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "group": "org.junit.jupiter", + "name": "junit-jupiter-engine", + "version": "5.2.0", + "description": "Module \"junit-jupiter-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "23b9c1eb5cbc9ff595fbedb9d6ff2068" + }, + { + "alg": "SHA-1", + "content": "de87318ccd3dfa1a98ebfef792d362776f1914de" + }, + { + "alg": "SHA-256", + "content": "8f994f4094790e246dc84de86a1ff4194ca85e8b13bedaca0207f727ebfbc813" + }, + { + "alg": "SHA-512", + "content": "f2bf6ab75a111cd2cda9f8d50f62b3986fc7b675b9f14abfa73d44ccbce010b559bb2a7dcee670e8134f1e8859c2c804b87b50b141c6d48a55699cf07f1d75d7" + }, + { + "alg": "SHA3-256", + "content": "1c2e7d5d721f35eb5f4c206f920d5f34a480b5e93d991ff602acbb3002ae6cb3" + }, + { + "alg": "SHA3-512", + "content": "de4c58a5d5acfc20a8008f07c94258a6023664c6879518fec9e37eff79f106bb3645979615d792f7de404bf52b8c0e6425902c177458a483a6087bf9a4cdd822" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.jupiter/junit-jupiter-engine@5.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "group": "org.junit.platform", + "name": "junit-platform-commons", + "version": "1.2.0", + "description": "Module \"junit-platform-commons\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "b3199ff22308f68d7dc3e400fe53f51f" + }, + { + "alg": "SHA-1", + "content": "dbce1d822d3dc6c61703b340cd79018518685451" + }, + { + "alg": "SHA-256", + "content": "7771af2f797d1d0ccce9920eb3cd826fb8fd7659ccb4d8877e76d9412be72cc2" + }, + { + "alg": "SHA-512", + "content": "b08bcfa884c67ae155ea5eb0ae33f0d58e88096015b82ebf3e5a301292b4622aea1514285aeef7361f8b9e4c83e48e5d8842433afe6e3b0b06c7a1c8729b104e" + }, + { + "alg": "SHA3-256", + "content": "87b03d3ecafccbaa1dc2bd068117cf95ac520546131006bd744464ef757ec44a" + }, + { + "alg": "SHA3-512", + "content": "9501a107af25b97f4e7a102b9262f8438915cc2e93599a2343255fd1935e3c86853a50934376f509fe45f0f601f4ba8023b02ef091e51c51675469170ed88a70" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-commons@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "group": "org.junit.platform", + "name": "junit-platform-engine", + "version": "1.2.0", + "description": "Module \"junit-platform-engine\" of JUnit 5.", + "hashes": [ + { + "alg": "MD5", + "content": "14405ffac9858d89cc0609b16b8c763c" + }, + { + "alg": "SHA-1", + "content": "35fa3529ce843ada1a10b0909ccb4a8148ee638d" + }, + { + "alg": "SHA-256", + "content": "60b102e94ea01556fdc8c041950a05450edc188e3708f032a6bfb1a50ba0bc22" + }, + { + "alg": "SHA-512", + "content": "d367cad97695832f088e299d873570ea9e4bffd30222a5b3157fd506d9405776cfba78b8dc0b6e2697e96d0008ad65b7a35324fab7386c99257d2a723641b679" + }, + { + "alg": "SHA3-256", + "content": "25189ca0767cdad052cca52e00fb63557e8581d3733cf1272dfa780d668ff140" + }, + { + "alg": "SHA3-512", + "content": "d8b6d4a3f9bb96a1b6f610038b50f9a647526e5d0a805bcdd4c13603cdb3508a39a4403c9674b9bca67e673a6493f51a7d363e88fe28efd50382f7832bc20f2a" + } + ], + "licenses": [ + { + "license": { + "name": "Eclipse Public License v2.0", + "url": "http://www.eclipse.org/legal/epl-v20.html" + } + } + ], + "purl": "pkg:maven/org.junit.platform/junit-platform-engine@1.2.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/junit-team/junit5" + } + ] + }, + { + "type": "library", + "bom-ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "group": "org.liquibase", + "name": "liquibase-core", + "version": "3.6.3", + "description": "Liquibase is a tool for managing and executing database changes.", + "hashes": [ + { + "alg": "MD5", + "content": "455a827f017027c276fdfc1ec0bba595" + }, + { + "alg": "SHA-1", + "content": "737c5a4fac26ee760d016923c83481ff933e4875" + }, + { + "alg": "SHA-256", + "content": "e3d877af44ebe7f253525319e3a95bd14e249bfb3d55e9c458e78458bce8426d" + }, + { + "alg": "SHA-512", + "content": "a2c453c71c654ecdf98b86293981fd53ef270b8834b1903b88566dd515da22df17a47a7a31f6c8c65f496ec64613c101ab5501ea9e8293001703f9d2a65c878b" + }, + { + "alg": "SHA3-256", + "content": "6cc2d3b40b26f5b20f62647f3dfc3238741eebd176e51ed76bafe534781554d8" + }, + { + "alg": "SHA3-512", + "content": "1efc7bca74a8e561b48786cff789dba1b87cf4e6d7dc65da70bc71590c653ffd2111d8fb703cea6a429481c68c385299cf59f5b15072ccbe2365d53fc548292b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.liquibase/liquibase-core@3.6.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.liquibase.org" + }, + { + "type": "build-system", + "url": "https://circleci.com/gh/liquibase/liquibase/tree/master" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2" + }, + { + "type": "issue-tracker", + "url": "http://liquibase.jira.com/browse/CORE" + } + ], + "affectingVulnerabilities": [ + "7b0674fc-e326-47d0-b34b-b5bfb523784b" + ] + }, + { + "type": "library", + "bom-ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "group": "com.mattbertolini", + "name": "liquibase-slf4j", + "version": "2.0.0", + "description": "Liquibase SLF4J Logger", + "hashes": [ + { + "alg": "MD5", + "content": "c0de626cfee6e91f2fe3f28aca48a6f9" + }, + { + "alg": "SHA-1", + "content": "15d0d15b546ef66caf3385a3c13aeb75663b3ba4" + }, + { + "alg": "SHA-256", + "content": "1378fcb84657a57fd133328b13ea0578d18011fb4578dd915b292f9b8afbfd6e" + }, + { + "alg": "SHA-512", + "content": "193195e7aba3a04c4bc27a8cb424d8ede7e9a00f0682801906b59cfafe717c19ed47bf299e033da9b91400f936a90a14137b0b48ed55a46a2527db644cfe7947" + }, + { + "alg": "SHA3-256", + "content": "143f1704ce5f758ce1c3dc2bfce78abac50638cfe54537042ada01ce8c765f89" + }, + { + "alg": "SHA3-512", + "content": "0d7e066b3760514259844a5b137706b47ce61fabf24ac34e59445609e0a41e5497d90bb8786c06e1fa767375c4ee039d1c44c4b136fdb63d08ada9967286502a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/com.mattbertolini/liquibase-slf4j@2.0.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/mattbertolini/liquibase-slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "group": "org.slf4j", + "name": "log4j-over-slf4j", + "version": "1.7.26", + "description": "Log4j implemented over SLF4J", + "hashes": [ + { + "alg": "MD5", + "content": "0ca7c8107e86b7e251cf15d475db5183" + }, + { + "alg": "SHA-1", + "content": "daeb21c5e35d77d550e721c4cf5aaa716496d31a" + }, + { + "alg": "SHA-256", + "content": "81a1c31befb21e3975064f43e0b1692b7fc2dc5f6d8dc3b6baaa7b8c3e5ddd5b" + }, + { + "alg": "SHA-512", + "content": "6ae099e1ad5526212f2758a9e16ce7027833e47dff9370c7dbc5317c43f0d3450f20a437ae1a97594382cd27b74c276cb0f3c32de0668b61daf874fb4d30bc90" + }, + { + "alg": "SHA3-256", + "content": "7fe9883b0d6edce803b4942d53771c9e87735076e5ee162037bce3180e067c04" + }, + { + "alg": "SHA3-512", + "content": "349b75322aaf3d4fa035ed2c98c3f289ea6c2bef2bc6756b018df99536d99ceaa17b9192ce5bdde1a213ec75ecc60d11629189a5774b166e671a709e7f2df708" + } + ], + "licenses": [ + { + "license": { + "name": "Apache Software Licenses", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + } + } + ], + "purl": "pkg:maven/org.slf4j/log4j-over-slf4j@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "group": "ch.qos.logback", + "name": "logback-access", + "version": "1.2.3", + "description": "logback-access module", + "hashes": [ + { + "alg": "MD5", + "content": "9468ae35cd2e92164659543a55280aac" + }, + { + "alg": "SHA-1", + "content": "e8a841cb796f6423c7afd8738df6e0e4052bf24a" + }, + { + "alg": "SHA-256", + "content": "0a4fc8753abe266ea7245e6d9653d6275dc1137cad6ecd1b2612204033d89687" + }, + { + "alg": "SHA-512", + "content": "b72a31503d09eb0f40abad77a44617b7edc2904e2e619f7cdcbab2536965be34e91ebbaffd0444027d15bad2562515762ee13a7163d9e12f82017334dc84a6a2" + }, + { + "alg": "SHA3-256", + "content": "db933b4474fd6b77e89b1f68f4117d7b299788b0706e926ea88506f086b54f63" + }, + { + "alg": "SHA3-512", + "content": "64acf87611208b7ccda4408ebd924dad609f3bb3e217fcaa80f13cfd098225183a559e5023b7ceabb07ff3ab705f13aad732b04f781f2b618e2f3de31376c089" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-access@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ] + }, + { + "type": "library", + "bom-ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "group": "ch.qos.logback", + "name": "logback-classic", + "version": "1.2.3", + "description": "logback-classic module", + "hashes": [ + { + "alg": "MD5", + "content": "64f7a68f931aed8e5ad8243470440f0b" + }, + { + "alg": "SHA-1", + "content": "7c4f3c474fb2c041d8028740440937705ebb473a" + }, + { + "alg": "SHA-256", + "content": "fb53f8539e7fcb8f093a56e138112056ec1dc809ebb020b59d8a36a5ebac37e0" + }, + { + "alg": "SHA-512", + "content": "9ad5df9055e74c1db67e10422774e740903477c821591702d2709a4c1f73e3fc3fa6b1a871b6985901817bc2bdeba916849035dc2bbf518f308637b0586e36f1" + }, + { + "alg": "SHA3-256", + "content": "7d38586cfd6e1363970ac1811eb49dd9e535e2d2bf967118ce8f28592655ac24" + }, + { + "alg": "SHA3-512", + "content": "0a47917a6adfaef45e1170ff419800a7c88771510c6d5744b081e0572f70d2e339a5bbdd9b0637c2ecfcdd49a095c856ec293e8a41bbd03ef9b5a67d42731e67" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ], + "affectingVulnerabilities": [ + "0d58391c-d0fe-4b46-8f8d-6a49db7fb354" + ] + }, + { + "type": "library", + "bom-ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "group": "ch.qos.logback", + "name": "logback-core", + "version": "1.2.3", + "description": "logback-core module", + "hashes": [ + { + "alg": "MD5", + "content": "841fc80c6edff60d947a3872a2db4d45" + }, + { + "alg": "SHA-1", + "content": "864344400c3d4d92dfeb0a305dc87d953677c03c" + }, + { + "alg": "SHA-256", + "content": "5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22" + }, + { + "alg": "SHA-512", + "content": "bd1a7512647fe61b90cfd18bedf2a33f3f16f334f8f8ce947cdd353c0b0b7a7cce203070f0d2183f6583e0f2b2fe6e0b12eb93bd5b2dc29076e7b466447f6dc5" + }, + { + "alg": "SHA3-256", + "content": "7e43423025fc6ebe94b4cc641dc60a4507f93dd1445214847a069595f7cb728e" + }, + { + "alg": "SHA3-512", + "content": "76a7f8df50903e80c5455da2307705f1ce08e098b75d02c1e36cb8b06eb3dc18c4e93fbf4ed1dea143d73645a652b52bb26e789d1fa111866c54a57c2025049e" + } + ], + "licenses": [ + { + "license": { + "id": "EPL-1.0", + "url": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html" + } + } + ], + "purl": "pkg:maven/ch.qos.logback/logback-core@1.2.3?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/ceki/logback" + } + ], + "affectingVulnerabilities": [ + "bdd3f85b-5284-4163-be5b-0dd84b9300ac", + "0d58391c-d0fe-4b46-8f8d-6a49db7fb354" + ] + }, + { + "type": "library", + "bom-ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "group": "io.dropwizard.metrics", + "name": "metrics-annotation", + "version": "4.0.5", + "description": "A dependency-less package of just the annotations used by other Metrics modules.", + "hashes": [ + { + "alg": "MD5", + "content": "18a5f9cee781de1bee53b78df6e37c4e" + }, + { + "alg": "SHA-1", + "content": "b30a0e181a5b5170c3b9bf513a9f2cc756dd4319" + }, + { + "alg": "SHA-256", + "content": "ef1ac18eeb33545913992f1b3d4779c9438435cea26a3a4366f05457a1006159" + }, + { + "alg": "SHA-512", + "content": "574a8d69f2610641d087d2ccf5509787c0993ce3f6fab1877580243cb8d57eb646e3cca9e9336d3e61776fdcb875770017d3182b7238ddfe0c31b08bad4edc30" + }, + { + "alg": "SHA3-256", + "content": "841decb2aae5beba8df9d315b687fe9c5c9c0addf481e75c5de17e408b7d6d07" + }, + { + "alg": "SHA3-512", + "content": "61e765ec087be04c969bbf542c2c743b3de4a613dd77d8820e73976b51cb31f291a575623c64e2c0d865408965904611be2a91213fa387d01e7552de48770056" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-annotation@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "group": "io.dropwizard.metrics", + "name": "metrics-core", + "version": "4.0.5", + "description": "Metrics is a Java library which gives you unparalleled insight into what your code does in production. Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "f5fb039e8ed41743d3b6590547d85894" + }, + { + "alg": "SHA-1", + "content": "b81ef162970cdb9f4512ee2da09715a856ff4c4c" + }, + { + "alg": "SHA-256", + "content": "e31f5bc2fc58dcacd0cf31f7eafa43d3b981873dac0d3f0ffebb145675f1c8a8" + }, + { + "alg": "SHA-512", + "content": "5d553993bf5bbd985453bb69f0704997f624a6ef81aa126c7228fe3d2dd7ebe57e7eeb161067e19914a9f36c762ce2fa7be5e47d0fb4deb623a3fb82ed6a70f2" + }, + { + "alg": "SHA3-256", + "content": "5ba7bcb9d456edb43cf67736e066d9558da57205f916c5ada7f5058b2f8cbc90" + }, + { + "alg": "SHA3-512", + "content": "fcb8a3e52da3f8e9f86c692d8d68661acfe2b6aeb29866325178f3732176e099d0c6c9933d187b0840cf632de154087ad0ae6e8daf2712bedaaaa5e9a4c97214" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-core@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "group": "io.dropwizard.metrics", + "name": "metrics-graphite", + "version": "4.0.5", + "description": "A reporter for Metrics which announces measurements to a Graphite server.", + "hashes": [ + { + "alg": "MD5", + "content": "22f848bd3427fa8d5caa8717468097f5" + }, + { + "alg": "SHA-1", + "content": "76e8758356373d5aed5abacbda429b38f6e8fa98" + }, + { + "alg": "SHA-256", + "content": "e7ece2bb30cf016a012286d7077fd1d9741c3e205ac7095fdc081e4c552436db" + }, + { + "alg": "SHA-512", + "content": "e1c984ee8daa837add7b4ca0d07162faebf4b7d2bb88b7bd355eccd570e3935fb1c49acdf8b1dcc5c88bbf04c67cda2a7efdcf375d0247d35b7744f9ab810a4f" + }, + { + "alg": "SHA3-256", + "content": "d3ac2a04fe0a5225e4c8ce2a2c46d196ef466eccfa00254cab8df1a08f5dc4fc" + }, + { + "alg": "SHA3-512", + "content": "d2ee456e6964ec862f1a770c386084cf016983c03083a5516405ce4372204a0e0d5feb27e78d7f5d7345719b9af256f8d000cde922547c159de14cb860cc2403" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-graphite@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "group": "io.dropwizard.metrics", + "name": "metrics-healthchecks", + "version": "4.0.5", + "description": "An addition to Metrics which provides the ability to run application-specific health checks, allowing you to check your application's heath in production.", + "hashes": [ + { + "alg": "MD5", + "content": "e64c9571317f403046ad8a04814cecab" + }, + { + "alg": "SHA-1", + "content": "73177b73f9d7ac80b0d0125db9dd41faab816c52" + }, + { + "alg": "SHA-256", + "content": "bd3be08664f03a27bc625b88d91e852cd105b6f53725cfa54a7167a268f2fe0e" + }, + { + "alg": "SHA-512", + "content": "e2c16ef7751558c07e8268d3448477c2296d2f83e1f915fe09b2e0f54c62cf774c9a8b8b3dfedccd882d95cf78bc0f0af3d997af0de8c0c5d489de36883f0b09" + }, + { + "alg": "SHA3-256", + "content": "8dd767ac7aca8dfaef37a32010f341ea4ee20e8190251b367f47cdbc3cba857e" + }, + { + "alg": "SHA3-512", + "content": "34929a8391da886a045a6947b17c875fd3d7c37f85e03d47572d2de359885c101c61a735f9c09cdb8ee4100221acb650389b74071b8c1184e032f2ce2947f67a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-healthchecks@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "group": "io.dropwizard.metrics", + "name": "metrics-httpclient", + "version": "4.0.5", + "description": "An Apache HttpClient wrapper providing Metrics instrumentation of connection pools, request durations and rates, and other useful information.", + "hashes": [ + { + "alg": "MD5", + "content": "023faaf10f012b67e15faa137d106f21" + }, + { + "alg": "SHA-1", + "content": "d02819ff820207d03d0082ef24cd36157d7c5188" + }, + { + "alg": "SHA-256", + "content": "12112aebd3bb53cc5451846202f4333588dc5455e4739c0c2360103700c24e42" + }, + { + "alg": "SHA-512", + "content": "9c991dae8890b35046c258536884d68f821d1e4aabb65c8e1c845309fadf0e9e2849e0653bc6aa5a008336569d8eb71a660a06f402a7a933a3da85604c45e67b" + }, + { + "alg": "SHA3-256", + "content": "f2bd98bc7e39c259544dc04853e5404d6cdf9c7095fcc718ba65b597a377ef33" + }, + { + "alg": "SHA3-512", + "content": "7fa6cba3b553b5c3ffc943ca2ff387d2b542d7170bcea5b43fffe150cd0a3849244ec3a2bbcfce28e8f9d762a925e4cbc7101785f2c3c4d00af61e2f97d00dcb" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-httpclient@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi", + "version": "4.0.5", + "description": "A JDBI wrapper providing Metrics instrumentation of query durations and rates.", + "hashes": [ + { + "alg": "MD5", + "content": "7700c4ec787e2355d290e0f40820de15" + }, + { + "alg": "SHA-1", + "content": "005441385ea7bf674fc480dc6bc6dcff6a7278ec" + }, + { + "alg": "SHA-256", + "content": "6858a83724e2df638c475425ea48811ca84c28fc778f92251209e17317e225c4" + }, + { + "alg": "SHA-512", + "content": "671beb600961db9ca14f043225670c18035f3db932ad67bb6f04bae4a57e67e7265b317d851009bd764344dcfdffe8073156b4f517e8c71954af2575bb7c9f32" + }, + { + "alg": "SHA3-256", + "content": "95a48e7ac5a1e6dfd2590e1a79b046017a90b7dce17322d35f10d18408d42526" + }, + { + "alg": "SHA3-512", + "content": "f68985671638695e6ddbf6260010a5a23e2f841c781ea6b4fbe91a0c6c9bcbcc1fd8d9d4501a02e4f86922d8f7071154d54c3c281d662e9c4262014599c37393" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "group": "io.dropwizard.metrics", + "name": "metrics-jdbi3", + "version": "4.0.5", + "description": "Provides instrumentation of Jdbi3 data access objects", + "hashes": [ + { + "alg": "MD5", + "content": "594d03f7743b46ef08ed0d1dcc1bb31a" + }, + { + "alg": "SHA-1", + "content": "2d39572d9612ce28bea84d46808d25d3b8af3133" + }, + { + "alg": "SHA-256", + "content": "e08dfdaa141b4f6d3338b09f3f1f7f463596adb0d335b600e1bd636cc02b7b22" + }, + { + "alg": "SHA-512", + "content": "4f2119fa34092ac2649b27d93e54af0de724719f994803407b5c307a8443ff70dee7d411b1360caf92595a87e570b44e60fe2745d8d283e857eb2ce6f0f656f5" + }, + { + "alg": "SHA3-256", + "content": "c4cd10df90cf8b3b9a06f634c9d31e5bee07e98cdb5640220434a43d66231cdb" + }, + { + "alg": "SHA3-512", + "content": "3d60e9e5707c3e34eed30746c85bfbfcae3dded9509dd7047092ad42d184f36395a3d06865ce7ffa1f12b433ecf99b090e713751be03203af168aa4d99dd6a6f" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jdbi3@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "group": "io.dropwizard.metrics", + "name": "metrics-jersey2", + "version": "4.0.5", + "description": "A set of class providing Metrics integration for Jersey, the reference JAX-RS implementation.", + "hashes": [ + { + "alg": "MD5", + "content": "e56b570fcb934ef302433d338823511d" + }, + { + "alg": "SHA-1", + "content": "cea8d4217ccd087f302611a54e4dd6071ba5844c" + }, + { + "alg": "SHA-256", + "content": "91cb412f7aca24de727b3724885fd2e6ff0e8bdb422a73ad66d25375594bf63d" + }, + { + "alg": "SHA-512", + "content": "3bc8572f0d183c30b0f83f5b4acd3a05c8d3c3b728298d6b8899da0d299df8d9acdc5435f82c23eb6ba5a3d2bb5c8f66637d6315caf95bf3b807c53e5bc6c217" + }, + { + "alg": "SHA3-256", + "content": "b2dda5477d6dcbd6fdcdd1f3acae482b0f83f24018706a03713c04dcd6c1f744" + }, + { + "alg": "SHA3-512", + "content": "af35ae7568a5df2be2e8cb9ef99256b0956b97b44ec0447863127e9f2e84f7baec0c5c0ed89a8146685e30af98e05a34618a58f2a76fe57272fb8ee98b5e9d62" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jersey2@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "group": "io.dropwizard.metrics", + "name": "metrics-jetty9", + "version": "4.0.5", + "description": "A set of extensions for Jetty 9.3 and higher which provide instrumentation of thread pools, connector metrics, and application latency and utilization.", + "hashes": [ + { + "alg": "MD5", + "content": "99b6f3ed9f4663ed9db4700e4bf388fa" + }, + { + "alg": "SHA-1", + "content": "87f3b49a7377e56f62046875d394ed0028b37690" + }, + { + "alg": "SHA-256", + "content": "e2c769fc1c269e2200950b8d33800be4b0043302eaa189ba5cb7ce518c48b46a" + }, + { + "alg": "SHA-512", + "content": "e3b7ee7c506e8bef74e87adb6e589f3dfac2a0905f66a0eed1af9d2cffa6a3e6f74573e6ca3d3469d8afba0307fb18f74b21397146e0b82ede387a41554f44a0" + }, + { + "alg": "SHA3-256", + "content": "09bb7c73faefc5549d032d9bdc471f500b9370caef0dc9896ca44cdd6fc2ff48" + }, + { + "alg": "SHA3-512", + "content": "ac44f708dff820a3f19b3cc01d4f936b7ca46cd9fedd76e9c57ecc7c0b7d76a9f5db641742453c8893b5b0eb2255ce8c7697fc11569e57afa456d08f00141fc9" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jetty9@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "group": "io.dropwizard.metrics", + "name": "metrics-jmx", + "version": "4.0.5", + "description": "A set of classes which allow you to report metrics via JMX.", + "hashes": [ + { + "alg": "MD5", + "content": "863de91e135c8455d70fa3acf01cdf72" + }, + { + "alg": "SHA-1", + "content": "d7be4ddd7ba674ee8be1d23d883fb3ca68ee1d54" + }, + { + "alg": "SHA-256", + "content": "079133de87f7d3512200a8071bacfdbed46d6a73995578fc24bbf4c03df6d188" + }, + { + "alg": "SHA-512", + "content": "211ebec4191c7482bf0fc02785fd924fdc980c4bbbf440be8f5d4f87f1971bca646f7174c45c0566b41af08fc603225d38691b32482986887775c9e51185615c" + }, + { + "alg": "SHA3-256", + "content": "d02352d947a4475cf67e9f24d33b3bd16cc908acb78cb294d2763fee7d1e4fee" + }, + { + "alg": "SHA3-512", + "content": "7ca4565c9a0c3d1a96d021b7cc4b896b885352ac8cae96e4700f7c2fa40a6c367e05c48df0a81ef112a6769bd8f2f01ceb86e2a984d67286a3627b565bbd8f00" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jmx@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "group": "io.dropwizard.metrics", + "name": "metrics-json", + "version": "4.0.5", + "description": "A set of Jackson modules which provide serializers for most Metrics classes.", + "hashes": [ + { + "alg": "MD5", + "content": "9784b95742e0e8fe76e8d5376e7abf5f" + }, + { + "alg": "SHA-1", + "content": "8c66fea9f767588ae0995be27558b1f3ae8d75ef" + }, + { + "alg": "SHA-256", + "content": "008ce354b30ef48060786b6a31144e04b6bafdfca69e6307cbf66602ae331023" + }, + { + "alg": "SHA-512", + "content": "515734a08814f3df1f6ae853a2cac0fdab5637e129ca9bc3f62feba9190a2e43013362009f73f4fe3e06f3d08fdf0ec7ec8481dab3a6435de743322d4620dc55" + }, + { + "alg": "SHA3-256", + "content": "70620d2f107ff8fdf5bc16a91df9a49daf3fe84fb268edafbafabd43ec61ef0f" + }, + { + "alg": "SHA3-512", + "content": "f33d7c456efabd1eda7f0cc99df57e870b747d3f2c49571373c4564eb50388350260d08f4d53be2c5fe8a7ae766d9181d0f394e996156d839c5bfda9858c119d" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-json@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "80b88754-8b78-4597-bc4f-47788add0031", + "group": "io.dropwizard.metrics", + "name": "metrics-jvm", + "version": "4.0.5", + "description": "A set of classes which allow you to monitor critical aspects of your Java Virtual Machine using Metrics.", + "hashes": [ + { + "alg": "MD5", + "content": "a19a85dc56ac7179bd974e4eb0c8b6e0" + }, + { + "alg": "SHA-1", + "content": "09f6f1e6c1db440d9ad4c3114f17be40f66bb399" + }, + { + "alg": "SHA-256", + "content": "ba97466221c391bd7b7eb6d407f7fac83e5e6725d3a8691aa512e53ae075dfc3" + }, + { + "alg": "SHA-512", + "content": "d53b524543ac922352d3a628831fc7a02ceeb757fd760b94477f02b256a47caac9837259c82ddf5b3cb0e874542176f1383c080a7c3d23b8a5790ac250f70a48" + }, + { + "alg": "SHA3-256", + "content": "61e9ee4a183b317e6fadeb632804a04e233af77dedcd5613f19490233f71b8cb" + }, + { + "alg": "SHA3-512", + "content": "333f15cf54e7e9a304e8cdaa9e251ac0859bfb848ddfc2606d86738a89e944adb8879d14f60df632c064f4ab0edb6ff950a7a231121ce8a6b1ff3bca4809750a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-jvm@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "group": "io.dropwizard.metrics", + "name": "metrics-logback", + "version": "4.0.5", + "description": "An instrumented appender for Logback.", + "hashes": [ + { + "alg": "MD5", + "content": "45f97ce9788dad9744ae2e198e5a501b" + }, + { + "alg": "SHA-1", + "content": "306d0d06b0940c6df49031e8dd750e635e4b170f" + }, + { + "alg": "SHA-256", + "content": "89842f9df70d001835bd652c103b1d04d64e1c48bccf396defbdd791299c1903" + }, + { + "alg": "SHA-512", + "content": "bde3d0313531986623fd422fee1506eaf17bd3c53318973c340e4d44ce0104943c5dfcddee6cc8d33cfcf0a0b2fb2aff2b3e653819b39c2c5b76676399683401" + }, + { + "alg": "SHA3-256", + "content": "8233adad697b14559e578618be1ea2c99c907be87da1eab10a5ca9f397dbf46c" + }, + { + "alg": "SHA3-512", + "content": "d4664cd4105ad99b2326da4b727dcf350dba261aa7b26aacb9a064efc1a3da7337988344e8c9d64e08ec34d1586410e465c58e0ec37b389b93c54c7c6ccfde35" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-logback@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "group": "io.dropwizard.metrics", + "name": "metrics-servlets", + "version": "4.0.5", + "description": "A set of utility servlets for Metrics, allowing you to expose valuable information about your production environment.", + "hashes": [ + { + "alg": "MD5", + "content": "e9142eb2da39a0651be8f9190d47ce0e" + }, + { + "alg": "SHA-1", + "content": "983dacbfd04ec22b49f9e2256a5d41694ce7d4cc" + }, + { + "alg": "SHA-256", + "content": "607381f05808cd31dfc09354db4b015e483be053276a85930050024515fae4da" + }, + { + "alg": "SHA-512", + "content": "797fc4d430b4797b4bcc6d854ac39fd7e0c4da73bda04152473c3f5ab06a36bfeaf326c8edb657de75a613efcce658364fb0aaf15ff6a13c6e62b5795c6a464b" + }, + { + "alg": "SHA3-256", + "content": "d840fcd8a9f0721e4cd392c6e30f1f52f4d411f1138b9e11336a5393f31b80f9" + }, + { + "alg": "SHA3-512", + "content": "a7553a6da55221ee3125757888978188695dfb14511432331f512f29e5c20e5c764e0c801e87818de719df2854d15915516a86d31f99147b9e5ec9b2fd43b701" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + } + ], + "purl": "pkg:maven/io.dropwizard.metrics/metrics-servlets@4.0.5?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "http://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/dropwizard/metrics/issues/" + }, + { + "type": "vcs", + "url": "http://github.com/dropwizard/metrics/" + } + ] + }, + { + "type": "library", + "bom-ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "group": "org.jvnet.mimepull", + "name": "mimepull", + "version": "1.9.6", + "description": "Provides a streaming API to access attachments parts in a MIME message.", + "hashes": [ + { + "alg": "MD5", + "content": "43a2478389a84b985dbe7b6ae0b3c011" + }, + { + "alg": "SHA-1", + "content": "41c913d791e16f93bc712a8c8a30bb64daa2e9bd" + }, + { + "alg": "SHA-256", + "content": "2d1ee56aa89837ba9ea55431542e7939fa9d425552c2e6c8ddfb3b77877721b7" + }, + { + "alg": "SHA-512", + "content": "38198fef6a8ca9d1af37c269582e87ae6cc7324a1686c8807be90a1edd4b33bb829d03030df1a4f5865bf6f0e6d0fb2a4f3dde265af696ab556f0bf7216ab9b0" + }, + { + "alg": "SHA3-256", + "content": "3d4fac8717b03d2c33c9c8b5145cfec04a312e9021c92c8029d2a2ca60615e0e" + }, + { + "alg": "SHA3-512", + "content": "a7bff1d8fa3287436726ab53ddff800d9a262fbf7801b85f50b7f29dbd017ff430f2effa9e6e95b44772ec0c349632374b9291292d2eb24f0fed1313dba15ee9" + } + ], + "licenses": [ + { + "license": { + "id": "GPL-2.0-with-classpath-exception" + } + } + ], + "purl": "pkg:maven/org.jvnet.mimepull/mimepull@1.9.6?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.oracle.com/" + }, + { + "type": "issue-tracker", + "url": "http://java.net/jira/browse/mimepull" + }, + { + "type": "mailing-list", + "url": "http://java.net/projects/mimepull/lists/users/archive" + }, + { + "type": "vcs", + "url": "http://java.net/projects/mimepull/sources/svn/show/tags/mimepull-1.9.6" + }, + { + "type": "distribution", + "url": "https://maven.java.net/service/local/staging/deploy/maven2/" + } + ] + }, + { + "type": "library", + "bom-ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "group": "org.mockito", + "name": "mockito-core", + "version": "2.24.0", + "description": "Mockito mock objects library core API and implementation", + "hashes": [ + { + "alg": "MD5", + "content": "73056e7138623c31ab0ad3c421c695b8" + }, + { + "alg": "SHA-1", + "content": "969a7bcb6f16e076904336ebc7ca171d412cc1f9" + }, + { + "alg": "SHA-256", + "content": "ae8fd3becb2a8e262507a9df85e54a6e41c5ae3a34cda5495abef6299a587ff6" + }, + { + "alg": "SHA-512", + "content": "2bde38797a3902909027ec12a58a7adbc5ce86f5f095ee5787b4c12fe873c6ae96bf7e9024c1347eaa189af66b988668d1886dc110118b22eb6c4436e3cceb66" + }, + { + "alg": "SHA3-256", + "content": "30f96a62ee0c4795e9039288888791e0192f1e7a522ecad28200f01135c132bb" + }, + { + "alg": "SHA3-512", + "content": "1afd1e02b726b5b0fc8ee4ff3e2e678c780bf642041e54a7f7c3b136adf7c6d9ae23df2454572ae619279d9e712d5444c55c3c3fee7883b621312331aa7b626a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:maven/org.mockito/mockito-core@2.24.0?type=jar", + "externalReferences": [ + { + "type": "build-system", + "url": "https://travis-ci.org/mockito/mockito" + }, + { + "type": "issue-tracker", + "url": "https://github.com/mockito/mockito/issues" + }, + { + "type": "vcs", + "url": "https://github.com/mockito/mockito.git" + } + ] + }, + { + "type": "library", + "bom-ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "group": "org.objenesis", + "name": "objenesis", + "version": "2.6", + "description": "A library for instantiating Java objects", + "hashes": [ + { + "alg": "MD5", + "content": "5ffac3f51405ca9b2915970a224b3e8f" + }, + { + "alg": "SHA-1", + "content": "639033469776fd37c08358c6b92a4761feb2af4b" + }, + { + "alg": "SHA-256", + "content": "5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d" + }, + { + "alg": "SHA-512", + "content": "23a593bded8cb43236faad2018b008da47bf4e29cc60c2e98fd4f2ed578fe2baddd3a98547dc14273017c82cb19ce8eaaab71d49273411856a2ba1a5d51015fc" + }, + { + "alg": "SHA3-256", + "content": "1fce020475bd27d7eac3a3693e9c6992032739ef6db205c7751c92f8aba4d67a" + }, + { + "alg": "SHA3-512", + "content": "ec2154e3bb9fa0b74079d4f21af3aa0ae17444da63aa1061d87aac646c070b3733673a4d0880ca58f974dc3358d7b1c6161bf030260474b36b4bae677b777b08" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.objenesis/objenesis@2.6?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://api.bintray.com/maven/easymock/maven/objenesis/;publish=1" + }, + { + "type": "vcs", + "url": "https://github.com/easymock/objenesis" + } + ] + }, + { + "type": "library", + "bom-ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "group": "org.opentest4j", + "name": "opentest4j", + "version": "1.1.0", + "description": "Open Test Alliance for the JVM", + "hashes": [ + { + "alg": "MD5", + "content": "2edf96ac5b535198bd3a2e31309f779c" + }, + { + "alg": "SHA-1", + "content": "c8e2a3e3bc7f3e4bb5075306452db5290f9b117a" + }, + { + "alg": "SHA-256", + "content": "65a5fd7380f53aac708bcee3091dbe2dba73a9a2e7645b66e70e0804fc36ee3b" + }, + { + "alg": "SHA-512", + "content": "bb72a65673bec0af3d420e96edcc1e3152bdbd0f670e2e09172f00f05549fa3b0a07c40ed2dbeec75da6e548623afa4e343343cca15a7a016aaa6c3e48ab0765" + }, + { + "alg": "SHA3-256", + "content": "f12567dc83accfc6c4022f0941f37a3169cc0697ebbf67a4261136180c2d8a2c" + }, + { + "alg": "SHA3-512", + "content": "401aa77733f4ceab47f51b797844f597947cf31a5b76f5c46c6a28980bff30942b783e79e8ab5b5f8ce63d64e8152b6f71b96cc1d500234a8a8e2dd24f734441" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.opentest4j/opentest4j@1.1.0?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "https://github.com/ota4j-team/opentest4j" + } + ] + }, + { + "type": "library", + "bom-ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "group": "org.glassfish.hk2", + "name": "osgi-resource-locator", + "version": "1.0.1", + "description": "See http://wiki.glassfish.java.net/Wiki.jsp?page=JdkSpiOsgi for more information", + "hashes": [ + { + "alg": "MD5", + "content": "51e70ad8fc9d1e9fb19debeb55555b75" + }, + { + "alg": "SHA-1", + "content": "4ed2b2d4738aed5786cfa64cba5a332779c4c708" + }, + { + "alg": "SHA-256", + "content": "775003be577e8806f51b6e442be1033d83be2cb2207227b349be0bf16e6c0843" + }, + { + "alg": "SHA-512", + "content": "e064a477d5b1f8c56b4741ba606eed764b779a5d9870b8c193771bf0d904350aed839ab21602dbf5f376f7208b8ca24f64504d73ec6a0c5c08c5f0abc7c466d4" + }, + { + "alg": "SHA3-256", + "content": "c7cb2d64874992826818c594f02bf40f46d9ad4787d6575bfb656b35b7b6af0d" + }, + { + "alg": "SHA3-512", + "content": "5c57aa6eb98272226cbdebd803a5b11a27422340f47e5541a5bf6bb776f64bfcda548ffd345e900a7c7624b9a016aecacd8e009a13fe2c2cae86e8ff8e7289f2" + } + ], + "licenses": [ + { + "expression": "(CDDL-1.0 OR GPL-2.0-with-classpath-exception)" + } + ], + "purl": "pkg:maven/org.glassfish.hk2/osgi-resource-locator@1.0.1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "https://glassfish.dev.java.net" + } + ] + }, + { + "type": "library", + "bom-ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "group": "com.papertrail", + "name": "profiler", + "version": "1.0.2", + "description": "A pure-java implementation of the twitter/util project's `CpuProfile` and related classes.", + "hashes": [ + { + "alg": "MD5", + "content": "b6cb78e7d8a5c4ed1ad259afc4f7c793" + }, + { + "alg": "SHA-1", + "content": "138093a4ed2da6f0b07a2a2335584bd5a7d53bff" + }, + { + "alg": "SHA-256", + "content": "188ec41349472a0c50fbe7e4cdcc6d6c8968ad6cd9047effeaa6a5c111f9074d" + }, + { + "alg": "SHA-512", + "content": "447a1e7d47cb7c3974e09c8e5ea1fdf6c9c4dfe377cffbba501edab474e136ec252406c5dde8fc7387b9fab983a7970764c23c93b8fb842f676da8c3bd01e013" + }, + { + "alg": "SHA3-256", + "content": "b68b7d44bde32b5a2995629eb2742bde9e3f373cb08230f67624160b91432160" + }, + { + "alg": "SHA3-512", + "content": "2fdb36567b1dcfb26e9e02abb70277e2e9040983c5755372716aa71a22cf46807501effa5931e0e65152f1efbe9e7449ff5b00cdaaddc15f1cfeeb3600904b7b" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/com.papertrail/profiler@1.0.2?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "http://svn.sonatype.org/spice/tags/oss-parent-7" + } + ] + }, + { + "type": "library", + "bom-ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "group": "org.slf4j", + "name": "slf4j-api", + "version": "1.7.26", + "description": "The slf4j API", + "hashes": [ + { + "alg": "MD5", + "content": "60ec8751be37d54a2aa1b6178f87b968" + }, + { + "alg": "SHA-1", + "content": "77100a62c2e6f04b53977b9f541044d7d722693d" + }, + { + "alg": "SHA-256", + "content": "6d9e5b86cfd1dd44c676899285b5bb4fa0d371cf583e8164f9c8a0366553242b" + }, + { + "alg": "SHA-512", + "content": "a944468440a883bb3bde1f78d39abe43a90b6091fd9f1a70430ac10ea91b308b2ef035e4836d68ba97afdba2b04f62edece204278aaa416276a5f8596f8688af" + }, + { + "alg": "SHA3-256", + "content": "195320dbd33e0ecc96b7c23818454658870c7f4c7bb746dae4516bc4983ab158" + }, + { + "alg": "SHA3-512", + "content": "830b0c50cdd9f45cfe4be31f0c775f632399060db58050ce702e476321ef29dcc17f49f872e7023e995c6ee1c2e06f2f1ea115aa45807569ecef83af3385f5cc" + } + ], + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:maven/org.slf4j/slf4j-api@1.7.26?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://www.qos.ch" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "vcs", + "url": "https://github.com/qos-ch/slf4j" + } + ] + }, + { + "type": "library", + "bom-ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "group": "org.yaml", + "name": "snakeyaml", + "version": "1.23", + "description": "YAML 1.1 parser and emitter for Java", + "hashes": [ + { + "alg": "MD5", + "content": "64ec8bd26b6d5034a87ecb1c8ce0efdc" + }, + { + "alg": "SHA-1", + "content": "ec62d74fe50689c28c0ff5b35d3aebcaa8b5be68" + }, + { + "alg": "SHA-256", + "content": "13009fb5ede3cf2be5a8d0f1602155aeaa0ce5ef5f9366892bd258d8d3d4d2b1" + }, + { + "alg": "SHA-512", + "content": "8091467927dc88fe2741f85c6e429914f4306e7a1183e52090ccc7d617ca5279ba42b03ffc8cd1a914b6c3dc4151bd731757e72592e9c1b23346781936ac9fc7" + }, + { + "alg": "SHA3-256", + "content": "18f63155a18c783a0d47afa987a0dcc39f688da527047ccd48c694810ac5adf2" + }, + { + "alg": "SHA3-512", + "content": "59d1edd895705b667a65c3bada2c1b6c4109f82a03a2a18878d3310ac6e41bb3e47f821e87ffdcd2d2320b2f63c13a8748214fa9ea851c7b0b4d8fca07250c8a" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.yaml/snakeyaml@1.23?type=jar", + "externalReferences": [ + { + "type": "issue-tracker", + "url": "https://bitbucket.org/asomov/snakeyaml/issues" + }, + { + "type": "vcs", + "url": "https://bitbucket.org/asomov/snakeyaml/src" + } + ], + "affectingVulnerabilities": [ + "210a5c45-88ac-4c1f-a5f4-f93c7af6f59e", + "63a53dc7-5769-43dc-a053-50ccd5295d8b", + "5ab41975-23cc-45e0-9a13-be603ea00595", + "dff65990-715e-4f71-aace-60d4436af108", + "d55a9a55-cf82-483f-9a7c-8bf5395ce510", + "6c215a04-8ea0-421f-961b-d5cceb64fd13", + "38c08d91-3487-44c4-b258-d5a274a4ad05", + "da9ea5d3-a3c2-4d1b-8425-a799e47a804f" + ] + }, + { + "type": "library", + "bom-ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "group": "org.antlr", + "name": "stringtemplate", + "version": "4.0.2", + "description": "StringTemplate is a java template engine for generating source code, web pages, emails, or any other formatted text output. StringTemplate is particularly good at multi-targeted code generators, multiple site skins, and internationalization/localization. It evolved over years of effort developing jGuru.com. StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org and powers the ANTLR v3 code generator. Its distinguishing characteristic is that unlike other engines, it strictly enforces model-view separation. Strict separation makes websites and code generators more flexible and maintainable; it also provides an excellent defense against malicious template authors. There are currently about 600 StringTemplate source downloads a month.", + "hashes": [ + { + "alg": "MD5", + "content": "b270a7b34c953cbae921a4080d5cdc0f" + }, + { + "alg": "SHA-1", + "content": "e28e09e2d44d60506a7bcb004d6c23ff35c6ac08" + }, + { + "alg": "SHA-256", + "content": "8056d5586e1b18d3def6347b5d020a85722d850bb9f4d7a9aafe4f842c651ef9" + }, + { + "alg": "SHA-512", + "content": "cd396cbc93d096812700c3a05e4b548c31d73c5f1f66f12bdd3364218de591cefb76e1f0557e83204285f1e868f0f327cf556bb32c4552e0a3537cf6ac1efa43" + }, + { + "alg": "SHA3-256", + "content": "d79aa95dd924c18de8f5ef5fc510f92cecb781d5724ba9b948e8658191e920b6" + }, + { + "alg": "SHA3-512", + "content": "da67f10539c0f73ddb56e945f5c7b42aea76411b4067362685f92c916da055f2747176a1524f97f52d7ae0d70898256c9549290448194d6fd99b3bfbff3332a9" + } + ], + "licenses": [ + { + "license": { + "name": "BSD licence", + "url": "http://antlr.org/license.html" + } + } + ], + "purl": "pkg:maven/org.antlr/stringtemplate@4.0.2?type=jar", + "externalReferences": [ + { + "type": "vcs", + "url": "http://fisheye2.cenqua.com/browse/stringtemplate" + } + ] + }, + { + "type": "library", + "bom-ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "group": "org.apache.tomcat", + "name": "tomcat-jdbc", + "version": "9.0.16", + "description": "Tomcat JDBC Pool Package", + "hashes": [ + { + "alg": "MD5", + "content": "b673d21c2c73b44c6fdee89f6c9995fc" + }, + { + "alg": "SHA-1", + "content": "5304a28c25bb88c57da9561e4ed0bbfcc72dcb4a" + }, + { + "alg": "SHA-256", + "content": "0fe8cdd9c6a349fbf1d7246b5503f113a4fb11f1e71c2e529308f1dd22ed5019" + }, + { + "alg": "SHA-512", + "content": "698da1e4dda1d18463f885e6b9dfed61c12920af35ccdfc9015ecfbd8f353d0aefde38f1f71f68ea5b2d9f6610df9cde38e8fa6ec0b405a925a861e8ca0de5b1" + }, + { + "alg": "SHA3-256", + "content": "013e3a72e6a19fea3c245ca9989853b836ed598c9b5551c399222a511be6b569" + }, + { + "alg": "SHA3-512", + "content": "bec64a6591071bb6d5e18412eac3eaaa9814c33448bb2f43d6e039e0538ad85f387fd3817915b5928c41aeabb84d3cd90c0c51f783accb38e3344a32fef206ed" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-jdbc@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "group": "org.apache.tomcat", + "name": "tomcat-juli", + "version": "9.0.16", + "description": "Tomcat Core Logging Package", + "hashes": [ + { + "alg": "MD5", + "content": "5dbec493081a051b6868b84881fa6ab9" + }, + { + "alg": "SHA-1", + "content": "b6ef3c1ac1104b6e3fbdc106e194bf2fb5e2e2a8" + }, + { + "alg": "SHA-256", + "content": "cc155efa8104af3d35daf3226284b638b10d9def4074ebf6176cb47b3a264f53" + }, + { + "alg": "SHA-512", + "content": "fd19c0dd3bc60b050065b7c1992c4662f5e02ecc74176528b24a42f03fa42b805ce3529f813e2d0b85f6d21fa46f43a0146069372fbb96dd821bf9778ecb38b0" + }, + { + "alg": "SHA3-256", + "content": "c4782f32dcf2d8516d4b4ae299af008385dc44a92380edab0ced40738ba56b67" + }, + { + "alg": "SHA3-512", + "content": "d37ef89204a97677283c417ceae3031fd89648079e42924bf9c38456b1055442dad8f8f6366da1600feee8e448b59bdff8261e101913b99f24b9dde278469cd7" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.apache.tomcat/tomcat-juli@9.0.16?type=jar" + }, + { + "type": "library", + "bom-ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "group": "org.jadira.usertype", + "name": "usertype.core", + "version": "7.0.0.CR1", + "description": "Classes utilising Joda Time, Joda Money, Libphonenum and JDK Types that add Hibernate support", + "hashes": [ + { + "alg": "MD5", + "content": "808b0b11f96e769c0f7a32d29f1ce7a1" + }, + { + "alg": "SHA-1", + "content": "818991d0b4d8fce6da9f27ea61187111efcae1a1" + }, + { + "alg": "SHA-256", + "content": "a129bfc60f7aceab77cd1363684d267f56629b441bf06f6123f9c0c2972e41fc" + }, + { + "alg": "SHA-512", + "content": "3d7dca13d1586365a94f05ea4a1672ce166773f2a01a584fc149d71b8aaeaa9c109e7e3a7658d8d4da3e91b8f42085ed55acc2a97e1c39a4faea5f6834a741a5" + }, + { + "alg": "SHA3-256", + "content": "f032df418c58acf1ba8307589d176b6e3d5402f1a0830d903b954984ab03bc38" + }, + { + "alg": "SHA3-512", + "content": "1113d2d63ceacdc4df8628448aa15d5de2e155b1a00037dc1570bb6f1553b38f397930036ef637b50519b6d395e3a219cf330ae29cedebeafa786eefd08420c0" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.core@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "group": "org.jadira.usertype", + "name": "usertype.spi", + "version": "7.0.0.CR1", + "description": "Shared dependencies for Usertype jars", + "hashes": [ + { + "alg": "MD5", + "content": "2b16a4d99cf3e6f0695186301dc63e4c" + }, + { + "alg": "SHA-1", + "content": "895f79b8a1c33f2e17ebc839f80ecaf62924e784" + }, + { + "alg": "SHA-256", + "content": "035f9a3cbec935b6da4d0318fd4d5b797db12a6ba0f77293b8603ff8578904f6" + }, + { + "alg": "SHA-512", + "content": "df65994da27e03bf29918e87451738de9017a41d0deb4fa1d7b00353d889fabc30cbfdc8aa8d97fc475cc31b2426b7a859cc0cfc6489b3667e43108539cb6c0f" + }, + { + "alg": "SHA3-256", + "content": "455f3a4522df5251d036af8f916a7ba5a385a1d303a0aa8f56f7563c2ee00042" + }, + { + "alg": "SHA3-512", + "content": "88d0d9476653078ff1c538c0b8c8b3d2714fd13fbe5ef12550d73053edeb1eb967a17e96d4670ffe95ca0eda858afa6a6b27033028036b646180c00a7ec46aa4" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/org.jadira.usertype/usertype.spi@7.0.0.CR1?type=jar", + "externalReferences": [ + { + "type": "website", + "url": "http://blog.jadira.co.uk/" + }, + { + "type": "build-system", + "url": "http://jenkins.jadira.co.uk/" + }, + { + "type": "distribution", + "url": "https://oss.sonatype.org/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "https://jadira.atlassian.net/browse/JDF/" + }, + { + "type": "mailing-list", + "url": "https://sourceforge.net/mailarchive/forum.php?forum_name=jadira-discuss" + } + ] + }, + { + "type": "library", + "bom-ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "group": "javax.validation", + "name": "validation-api", + "version": "1.1.0.Final", + "description": "Bean Validation API", + "hashes": [ + { + "alg": "MD5", + "content": "4c257f52462860b62ab3cdab45f53082" + }, + { + "alg": "SHA-1", + "content": "8613ae82954779d518631e05daa73a6a954817d5" + }, + { + "alg": "SHA-256", + "content": "f39d7ba7253e35f5ac48081ec1bc28c5df9b32ac4b7db20853e5a8e76bf7b0ed" + }, + { + "alg": "SHA-512", + "content": "bc137c5f7fa6b7092f9fc233d8be7d21d6767f8aa51c2e934b73692c82d28dbb410f55674d7b5a0e1523b514654339277b535b7f5bb01d457a11aba2eca3bbed" + }, + { + "alg": "SHA3-256", + "content": "469fa33a7d6854ac73627c8b4d281165c26dbcb21e645df792c3144453ab3129" + }, + { + "alg": "SHA3-512", + "content": "a042781692aaaa9458be722d0437484c5f1fd8f3f4955c00008224caebeb671ab93740052599ce2f5feab8d7ec712c72786492f7c7ca1c27c25425545b05a91e" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:maven/javax.validation/validation-api@1.1.0.Final?type=jar", + "externalReferences": [ + { + "type": "distribution", + "url": "https://repository.jboss.org/nexus/service/local/staging/deploy/maven2/" + }, + { + "type": "issue-tracker", + "url": "http://opensource.atlassian.com/projects/hibernate/browse/BVAL" + }, + { + "type": "vcs", + "url": "https://github.com/beanvalidation/beanvalidation-api" + } + ] + } + ], + "dependencies": [ + { + "ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "dependsOn": [] + }, + { + "ref": "852a6a22-c817-4aa5-b076-7eec1af8e9ef", + "dependsOn": [] + }, + { + "ref": "2687d928-5b18-4ce5-ab4c-8ef513f0b48c", + "dependsOn": [] + }, + { + "ref": "da25e363-473d-4f84-9f46-8e09c7ec7c28", + "dependsOn": [] + }, + { + "ref": "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "dependsOn": [] + }, + { + "ref": "7176887b-3e41-4f10-9d29-26ec573e2c49", + "dependsOn": [ + "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "f09e69a1-54de-4e7b-802a-adda10a1c7be" + ] + }, + { + "ref": "517c6455-0a2e-4e78-8d4b-88837bb5244c", + "dependsOn": [] + }, + { + "ref": "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "dependsOn": [] + }, + { + "ref": "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "dependsOn": [] + }, + { + "ref": "a68365f2-a8c0-4b43-8724-025a9add90cc", + "dependsOn": [] + }, + { + "ref": "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "dependsOn": [] + }, + { + "ref": "91658b5a-2478-4653-a3e4-f62c4f58f87b", + "dependsOn": [] + }, + { + "ref": "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "dependsOn": [] + }, + { + "ref": "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "dependsOn": [] + }, + { + "ref": "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e", + "dependsOn": [] + }, + { + "ref": "757cef7a-83f2-4973-832d-67849ca42b69", + "dependsOn": [] + }, + { + "ref": "7b1c11dd-7462-451d-a5b1-0fbd56708727", + "dependsOn": [] + }, + { + "ref": "93a8597b-e82a-4726-8e16-849d026f7b98", + "dependsOn": [] + }, + { + "ref": "ebf5150b-055e-45d4-82e5-eebc38ffea70", + "dependsOn": [] + }, + { + "ref": "627bb70b-4b85-4801-8239-f03de04ca5db", + "dependsOn": [] + }, + { + "ref": "fb69639e-65c6-4e4f-9b19-8db65e9569da", + "dependsOn": [] + }, + { + "ref": "a4c812d7-526d-4a8d-a4cd-8de155e4fc6e", + "dependsOn": [] + }, + { + "ref": "8f623f35-20a5-476b-b1df-1487028bc6db", + "dependsOn": [ + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "893beba4-580b-4ada-a4cf-067fbe145507", + "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b" + ] + }, + { + "ref": "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "dependsOn": [ + "55086fc5-4c36-45b5-9569-fdafa26e075d", + "757cef7a-83f2-4973-832d-67849ca42b69", + "93a8597b-e82a-4726-8e16-849d026f7b98" + ] + }, + { + "ref": "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "dependsOn": [ + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "370d779c-d1ea-4d92-8e70-1ad325e94298", + "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "65c8e5ac-baa7-4b18-8320-b3742c7401ae", + "b692a425-dca6-4bed-af67-5855cb40dbcf", + "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "881df936-411d-4bb3-b464-6edcf14c671c", + "ac21cab7-b535-4294-8a61-b10b62918666", + "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "80b88754-8b78-4597-bc4f-47788add0031", + "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "5978be79-e890-48b1-8f11-40416ee5bb61", + "5aed0617-3613-43e7-94d2-105b2af0b00d", + "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "a3e61462-d2a5-47c4-8b59-7e9a9cb7e6c3", + "96cf7115-b31d-4c98-bae2-952c601d3878" + ] + }, + { + "ref": "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631", + "daabc9e2-1ec3-4d10-9251-69ab9834b02a" + ] + }, + { + "ref": "75ac9a04-e251-4a82-8e39-c1aa49b0ed81", + "dependsOn": [ + "ea1f023d-0390-4558-8696-dc8d566dd95e" + ] + }, + { + "ref": "09c6fbbd-8cf9-4b5b-9ed5-bdc8d066887f", + "dependsOn": [ + "58e68d03-5ae3-424e-a51b-822ceb9e8643", + "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "8c0378f7-4c0e-4ee3-849d-740b0035c371" + ] + }, + { + "ref": "1df1add2-a44b-4b75-9ac4-372dc99b7888", + "dependsOn": [ + "55521fe9-aed2-403e-9df2-75fc5af90f54", + "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "79b01257-3e61-49f7-8600-2042bde4702b", + "b4ca2dc7-9d68-4737-9afc-dea82759cd45" + ] + }, + { + "ref": "370d779c-d1ea-4d92-8e70-1ad325e94298", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "c2dbe746-304a-4e35-88f0-69943d701fe5", + "5694b066-2847-4855-8230-77e902b37502", + "4634319e-cca2-4c02-8372-222f43bd35ba", + "648c2811-d754-45aa-9160-8f018ab4aab9", + "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "85776385-c1af-42fa-a0ac-21ecf796742f" + ] + }, + { + "ref": "881df936-411d-4bb3-b464-6edcf14c671c", + "dependsOn": [ + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "1b61648b-2106-4c86-ad10-79411c0ce338", + "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "71f396a0-0285-465e-8ce3-6eacb47be941", + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "19cdb89b-f552-4df4-9b10-7dc0ac4234b3", + "dependsOn": [ + "bd750137-b073-47d5-891a-e48c192cfcba", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "423d6189-7ce4-4931-9c74-3b58517df601", + "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "c1abfd09-121f-418c-befa-4d6b9e164769" + ] + }, + { + "ref": "1d12f487-9f6e-4658-98ad-395ce4475ad9", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967", + "4e012695-d45a-4296-b37b-54a8b6893a50", + "07bcc4f4-aea2-4d70-a1d8-eac57f88758c" + ] + }, + { + "ref": "b692a425-dca6-4bed-af67-5855cb40dbcf", + "dependsOn": [ + "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "2f225da8-8da3-429b-a014-effeea8c71eb", + "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "e36cfe6c-5955-40dd-8f4f-09c43087ac53" + ] + }, + { + "ref": "2a741bac-adc5-492c-a149-20cc8eee8cc8", + "dependsOn": [] + }, + { + "ref": "e7abb629-e6fe-4cc5-9cb6-7fad9efd0f40", + "dependsOn": [ + "0476a31c-6a89-45b2-8e9b-8d4a725d06eb" + ] + }, + { + "ref": "912e97a4-04ac-4602-8b40-8020a0ca5d25", + "dependsOn": [ + "ab3bfc00-8d35-4a4d-b314-86573681d910", + "36fc309f-d086-43d6-b660-5de275ee630f" + ] + }, + { + "ref": "f3f5aa50-4cdd-4db5-b0ad-df2373c6fb49", + "dependsOn": [ + "df3cc349-8f4d-4d7e-82ab-1309f17741d3" + ] + }, + { + "ref": "ac21cab7-b535-4294-8a61-b10b62918666", + "dependsOn": [ + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "fef6bc42-e89b-4bd7-8aaa-c630e85591a2", + "dependsOn": [ + "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "94379ad3-19a6-4b21-a049-ca0b762d8c13" + ] + }, + { + "ref": "07bcc4f4-aea2-4d70-a1d8-eac57f88758c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "9623a310-0e79-4f71-b9a7-b7046f1fbf30", + "dependsOn": [ + "0d0caea7-65ca-4504-b50a-80e480879f5f", + "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d" + ] + }, + { + "ref": "d6394138-9591-4141-9a76-4c3082ff2ed4", + "dependsOn": [ + "cfbf2e22-cc3f-4993-a6c0-bcb367a74631" + ] + }, + { + "ref": "8b18e6e1-3249-42f7-8521-89c9b99b0c8e", + "dependsOn": [ + "d6394138-9591-4141-9a76-4c3082ff2ed4", + "5b865504-bea5-4b92-ae5e-46553e01093c" + ] + }, + { + "ref": "a0804121-410f-4e8f-a374-4fca7dd185b0", + "dependsOn": [ + "ebf5150b-055e-45d4-82e5-eebc38ffea70" + ] + }, + { + "ref": "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "dependsOn": [] + }, + { + "ref": "c9381862-0cc8-48d6-9b97-82f00d12cdb7", + "dependsOn": [] + }, + { + "ref": "5b865504-bea5-4b92-ae5e-46553e01093c", + "dependsOn": [] + }, + { + "ref": "1a021b8e-d143-4072-84f0-0e18292f1967", + "dependsOn": [ + "fba3b85d-fb95-43d0-b534-0fc515cc831c", + "aa9df662-3606-433f-abf6-8d2ba8dbed4a", + "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "da25e363-473d-4f84-9f46-8e09c7ec7c28" + ] + }, + { + "ref": "c19e7b95-5753-489e-b720-c9dd79f15cc8", + "dependsOn": [] + }, + { + "ref": "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7", + "dependsOn": [] + }, + { + "ref": "21c7c10d-e7a9-4e82-893a-aa82f11f6dca", + "dependsOn": [] + }, + { + "ref": "8c0378f7-4c0e-4ee3-849d-740b0035c371", + "dependsOn": [ + "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "f09e69a1-54de-4e7b-802a-adda10a1c7be", + "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd", + "627bb70b-4b85-4801-8239-f03de04ca5db", + "21c7c10d-e7a9-4e82-893a-aa82f11f6dca" + ] + }, + { + "ref": "bc3daea8-1de6-4319-b0fa-c36672bfae58", + "dependsOn": [] + }, + { + "ref": "0d0caea7-65ca-4504-b50a-80e480879f5f", + "dependsOn": [ + "c454f700-0d16-4956-a210-03d9073b6d12", + "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "ac5b39ec-8be2-4131-a679-d4c4bfc5d5dd" + ] + }, + { + "ref": "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "dependsOn": [ + "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "517c6455-0a2e-4e78-8d4b-88837bb5244c" + ] + }, + { + "ref": "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "dependsOn": [] + }, + { + "ref": "c8a6d735-c53d-4d8e-a1aa-ea869a30f869", + "dependsOn": [] + }, + { + "ref": "f4a06b14-3945-4381-b3dd-b46407b02b6b", + "dependsOn": [ + "d2a5e2bf-ead6-4768-866a-385166eb6709" + ] + }, + { + "ref": "d2a5e2bf-ead6-4768-866a-385166eb6709", + "dependsOn": [] + }, + { + "ref": "55521fe9-aed2-403e-9df2-75fc5af90f54", + "dependsOn": [ + "f4a06b14-3945-4381-b3dd-b46407b02b6b" + ] + }, + { + "ref": "893beba4-580b-4ada-a4cf-067fbe145507", + "dependsOn": [ + "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "f2e4e883-e3c0-4e0b-9853-3739f3aeda3e" + ] + }, + { + "ref": "1a5b616d-beeb-422e-aa26-63a8a4181c4e", + "dependsOn": [] + }, + { + "ref": "026156fa-3bff-4bbd-894a-36d1b3be8f3d", + "dependsOn": [] + }, + { + "ref": "cdd49ec5-1b07-46eb-be80-02048d7796ae", + "dependsOn": [] + }, + { + "ref": "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "dependsOn": [] + }, + { + "ref": "1e0c53af-376a-4ca0-9d2e-38811dd17cba", + "dependsOn": [] + }, + { + "ref": "55086fc5-4c36-45b5-9569-fdafa26e075d", + "dependsOn": [ + "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd" + ] + }, + { + "ref": "c2dbe746-304a-4e35-88f0-69943d701fe5", + "dependsOn": [] + }, + { + "ref": "5cd25b5b-2542-435f-b97d-6e4561bc5b6d", + "dependsOn": [ + "6b5fc35d-b114-4455-aa14-0a67248ee6bd", + "1e0c53af-376a-4ca0-9d2e-38811dd17cba" + ] + }, + { + "ref": "4634319e-cca2-4c02-8372-222f43bd35ba", + "dependsOn": [] + }, + { + "ref": "c77ae27c-57dd-4e9b-b6b1-e6ce98a41888", + "dependsOn": [] + }, + { + "ref": "5694b066-2847-4855-8230-77e902b37502", + "dependsOn": [] + }, + { + "ref": "014723b6-3b73-414b-a760-da7bb1ab988d", + "dependsOn": [] + }, + { + "ref": "38ce4a49-93cb-4508-a1ab-d4cfbf364e48", + "dependsOn": [ + "014723b6-3b73-414b-a760-da7bb1ab988d", + "7a6724fd-3628-46d2-8de5-9059e6ec494c" + ] + }, + { + "ref": "8fb33937-22be-4bae-b750-c8e4dd1e28e4", + "dependsOn": [] + }, + { + "ref": "7a6724fd-3628-46d2-8de5-9059e6ec494c", + "dependsOn": [] + }, + { + "ref": "648c2811-d754-45aa-9160-8f018ab4aab9", + "dependsOn": [] + }, + { + "ref": "f0a1c5d8-06ba-4dc6-9051-1bc3529609c3", + "dependsOn": [] + }, + { + "ref": "1aa6eac8-8847-4b9e-88e5-6bfe517a450d", + "dependsOn": [] + }, + { + "ref": "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "dependsOn": [] + }, + { + "ref": "89a8e601-3e7c-4f9f-b4fc-d6ddb15909f3", + "dependsOn": [] + }, + { + "ref": "8dc0d897-c489-493c-a4b6-c5384d663c85", + "dependsOn": [] + }, + { + "ref": "25416803-852c-4475-bf84-2bf849ea6a56", + "dependsOn": [] + }, + { + "ref": "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "dependsOn": [] + }, + { + "ref": "a34a6a71-d883-47b3-b6eb-e87238cffb51", + "dependsOn": [] + }, + { + "ref": "b8d1f31a-736f-4134-9f3b-b5b85376c82e", + "dependsOn": [] + }, + { + "ref": "a309ae04-449e-4c6d-92cb-072fb307f9ad", + "dependsOn": [] + }, + { + "ref": "abf48398-6ee7-4f0e-b31b-610aa1d2ee41", + "dependsOn": [] + }, + { + "ref": "fdc0c715-ab35-4720-b389-9d7a5cb687d1", + "dependsOn": [ + "7176887b-3e41-4f10-9d29-26ec573e2c49", + "85776385-c1af-42fa-a0ac-21ecf796742f", + "c9381862-0cc8-48d6-9b97-82f00d12cdb7" + ] + }, + { + "ref": "494fa830-ab7c-4795-90fb-25dbeae940a0", + "dependsOn": [ + "1a021b8e-d143-4072-84f0-0e18292f1967" + ] + }, + { + "ref": "4d09195e-f65d-4f29-b0dc-a19cb888c23c", + "dependsOn": [ + "7e266974-a702-488c-99f6-258ccf14f0f3" + ] + }, + { + "ref": "ebd37e00-5623-49a2-af33-aeda69d2127a", + "dependsOn": [] + }, + { + "ref": "5f5eb96a-2c89-4cfd-adce-d0cf49c85d9b", + "dependsOn": [] + }, + { + "ref": "1b61648b-2106-4c86-ad10-79411c0ce338", + "dependsOn": [] + }, + { + "ref": "dd4f3e68-5483-4177-9ee9-987774aea94f", + "dependsOn": [] + }, + { + "ref": "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dependsOn": [ + "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "3d67ecbd-3ee2-437b-800b-d137ccd17d46" + ] + }, + { + "ref": "82cd08db-9df5-488f-be94-6f3b554dfa9b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "ad836327-5c0c-495e-bb92-9e17bda31d81", + "dependsOn": [] + }, + { + "ref": "f72b7435-4703-4eea-8a0e-b7991aaa5565", + "dependsOn": [] + }, + { + "ref": "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "dependsOn": [] + }, + { + "ref": "ea1f023d-0390-4558-8696-dc8d566dd95e", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "75ac24b0-9039-45fe-842d-ccecdd3c62e1" + ] + }, + { + "ref": "ea5b13fb-dba0-4d9a-b5ec-ac31e806905d", + "dependsOn": [] + }, + { + "ref": "4607f688-0845-494b-b2d4-9ee41c19d4f4", + "dependsOn": [] + }, + { + "ref": "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dependsOn": [ + "d3585f46-bcb2-47e2-86d3-b48954cf7bb7", + "dd4f3e68-5483-4177-9ee9-987774aea94f", + "837f075b-d753-4d9e-a827-1d9f9f5e08b3", + "65cd86ab-8ef7-4e97-b8b2-ea7f9f2d3b02", + "856bdbf0-98a8-4f05-950b-f6603c23a8c6", + "6aede12b-b7ba-4bf9-b3fb-63a853074ccd", + "8dc0d897-c489-493c-a4b6-c5384d663c85", + "cce11866-0e96-4a46-9b49-dbee3ab30c8b", + "c454f700-0d16-4956-a210-03d9073b6d12" + ] + }, + { + "ref": "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "dependsOn": [ + "ad836327-5c0c-495e-bb92-9e17bda31d81" + ] + }, + { + "ref": "94379ad3-19a6-4b21-a049-ca0b762d8c13", + "dependsOn": [ + "60844efd-9e68-4684-adf6-b7cc9e09a53b", + "aab91e2b-b26c-4248-9535-f3e8db0b0883", + "dd4f3e68-5483-4177-9ee9-987774aea94f" + ] + }, + { + "ref": "d1ee3fc3-d1b2-4aa2-a396-7df4e36d7432", + "dependsOn": [] + }, + { + "ref": "b4ca2dc7-9d68-4737-9afc-dea82759cd45", + "dependsOn": [] + }, + { + "ref": "79b01257-3e61-49f7-8600-2042bde4702b", + "dependsOn": [] + }, + { + "ref": "f0e1d440-763b-4714-9bec-6bf081f12b9e", + "dependsOn": [] + }, + { + "ref": "50a898e1-523d-4041-9250-b25394071a77", + "dependsOn": [] + }, + { + "ref": "efb2d239-5a37-49aa-9995-47e7be07304a", + "dependsOn": [] + }, + { + "ref": "c1abfd09-121f-418c-befa-4d6b9e164769", + "dependsOn": [] + }, + { + "ref": "be69e2b9-e673-42a8-98f1-e6d3be74c272", + "dependsOn": [] + }, + { + "ref": "4473173b-92a4-4b6f-aa40-3b0479fe60ee", + "dependsOn": [] + }, + { + "ref": "4e012695-d45a-4296-b37b-54a8b6893a50", + "dependsOn": [ + "25416803-852c-4475-bf84-2bf849ea6a56", + "c1abfd09-121f-418c-befa-4d6b9e164769", + "be69e2b9-e673-42a8-98f1-e6d3be74c272" + ] + }, + { + "ref": "423d6189-7ce4-4931-9c74-3b58517df601", + "dependsOn": [ + "4473173b-92a4-4b6f-aa40-3b0479fe60ee" + ] + }, + { + "ref": "7f8bcab9-2ea2-4fde-bdc4-fc0840ce0bfc", + "dependsOn": [ + "efb2d239-5a37-49aa-9995-47e7be07304a" + ] + }, + { + "ref": "96cf7115-b31d-4c98-bae2-952c601d3878", + "dependsOn": [] + }, + { + "ref": "e36cfe6c-5955-40dd-8f4f-09c43087ac53", + "dependsOn": [] + }, + { + "ref": "71f396a0-0285-465e-8ce3-6eacb47be941", + "dependsOn": [ + "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "423d6189-7ce4-4931-9c74-3b58517df601" + ] + }, + { + "ref": "39e5b7f2-b34e-4d46-8f70-841e0ef6a3b9", + "dependsOn": [] + }, + { + "ref": "54231d23-1a18-4b9c-a4cf-1e55aefcbf30", + "dependsOn": [ + "186eb402-6ab8-417c-8bbb-4032f9722383", + "7b1c11dd-7462-451d-a5b1-0fbd56708727" + ] + }, + { + "ref": "5472a740-e14c-4068-a5dc-d106c1398a9f", + "dependsOn": [] + }, + { + "ref": "7e266974-a702-488c-99f6-258ccf14f0f3", + "dependsOn": [] + }, + { + "ref": "186eb402-6ab8-417c-8bbb-4032f9722383", + "dependsOn": [] + }, + { + "ref": "3a173ea8-528f-40e0-8659-f26c89ca71dd", + "dependsOn": [] + }, + { + "ref": "c5699c79-88a7-4667-b44f-5c3ec4f53fdd", + "dependsOn": [] + }, + { + "ref": "8005328c-f1b3-4ac3-8aa6-1e5013d8cef2", + "dependsOn": [ + "85fcaba4-d7bb-415a-9d6e-8e1432e6a1b7" + ] + }, + { + "ref": "7a60c1f8-0819-4133-aa05-ece823ae5494", + "dependsOn": [] + }, + { + "ref": "a34dd467-b5d1-4014-bc2e-e7f9e5017bae", + "dependsOn": [ + "fb231fd7-da5f-4a2e-9b22-ea26359edd4e", + "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "7a60c1f8-0819-4133-aa05-ece823ae5494" + ] + }, + { + "ref": "33155de6-f8f2-48a7-ab80-19d8641794bf", + "dependsOn": [] + }, + { + "ref": "a0e7d3ee-2d51-4a08-a013-5b75b697edec", + "dependsOn": [ + "33155de6-f8f2-48a7-ab80-19d8641794bf", + "71a8cbce-c3a6-4797-b3f1-60415f5e1131" + ] + }, + { + "ref": "ab3bfc00-8d35-4a4d-b314-86573681d910", + "dependsOn": [ + "85776385-c1af-42fa-a0ac-21ecf796742f", + "6d8385bd-f9a9-4a97-9031-3a1c717209b7" + ] + }, + { + "ref": "36fc309f-d086-43d6-b660-5de275ee630f", + "dependsOn": [] + }, + { + "ref": "2f225da8-8da3-429b-a014-effeea8c71eb", + "dependsOn": [] + }, + { + "ref": "df3cc349-8f4d-4d7e-82ab-1309f17741d3", + "dependsOn": [] + }, + { + "ref": "6d8385bd-f9a9-4a97-9031-3a1c717209b7", + "dependsOn": [] + }, + { + "ref": "5e7cd916-704f-4746-83a0-ec3850bb3f49", + "dependsOn": [] + }, + { + "ref": "cc245b84-5644-43ff-82a8-82d6ff6ce58a", + "dependsOn": [] + }, + { + "ref": "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "dependsOn": [] + }, + { + "ref": "0476a31c-6a89-45b2-8e9b-8d4a725d06eb", + "dependsOn": [ + "2687d928-5b18-4ce5-ab4c-8ef513f0b48c" + ] + }, + { + "ref": "5aed0617-3613-43e7-94d2-105b2af0b00d", + "dependsOn": [] + }, + { + "ref": "88a1ebea-4757-41a9-91cc-047c07fe0f94", + "dependsOn": [] + }, + { + "ref": "09d37ee7-6931-4191-ba1e-d8f5c8c1f66f", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "d47e0fb9-cbb0-4e5b-90f0-264ef63dca8b", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "ea950eb0-f271-4abc-a5dc-7c60fed3b586", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e", + "cc245b84-5644-43ff-82a8-82d6ff6ce58a" + ] + }, + { + "ref": "bd750137-b073-47d5-891a-e48c192cfcba", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "1f037d99-8070-4b50-8260-1e8ef8765f8d", + "dependsOn": [] + }, + { + "ref": "9c03efc2-c106-4191-980f-b91376b5ab06", + "dependsOn": [] + }, + { + "ref": "80b88754-8b78-4597-bc4f-47788add0031", + "dependsOn": [] + }, + { + "ref": "54f1226e-fb42-44e1-afb3-f5963e327f7c", + "dependsOn": [ + "384a59b8-b897-4318-8a7f-2e02568a9e5e" + ] + }, + { + "ref": "5978be79-e890-48b1-8f11-40416ee5bb61", + "dependsOn": [ + "9c03efc2-c106-4191-980f-b91376b5ab06", + "80a1384b-dee2-4dff-9d74-79d854cdeb2f" + ] + }, + { + "ref": "75ac24b0-9039-45fe-842d-ccecdd3c62e1", + "dependsOn": [] + }, + { + "ref": "0dcaa1ac-b6f5-466b-9bd2-6d8aa5ddbf8c", + "dependsOn": [ + "0052b14c-fb6a-404e-89fb-48cad6d2535d", + "91658b5a-2478-4653-a3e4-f62c4f58f87b" + ] + }, + { + "ref": "b5aed9a4-3863-44c0-b9f2-dff8328ac7cf", + "dependsOn": [] + }, + { + "ref": "71a8cbce-c3a6-4797-b3f1-60415f5e1131", + "dependsOn": [] + }, + { + "ref": "3d67ecbd-3ee2-437b-800b-d137ccd17d46", + "dependsOn": [] + }, + { + "ref": "80a1384b-dee2-4dff-9d74-79d854cdeb2f", + "dependsOn": [] + }, + { + "ref": "85776385-c1af-42fa-a0ac-21ecf796742f", + "dependsOn": [] + }, + { + "ref": "0f2c6b93-4dda-43b7-b7aa-f03f357c5dcd", + "dependsOn": [] + }, + { + "ref": "fffd9ae3-d1b8-4bfc-a83c-063e38e56ce4", + "dependsOn": [] + }, + { + "ref": "daabc9e2-1ec3-4d10-9251-69ab9834b02a", + "dependsOn": [ + "13aba3db-12c7-44d2-895d-130d2897e460" + ] + }, + { + "ref": "13aba3db-12c7-44d2-895d-130d2897e460", + "dependsOn": [] + }, + { + "ref": "3e7afa7e-c1fd-4d82-a68e-075f486c0ba1", + "dependsOn": [ + "3affcf84-19c7-4ac3-91f9-b08980969391" + ] + }, + { + "ref": "3affcf84-19c7-4ac3-91f9-b08980969391", + "dependsOn": [] + }, + { + "ref": "c454f700-0d16-4956-a210-03d9073b6d12", + "dependsOn": [] + } + ], + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:dbaf64af-0eec-4ff1-bffe-8b642d1d16c9", + "version": 1, + "metadata": { + "timestamp": "2024-07-08T17:30:28Z", + "tools": [ + { + "vendor": "OWASP", + "name": "Dependency-Track", + "version": "4.11.4" + } + ], + "component": { + "type": "application", + "bom-ref": "602de70a-7107-4ac8-9ad2-3c1c816892a7", + "name": "test 9", + "version": "SNAPSHOT", + "description": "This is the project I want to use to generate data to understand the schema a bit better" + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-saf-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-saf-hdf-withraw.json new file mode 100644 index 000000000..4df777e68 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-saf-hdf-withraw.json @@ -0,0 +1,178179 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/@mitre/saf@1.4.7", + "title": "@mitre/saf CycloneDX BOM Report", + "version": "1.4.7", + "maintainer": "The MITRE Security Automation Framework", + "summary": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "license": "Apache-2.0", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "bb7e08a6555c552f8096497e3ea8043e91f3425eebe8ddc4e0966c262f7e7635" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "name": "client-config-service", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Config Service Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-config-service@3.590.0#clients/client-config-service", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-config-service", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-config-service", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ad29ae81b639104043527461f1bd58d83f0294a7d812a161b7210ff7855d54705dae36775d2b2269d856e08b21e4ed081c2c93ba6c189b90327e25fcb03aa3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service" + } + ] + }, + { + "type": "library", + "name": "sha256-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-browser/-/sha256-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f152e65b607e82315b539b8c7aab5033a363d3f1756eba3cd31417096e824015a0a2c1565d3c7beda78e17908020099b38aeb849d30125d36be89e35c8fe66bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser" + } + ] + }, + { + "type": "library", + "name": "ie11-detection", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions and types for detecting if the host environment is IE11", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/ie11-detection@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/ie11-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/ie11-detection/-/ie11-detection-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df8d650419226350df0cd29a8bfc173376ae8cd0645d1eedab55113d00cbf708b70146c8f34351ef8b85d535c7326ee9a3501c9c593c8aed92d88794ffefc0f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection" + } + ] + }, + { + "type": "library", + "name": "sha256-js", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-js@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-js@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-js/-/sha256-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e734dee8b34fb27755ef5c0cb6dc214e9936cc683c60c57b53287c9bac9dfd63c906cc10138011626d624a1fa061cad2c8fd9caccecf3bc4238137206283abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js" + } + ] + }, + { + "type": "library", + "name": "supports-web-crypto", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions for detecting if the host environment supports the WebCrypto API", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/supports-web-crypto@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/supports-web-crypto", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/supports-web-crypto/-/supports-web-crypto-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d3a84174cc1401bd96153b861bbdcb482d307cfbbddf15b0a39bcbd9eb7d7b29a09aedc8779bc500705b6a355688684f3b7eea72c7426a9fc5a97bc918958f22" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto" + } + ] + }, + { + "type": "library", + "name": "util", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/util@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/util@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/util", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/util/-/util-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8e265a5e269091e3c082f2bfae2950a1cecf48ba7823f70919ae5f19d38d435845afc881c82d82823cdcc98212ac8af8fe4b798ba3a05573b981373771038eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/types@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.577.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "153d896444b7c0128dfda95f9a1968fb764eabf5c9d02ed039970336ba4a8c1d24a98a0a8e154a67f1f1e80ad1d1cce429f1f304112ceb2e3479b207c769d298" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/types" + } + ] + }, + { + "type": "library", + "name": "util-utf8-browser", + "group": "@aws-sdk", + "version": "3.259.0", + "bom-ref": "@aws-sdk/util-utf8-browser@3.259.0", + "author": "AWS SDK for JavaScript Team", + "description": "A browser UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-utf8-browser@3.259.0#packages/util-utf8-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-utf8-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-utf8-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52f15afef47e7b5f57a2891917c47315906bc361149105b18815b4c9840086f9370be4151a5d07de8b9c6bc2c306505f40a5f0996de1ba8ff9f47f2bc1bd7027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-utf8-browser" + } + ] + }, + { + "type": "library", + "name": "util-locate-window", + "group": "@aws-sdk", + "version": "3.535.0", + "bom-ref": "@aws-sdk/util-locate-window@3.535.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-locate-window@3.535.0#packages/util-locate-window", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-locate-window", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-locate-window", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.535.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c727748be9dda3a5c81ba9d8223f1917a6eec3adcd8f6158b0c5222abef30a843c33481d56de632fb69cf028ce0813bccb168759a3418a8c9f40b285e775784" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-locate-window" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "2.6.3", + "bom-ref": "tslib@2.6.3", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@2.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4dbf12443948963c6854b9475080024f28e3897c69c8c8ac9239cd3d5e42ac81d515ff7136cefc1961d7a38e64603c281cca6d63b8b1f7db6eb203bb0414929" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-host-header@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.577.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c6b9309cf8e7908e0c8557b34fec5a6266eeddd03b81146b5cdff2913c82b2e9cdfd09f786f3fec9035a6dfb3e58b5dd3dd66804011c24e21f681455f0ac5a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-host-header" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-logger@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.577.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68f146a468d365c25893edb86e0ee34f85dd229e369855d2b8fb78f65c392b281e7cbc8933fb01d1b28aa8f6188af5b4adcb99f5bad0e7c79950db61af3600be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-logger" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.577.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a67dd95447768a86ca2654771fe6c38a51e38119cdad0e873262bd673670f3d0a49f70dc6efe3cc4ebf8449beed1a53c4832e5fd2342c69a4a8de2c34cf18134" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-recursion-detection" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.577.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc40331e047a1d6a59387ef11607892dcebf0b331cc789f1790a25671559a01e693da25ddc28f246164dd315de641d1721109699be322418328ae8172cd3242c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-browser" + } + ] + }, + { + "type": "library", + "name": "config-resolver", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/config-resolver@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/config-resolver@3.0.1#packages/config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85b91825cdb44810f3daaa8bcedb6323f12a5de9ad996934a284739cbb225e9df4eba290453bee2876bb5388c264226ae83a33aafcb4475fef344482f629cf26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/config-resolver" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@smithy", + "version": "2.1.1", + "bom-ref": "@smithy/core@2.1.1", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/core@2.1.1#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/core/-/core-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2f6c8c3051c83414c85354980c85bb1148014bd2bc1dbb2fce433ed7ab5a495c93b2686bfe3c68e3d6219ac119730543c0e41909bfb4baabe614d94f2093f58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/core" + } + ] + }, + { + "type": "library", + "name": "fetch-http-handler", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/fetch-http-handler@3.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/fetch-http-handler@3.0.1#packages/fetch-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/fetch-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/fetch-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9a1fbe22e410e3fab070a106978a82a923448704916d395c33ac2a71671a61396d248b98e18fb757bc33183362097a6f13a5d16f4b6882d3cb2339b95f14616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/fetch-http-handler" + } + ] + }, + { + "type": "library", + "name": "hash-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-node@3.0.0#packages/hash-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f38a97b2d35e98fdd74b98dca1fd1e97af9b0df8f3baf8493d04c47eba37960b5b0ad2a0ccf9b7320892e9e85754f8de439f894b41ea993cfc7ff4587f31d5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-node" + } + ] + }, + { + "type": "library", + "name": "invalid-dependency", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/invalid-dependency@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/invalid-dependency@3.0.0#packages/invalid-dependency", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/invalid-dependency", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/invalid-dependency", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17ac0105a105809ce3d2ce0a5259622063e6a977a6c0fe846af82f0ea630087e343b95ebda2307bd2f2da1d986559b6e242a2b0645ec60bc93bb83ee8b356ae6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/invalid-dependency" + } + ] + }, + { + "type": "library", + "name": "middleware-content-length", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-content-length@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-content-length@3.0.0#packages/middleware-content-length", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-content-length", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-content-length", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc2e2ce1dfe21a86e00ad936b67596ebecd24ce060d4f4409b6bed5992ddae2c13ae815b6d6352af795ccb31ddad01e71176020b92b9d846e97e875a21463cb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-content-length" + } + ] + }, + { + "type": "library", + "name": "middleware-endpoint", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/middleware-endpoint@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-endpoint@3.0.1#packages/middleware-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "950fd439d183e0a33990b662025d2af10cb774f6f29ef0172807579d896b0353a9694c2bfa7792b15a240d9a58e9955be58c7c8e7bacdbdbafe975a933d3f849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-endpoint" + } + ] + }, + { + "type": "library", + "name": "middleware-retry", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/middleware-retry@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-retry@3.0.3#packages/middleware-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5af7b5ab325bf3754453feaafbf2347107409039eecc42c2e88bc80700f3504886a4aa97817d6fd74154b9919b452e8ebff3fe1c7b61700a07389650bd934090" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-retry" + } + ] + }, + { + "type": "library", + "name": "middleware-serde", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-serde@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-serde@3.0.0#packages/middleware-serde", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-serde", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-serde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "235bca1b57e823ea0f806f6bec8318d52fb10679809f5212aa9968cafaa4c07a126fc54fb278070d33a0606601a27b8e2a775a591506259aca6182c1f809deeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-serde" + } + ] + }, + { + "type": "library", + "name": "middleware-stack", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-stack@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a means for composing multiple middleware functions into a single handler", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-stack@3.0.0#packages/middleware-stack", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-stack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-stack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87d239b27c0c874455e6eb0ba7b24b8d02ab63ef27e6c0507a169dfb7a7cada76ab4e3bfce77dc5eb446946e5bb22263a51a71a969519a55f8f06b04abfa2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-stack" + } + ] + }, + { + "type": "library", + "name": "node-config-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/node-config-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "Load config default values from ini config files and environmental variable", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-config-provider@3.1.0#packages/node-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e07c1f1022d51f4c54df1ccbcab9cda0d56eb4575bab220647a83d49345642dad4d65da86a7f65ef297a9c052ef266a47b1aa910419cb5d72fe534e516ceaed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-config-provider" + } + ] + }, + { + "type": "library", + "name": "node-http-handler", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/node-http-handler@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-http-handler@3.0.0#packages/node-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dedac3e2becd38cca0c0b6d4268e1ea1dc90bb2a405abeeebcf9de6cd27d6bbd1d421567f944bc8ff9429efa094ba0577d9785ecf924908d037a6549c3e9fe79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-http-handler" + } + ] + }, + { + "type": "library", + "name": "protocol-http", + "group": "@smithy", + "version": "4.0.0", + "bom-ref": "@smithy/protocol-http@4.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/protocol-http@4.0.0#packages/protocol-http", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/protocol-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/protocol-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e4193842365cb5915813bd020218b87baa8d9d9cb32afcfc89601431c336e2202c0311c76065f1c9395390fa561f433dda1a569bb3c1631ad3171d2f83bf01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/protocol-http" + } + ] + }, + { + "type": "library", + "name": "smithy-client", + "group": "@smithy", + "version": "3.1.1", + "bom-ref": "@smithy/smithy-client@3.1.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/smithy-client@3.1.1#packages/smithy-client", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/smithy-client", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/smithy-client", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63e0abbb329cd947c72656e3dc49bacb155c66a6d5a4b6624cc124ffb8812ae2c6ab69b11d17c09b99075807bb89fd7e7542ad846309d1b284bb85d47807bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/smithy-client" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/types@3.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/types@3.0.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/types/-/types-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "56f5ae424d91285b8eafdf201618dc6bb7e4052fb12cb5114fc6d48e4e5742857464b9bb58fc163cf637fc0c334cbb940437a82830ad85f7b502c4d459a48487" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/types" + } + ] + }, + { + "type": "library", + "name": "url-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/url-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/url-parser@3.0.0#packages/url-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/url-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/url-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d972dacc5814bbe60e187b568a10771522c07c251a8d57cd05718662339a54a8cb02e031c77a52058de10602f3220075ee169fe7d80e1b78a62aa4f2f2672b8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/url-parser" + } + ] + }, + { + "type": "library", + "name": "util-base64", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-base64@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A Base64 <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-base64@3.0.0#packages/util-base64", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-base64", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-base64", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-base64/-/util-base64-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b1be887942db74083b1f6a3899382a49c60b4f1d738ac2633e672e30683e3752810c03ea8fc716bdf1a13fed985d9c115915730e881479c5b71a3212edce741" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-base64" + } + ] + }, + { + "type": "library", + "name": "util-body-length-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in browsers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-browser@3.0.0#packages/util-body-length-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-browser/-/util-body-length-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71b8c9b3603598b626aa6c9597cd2ea0b4c984071fccc3b23e08f0018bac58a31d2de36dce6333f58c4d977fe344ba31492df092a91fd23c0d76d5d6b7210169" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-browser" + } + ] + }, + { + "type": "library", + "name": "util-body-length-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-node@3.0.0#packages/util-body-length-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-node/-/util-body-length-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3ee96786d49683543fa3f3c2137b2b7f3ab664a61044fd42d420d1381d34e9f1859bc2b2c1e38bea194d422ecf110245f1bcadd9b63ccc3658216ce9e21890" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-node" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-browser", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-browser@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-browser@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc314e3766ef5c902e9097bea8580f57fae8ac6ed90f79b88230971c3d55e73fed80a429e4c09308b9edaddebcead5fab63f14962de579f59726e74d8395a608" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-browser" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-node", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-node@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-node@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f46fc1895de713d346daa124372227aede4de667b198f30d739a0f29768818ac6bd625e2dc21c96a93681b906e0ad03681196aceeafeabdb48b02057c362b98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-node" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@smithy", + "version": "2.0.1", + "bom-ref": "@smithy/util-endpoints@2.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-endpoints@2.0.1#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6514f45423a72a556885fa0004c73c956790a3f24416e3d672d7cd4578131dbc8e56cb0c38b60550d5ae931c621d119502157e9f773490f5becd4a9c92354f10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-middleware", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-middleware@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-middleware@3.0.0#packages/util-middleware", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-middleware", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-middleware", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab921374e9d5da95c74950e7296af08123530c100c1cba6d144d3bb9aff94f2e56275d5bbebd2f9366bb6a0bbba9186b085450967a39bb70a7794e4410b2be0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-middleware" + } + ] + }, + { + "type": "library", + "name": "util-retry", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-retry@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared retry utilities to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-retry@3.0.0#packages/util-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9caf7d6ef262ce21affd438a2650ef145e39174d1680f2ca5481947c02be98387354dda16ff4b7dee5b64e5860e4f541a2a63bb4356a2f4ce6bb83b1007828f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-retry" + } + ] + }, + { + "type": "library", + "name": "util-utf8", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-utf8@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-utf8@3.0.0#packages/util-utf8", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-utf8", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-utf8", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad4793d766f1167a656037bcd791976eafe88b11061df44516d71317761d0e2fc968434833a6926182c9c9d1bcdd43732d77912392bc69b61dffc4a9fd033490" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-utf8" + } + ] + }, + { + "type": "library", + "name": "signature-v4", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/signature-v4@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A standalone implementation of the AWS Signature V4 request signing algorithm", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/signature-v4@3.0.0#packages/signature-v4", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/signature-v4", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/signature-v4", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91714e90d5fe0501dedaa9cbc693046824466a9f49ead5062f373703d8dd9fe9c3e0974cc0229327ecc5c10db41a463e9805c66adc93c371dca14951dfd1f098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/signature-v4" + } + ] + }, + { + "type": "library", + "name": "is-array-buffer", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/is-array-buffer@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a function for detecting if an argument is an ArrayBuffer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/is-array-buffer@3.0.0#packages/is-array-buffer", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/is-array-buffer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/is-array-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f85b2ee90e82e114898b2f3563c780a63101e6056d33ea052937df83e8d2bb0b6fa26249ae150906edb34bcc235d2807fe0d4c2845abcf20a14c17ba7256f915" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/is-array-buffer" + } + ] + }, + { + "type": "library", + "name": "util-hex-encoding", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-hex-encoding@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Converts binary buffers to and from lowercase hexadecimal encoding", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-hex-encoding@3.0.0#packages/util-hex-encoding", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-hex-encoding", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-hex-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-hex-encoding/-/util-hex-encoding-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7859dd8755842b960c518bf2de53e5566618fdf65c404d43f2849fe3521ddaf09e2242895cf7180c2643fb8fb156223a6f55d277bb44face40997cf3e6295a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-hex-encoding" + } + ] + }, + { + "type": "library", + "name": "util-uri-escape", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-uri-escape@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-uri-escape@3.0.0#packages/util-uri-escape", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-uri-escape", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-uri-escape", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-uri-escape/-/util-uri-escape-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2ea47ba982e06530fb9d62c179c522e1aaa8970f0c8736bd02ba4d110f3cd4c249214dac13988708ae93772aaacdc0cbcb438f7b5d086384fc72d55db729ee6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-uri-escape" + } + ] + }, + { + "type": "library", + "name": "strnum", + "version": "1.0.5", + "bom-ref": "strnum@1.0.5", + "author": "Amit Gupta", + "description": "Parse String to Number based on configuration", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strnum@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/strnum.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27c6db37228a5e5e6a61c477e9320ef16de6546547ae69b1b1de4f008b46926cb3c09bf26e2c36215ab99ea7748b82d2352901fecc7d5479656df15dafd93524" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strnum" + } + ] + }, + { + "type": "library", + "name": "property-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/property-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/property-provider@3.1.0#packages/property-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/property-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/property-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3dfea1586a75981e9a30a25a31650037e1bcb1780bfb8a0ee2a8effb6512c450f7edde982ade476c67763f7bd104914ac882114f21656dfff0942efa7e70e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/property-provider" + } + ] + }, + { + "type": "library", + "name": "util-stream", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/util-stream@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-stream@3.0.1#packages/util-stream", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5ed534d840b1f31103c23df3a61d398e5f134fd3d7f663145e8e2ecaa4bd054d3f7bd9feccd80df182ca985bee2a00d3daf7d8aff4a9b4857cd154ebc692cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-stream" + } + ] + }, + { + "type": "library", + "name": "credential-provider-imds", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/credential-provider-imds@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/credential-provider-imds@3.1.0#packages/credential-provider-imds", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/credential-provider-imds", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/credential-provider-imds", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab8038777f2ff296189ac7aefe34d2dd9e48df35e510e7b939b8be109ade54a8125725941ce77bff26950a29c2eb4406e0c4720acf7cb5cc411f520c0b46eeed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/credential-provider-imds" + } + ] + }, + { + "type": "library", + "name": "shared-ini-file-loader", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/shared-ini-file-loader@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/shared-ini-file-loader@3.1.0#packages/shared-ini-file-loader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/shared-ini-file-loader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/shared-ini-file-loader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74033bc125f4351dea4cdc8654dfe7c30a440f37d5f53ff700dd9e0011315a675ae55a99292b2394836aa263b98634161aff88224a177ecdeedaf192373f3e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/shared-ini-file-loader" + } + ] + }, + { + "type": "library", + "name": "util-config-provider", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-config-provider@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities package for configuration providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-config-provider@3.0.0#packages/util-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-config-provider/-/util-config-provider-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5b8e4e2cd1fc2adc38bf00d2feac2bc930a3396f3010744e52ffa44be4d5e0304c45022e9481030f3a6e723da2163e9afe10e5ca5d1a27277168c4a7f898225" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-config-provider" + } + ] + }, + { + "type": "library", + "name": "bowser", + "version": "2.11.0", + "bom-ref": "bowser@2.11.0", + "author": "Dustin Diaz", + "description": "Lightweight browser detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bowser@2.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/lancedikson/bowser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lancedikson/bowser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lancedikson/bowser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bowser/-/bowser-2.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02571a2418bfa6aa8904843c53d31ca5cf62f00ab19fcf1292fe5dfb1057d34e81639bbc3779862c76b92e0a696bb2ff1dfc20c0b819e8d62cf8083ab9498944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bowser" + } + ] + }, + { + "type": "library", + "name": "querystring-builder", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-builder@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-builder@3.0.0#packages/querystring-builder", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d6f058b4373c9f904d13990a610d7af50260436cad35700e02d59ee0830300539443cf9000bff2a6a11c334004b49315cd7ff0f600b4c48302b45367382ed46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-builder" + } + ] + }, + { + "type": "library", + "name": "util-buffer-from", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-buffer-from@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-buffer-from@3.0.0#packages/util-buffer-from", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-buffer-from", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-buffer-from", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6843870a0ab945615b3fe5033ef3e8b76e842478ce0be6d182c7b903c5771524a1a9de44e54378a9cef3930b2f24f3c056c7fbdd0c18707375fe0b7faed2f040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-buffer-from" + } + ] + }, + { + "type": "library", + "name": "service-error-classification", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/service-error-classification@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/service-error-classification@3.0.0#packages/service-error-classification", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/service-error-classification", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/service-error-classification", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc1b01b4e52dd86b277375f6ddec3eaf633bd56c2da477c40c684760748383aab5b7c16b5a1d798d3db90cb6a3155d47f8fa71009ea0a9ef7261e454b2649d14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/service-error-classification" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "9.0.1", + "bom-ref": "uuid@9.0.1", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@9.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fed5e24e96c47d2bc1c9a68c3d3a4ddf896396488708cd7a1dbefd2b42356839536958ca717f5c19369b78cbd875d2874236baa7629d4e073464b5c9017b7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "querystring-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-parser@3.0.0#packages/querystring-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5331f0b6193450471c578747ccfc929c1cb7e005b0dd5f6522a513c66a3343ec0f0c03bd72c09631f38b7bb57d0366a0358cbbc44f8f6f44ba2bf276dc94b37d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-parser" + } + ] + }, + { + "type": "library", + "name": "client-securityhub", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-securityhub@3.590.0#clients/client-securityhub", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-securityhub", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-securityhub", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cc0da783606c03b91489ecb6ea697c41b66088bb51a013b0e30dcec6364162dfcd31500d89bb9108bf63959a057c2f7b3f54f245c9baebdde57ee35adba1f92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub" + } + ] + }, + { + "type": "library", + "name": "xlsx", + "group": "@e965", + "version": "0.20.1", + "bom-ref": "@e965/xlsx@0.20.1", + "author": "sheetjs", + "description": "SheetJS Spreadsheet data parser and writer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40e965/xlsx@0.20.1", + "externalReferences": [ + { + "url": "git+https://github.com/e965/sheetjs-npm-publisher.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://git.sheetjs.com/SheetJS/sheetjs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@e965/xlsx/-/xlsx-0.20.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd1bfc34b0751fa6aa43266ddff80b8ddd31919b07fbf588462e181c0c359281123533cf9b35c96cfa8ed8730dec3641d6f9c5d5448ac50f59bd2d12f4baa66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@e965/xlsx" + } + ] + }, + { + "type": "library", + "name": "emass_client", + "group": "@mitre", + "version": "3.10.0", + "bom-ref": "@mitre/emass_client@3.10.0", + "author": "OpenAPI-Generator Contributors", + "description": "OpenAPI client for @mitre/emass_client", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/emass_client@3.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/emass_client.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/emass_client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/emass_client/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/emass_client/-/emass_client-3.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e10952e45a11106c15df5d35d150ad7a8e7d7a76cf08d11405e99a1331c422a5284f08bf4b64a4f7c4d429d31838c0a53f826d363e984cfaad76ae2fe821e705" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client" + } + ] + }, + { + "type": "library", + "name": "follow-redirects", + "version": "1.15.6", + "bom-ref": "follow-redirects@1.15.6", + "author": "Ruben Verborgh", + "description": "HTTP and HTTPS modules that follow redirects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/follow-redirects@1.15.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/follow-redirects/follow-redirects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1637ad9821311a3a948ae7ce0465725a7c7d401a93bc45580495f92e5db4ceacf5f87c87cec84a56fc2b2235df09758ac0a0ebda7d14ce127bec3befaa0aa14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/follow-redirects" + } + ] + }, + { + "type": "library", + "name": "hdf-converters", + "group": "@mitre", + "version": "2.10.8", + "bom-ref": "@mitre/hdf-converters@2.10.8", + "description": "Converter util library used to transform various scan results into HDF format", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/hdf-converters@2.10.8", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/hdf-converters" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@mdi", + "version": "7.4.47", + "bom-ref": "@mdi/js@7.4.47", + "author": "Austin Andrews", + "description": "Dist for Material Design Icons for JS/TypeScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mdi/js@7.4.47", + "externalReferences": [ + { + "url": "git+https://github.com/Templarian/MaterialDesign-JS.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mdi/js/-/js-7.4.47.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28f9cd3ad9b98b6a4c69ba99c69533ee241ffa67eb619c8a099f10373f39733804b7b72e1dc1a8ad67ddcd4316600d120fe6ba1e7e05989f98873cf38e44d9ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mdi/js" + } + ] + }, + { + "type": "library", + "name": "jsonix", + "group": "@mitre", + "version": "3.0.7", + "bom-ref": "@mitre/jsonix@3.0.7", + "author": "Alexey Valikov", + "description": "Jsonix (JSON interfaces for XML) is a JavaScript library which allows converting between XML and JSON structures.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause", + "url": "http://github.com/highsource/jsonix/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/%40mitre/jsonix@3.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mitre/jsonix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/mitre/jsonix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/mitre/jsonix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/jsonix/-/jsonix-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f1a0cd2f6bf46f606a68e8bedc77fdfc4b8d914315cc53d83aeb0bc7d318fcacbd2cbcf60f90718062fcfa1e669d8a53887c859271a6e16aff3059b3ee81cb63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/jsonix" + } + ] + }, + { + "type": "library", + "name": "xmldom", + "group": "@xmldom", + "version": "0.8.10", + "bom-ref": "@xmldom/xmldom@0.8.10", + "description": "A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40xmldom/xmldom@0.8.10", + "externalReferences": [ + { + "url": "git://github.com/xmldom/xmldom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xmldom/xmldom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xmldom/xmldom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9600b7d3978c68d9290609846deab0d315f93d475733981bd4432d7680ad8ab91288a5612171b6f3cbc1195edcff8e446a1d7f1b14473a142d478d7e1351663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@xmldom/xmldom" + } + ] + }, + { + "type": "library", + "name": "amdefine", + "version": "0.0.4", + "bom-ref": "amdefine@0.0.4", + "author": "James Burke", + "description": "Provide AMD's define() API for declaring modules in the AMD format", + "licenses": [ + { + "license": { + "name": "BSD", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/amdefine@0.0.4", + "externalReferences": [ + { + "url": "http://github.com/jrburke/amdefine.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://registry.npmjs.org/amdefine/-/amdefine-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbdb8d95aaa6f246746d80ee845b759aa3682ccd88e00b12781fba75d74d8927e6465251ab7f0852e36d503e3ec4eccea0f96d387cd2be795282c70c7e99c30e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/amdefine" + } + ] + }, + { + "type": "library", + "name": "xmlhttprequest", + "version": "1.8.0", + "bom-ref": "xmlhttprequest@1.8.0", + "author": "Dan DeFelippi", + "description": "XMLHttpRequest for Node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlhttprequest@1.8.0", + "externalReferences": [ + { + "url": "git://github.com/driverdan/node-XMLHttpRequest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/driverdan/node-XMLHttpRequest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/driverdan/node-XMLHttpRequest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c226fd4d2695504b337f0d7598c7ca1b8cb42a9aeb5e3af64d983ff01a3dbbc2a15f5a4065296c9063d50466db2b518954010ff7ecc3b2f66c9183550b3004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlhttprequest" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "group": "@types", + "version": "1.4.5", + "bom-ref": "@types/csv2json@1.4.5", + "description": "TypeScript definitions for csv2json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/csv2json@1.4.5#types/csv2json", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/csv2json", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/csv2json/-/csv2json-1.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d79d88c649cffcca76149023a6968d23036bdae7d65ed55c6cd814fb651371ac12af61569ea85a4e4dac2153a6967b4503226b19d3400acdc0ccacf9808a4d38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/csv2json" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "group": "@types", + "version": "1.4.4", + "bom-ref": "@types/pumpify@1.4.4", + "description": "TypeScript definitions for pumpify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pumpify@1.4.4#types/pumpify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pumpify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pumpify/-/pumpify-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9c59b41479c0f4e0c41892334184f99c5083f7ebc6a5a189aa9be22674c280f2b329c51340859003ea0223fac0154c5d43962aab4ffa94a7a686362ffd537b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "group": "@types", + "version": "3.6.4", + "bom-ref": "@types/duplexify@3.6.4", + "description": "TypeScript definitions for duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/duplexify@3.6.4#types/duplexify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/duplexify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/duplexify/-/duplexify-3.6.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e6a154fb1df9dcb708be85ba003325cc68ada5a15208591844099ecd644ca7c25d6289e621bf564681d39c1156b0ca1df3852aa6f45f491787dd5e13df5166" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/duplexify" + } + ] + }, + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.14.1", + "bom-ref": "@types/node@20.14.1", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.14.1#types/node", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f633348612efb2b01fc59167ea9a15773cbc90968c1da6d9a6803db40ba431b12f059afe528e96756b25da102d12db5fe1e5427d880e96ff9bd2354e65d3438" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "ms", + "group": "@types", + "version": "0.7.34", + "bom-ref": "@types/ms@0.7.34", + "description": "TypeScript definitions for ms", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/ms@0.7.34#types/ms", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/ms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/ms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c6f7a1b75a9e9a73202026a19ab233836fe69cac8eca96d3e2471cc73d79cfdcd808dbc6e940346fe77a256ea1976df7201796a288798edf1a701294b92ddf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "group": "@types", + "version": "4.2.5", + "bom-ref": "@types/mustache@4.2.5", + "description": "TypeScript definitions for mustache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mustache@4.2.5#types/mustache", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mustache", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mustache", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3cbc2256f4c1839f6d1852fff15a5c1afa8ebb72f83aebde36f3e2d0461b59c85174454ffbec9151724f165f82029284ab5df4d7bff835feda439953b4750db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "group": "@types", + "version": "5.3.14", + "bom-ref": "@types/papaparse@5.3.14", + "description": "TypeScript definitions for papaparse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/papaparse@5.3.14#types/papaparse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/papaparse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/papaparse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/papaparse/-/papaparse-5.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f127888415ca6a73a3044f0a7d7fa055e9555ce379ba31f1f456a168b07beb5207d78857bac30ed1de2b64390f9308ae98f88bfff919e7bed4599e473929cf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "group": "@types", + "version": "0.3.12", + "bom-ref": "@types/revalidator@0.3.12", + "description": "TypeScript definitions for revalidator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/revalidator@0.3.12#types/revalidator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/revalidator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/revalidator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/revalidator/-/revalidator-0.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ec0368c77f3ef725a211395a0c0ddff1ee75565c19847434a85c1e324250f3bff342064158d9f30793213a0c6aefa282c30057b9408ea5f56ab44e0768a4cb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/revalidator" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/triple-beam@1.3.5", + "description": "TypeScript definitions for triple-beam", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/triple-beam@1.3.5#types/triple-beam", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/triple-beam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/triple-beam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/triple-beam/-/triple-beam-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e966987ac4e144c0a5d7d8abc8c60feffc76395802b5b2157e50c61695a76fd8ab5c8dd48d8138033998ba250a635009b2d1a28e863e32052cccc811c4861363" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/triple-beam" + } + ] + }, + { + "type": "library", + "name": "validator", + "group": "@types", + "version": "13.12.0", + "bom-ref": "@types/validator@13.12.0", + "description": "TypeScript definitions for validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/validator@13.12.0#types/validator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/validator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/validator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c7e392e4ee83c8275455385e8980523a0f2d10a47133ab841e71986f82ec583c3c13f1cf77a6b08ca80b6222db66dfdbe867e0c347eaa436732926630146a6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/validator" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "group": "@types", + "version": "0.4.14", + "bom-ref": "@types/xml2js@0.4.14", + "description": "TypeScript definitions for xml2js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/xml2js@0.4.14#types/xml2js", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/xml2js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e189eb45e9814a15913b6423bd48a7f04480e35ac7fbd9d018b506655ff5203862dd22fd3a1769342fccaee9535aea6d5cac21c7f683c44eeda15d1fff2a485d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/xml2js" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "1.7.2", + "bom-ref": "axios@1.7.2", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@1.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80f1084e32b6e89a50ee88b78af5789b201cee1de45caaa34e1e9d02ca9e44a09d4814387e5d91f703a0645edbf42b880518223463804cec1d703848b446683" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "compare-versions", + "version": "6.1.0", + "bom-ref": "compare-versions@6.1.0", + "author": "Ole Michelsen", + "description": "Compare semver version strings to find greater, equal or lesser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/compare-versions@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/omichelsen/compare-versions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd6505e1a94bea513a2da59d34a8b49a89fcb76f85450f9f3c691afc30a170e02314afdf32b73096e700c7e6ac7f0c46399020d771b711b82a8bd2ccc47f6b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/compare-versions" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "version": "2.0.2", + "bom-ref": "csv2json@2.0.2", + "author": "Julien Fontanet", + "description": "Stream and CLI to convert CSV to JSON", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/csv2json@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/julien-f/csv2json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/julien-f/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/julien-f/csv2json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv2json/-/csv2json-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61567bd8e7a14acf7e8f694c135d28b2624d1de23475c1e55fea8dabcc5c4744fe46df1668e09c84a884545dc6b0ae0e7f7cff2c4eb8c746dad5ca542e601c97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv2json" + } + ] + }, + { + "type": "library", + "name": "csv-parser", + "version": "2.3.5", + "bom-ref": "csv-parser@2.3.5", + "author": "mafintosh", + "description": "Streaming CSV parser that aims for maximum speed as well as compatibility with the csv-spectrum test suite", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parser@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/csv-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parser/-/csv-parser-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c21e8942e0094dc0bfb912e0f92c7d9554d2a90fc422c595b6cf32b55e6ad56146ac945638739068a0444738222e6c6f62bff0c0c858ece31d07bd6359bb25a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parser" + } + ] + }, + { + "type": "library", + "name": "minimist", + "version": "1.2.8", + "bom-ref": "minimist@1.2.8", + "author": "James Halliday", + "description": "parse argument options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minimist@1.2.8", + "externalReferences": [ + { + "url": "git://github.com/minimistjs/minimist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/minimistjs/minimist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/minimistjs/minimist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db2c8047ca8190ddd8ba17896a7529582e54ddb6f9a2c0f2c0d07c4730d5943c031dba1c009bdeaaa8f5bbcf92543ee39164f8cafb070a95aaa96a80c5bd3308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimist" + } + ] + }, + { + "type": "library", + "name": "through2", + "version": "3.0.2", + "bom-ref": "through2@3.0.2", + "author": "Rod Vagg", + "description": "A tiny wrapper around Node.js streams.Transform (Streams2/3) to avoid explicit subclassing noise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through2@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/rvagg/through2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/rvagg/through2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/rvagg/through2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through2/-/through2-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a7683438314c8fd96e99c93e84b0ccea04f65a33f6af83c8aea3e976777402b3427ee916aa90757fdbf94ec034ee7811de27fd8b1bd96b2d6ddde6b58fb9cb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through2" + } + ] + }, + { + "type": "library", + "name": "exec-promise", + "version": "0.7.0", + "bom-ref": "exec-promise@0.7.0", + "author": "Julien Fontanet", + "description": "Testable CLIs with promises", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/exec-promise@0.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/exec-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exec-promise/-/exec-promise-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6b817e065a23cdb0f42b28227c5f754e6ec89d6afe89ad61853209a95362bd4d202ee90f3d27ec98ea4a7fa2d85845727852199e3bc8c18f8e99411af9e1780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exec-promise" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "1.0.2", + "bom-ref": "log-symbols@1.0.2", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: ✔︎ success", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a63eb5b4161d9fc4ecdd05b16fe20d66ea947bda16852cf2761b94891042dfd72fa2690ac31ba71608f8f2e7844761b640b7b5fe96cebdd0ac3ad807565c1cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols" + } + ] + }, + { + "type": "library", + "name": "has-ansi", + "version": "2.0.0", + "bom-ref": "has-ansi@2.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string has ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-ansi@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0bcbc127c0f0502c75f6f866eeeae14ee52caf8fc8c8fea5e15ccd403bfeaf21d039b5b74d34e9f7207af16a588117b66db686b99fec7bbe08a857959cc9cb66" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi" + } + ] + }, + { + "type": "library", + "name": "promise-toolbox", + "version": "0.14.0", + "bom-ref": "promise-toolbox@0.14.0", + "author": "Julien Fontanet", + "description": "Essential utils for promises", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-toolbox@0.14.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/promise-toolbox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/promise-toolbox/-/promise-toolbox-0.14.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "555e655cae255da3c1f6804ee74a297b5a9dd0028df0dde72b5e2362f57dfea1667d95b63f1fdb2633d90678868d770825fe89e58fdca0d809b4f1c3ca2515fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/promise-toolbox" + } + ] + }, + { + "type": "library", + "name": "make-error", + "version": "1.3.6", + "bom-ref": "make-error@1.3.6", + "author": "Julien Fontanet", + "description": "Make your own error types!", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-error@1.3.6", + "externalReferences": [ + { + "url": "git://github.com/JsCommunity/make-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/make-error", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/make-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b3c52194d7bbbcf2a8990842d6a15e94ca24aff49cdc080d6eca379fbe2654f0392d3670901f4d9577f85cf6a62f1244f21d2087bdeb33de31bf0453d825489f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-error" + } + ] + }, + { + "type": "library", + "name": "pump", + "version": "3.0.0", + "bom-ref": "pump@3.0.0", + "author": "Mathias Buus Madsen", + "description": "pipe streams together and close all of them if one of them closes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pump@3.0.0", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pump.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pump#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pump/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f0672fa9dd216cd4fcad77f8d872de30a6fe3d1e2602a9df5195ce5955d93457ef18cefea34790659374d198f2f57edebd4f13f420c64627e58f154d81161c3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pump" + } + ] + }, + { + "type": "library", + "name": "end-of-stream", + "version": "1.4.4", + "bom-ref": "end-of-stream@1.4.4", + "author": "Mathias Buus", + "description": "Call a callback when a readable/writable/duplex stream has completed or failed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/end-of-stream@1.4.4", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/end-of-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faec358a720754f428695b87cd1c97776d6270cf9c9ede02cc3e6b5be342d708ce5124ceb3e4deec53afec084deef4bdc7fa08ca12cfe4f4751fea614001eee5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/end-of-stream" + } + ] + }, + { + "type": "library", + "name": "once", + "version": "1.4.0", + "bom-ref": "once@1.4.0", + "author": "Isaac Z. Schlueter", + "description": "Run a function exactly one time", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/once@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/once.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/once#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/once/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94d689808fb643951140191c7042874d038f697754c67659125413658d0c15402e684a9ed44f8dcaf81dcff688c8d8ba67d3333b976fd47f27e7cfc610ba77fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/once" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "version": "2.0.1", + "bom-ref": "pumpify@2.0.1", + "author": "Mathias Buus", + "description": "Combine an array of streams into a single duplex stream using pump and duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pumpify@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pumpify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pumpify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pumpify/-/pumpify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9bb28e8deee3671ae6bad6a79644b575a8f5752eb3e8182c97339799c484a48942c4cdd5247ee51b940b79c93fea1805e85e1cac57f4d54b5098db097f079303" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "version": "4.1.3", + "bom-ref": "duplexify@4.1.3", + "author": "Mathias Buus", + "description": "Turn a writable and readable stream into a streams2 duplex stream with support for async initialization and streams1/streams2 input", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/duplexify@4.1.3", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/duplexify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/duplexify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/duplexify/-/duplexify-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "337066061c09459b12c77f25672844e770ac75d83397947bc4624d93b09575d643e82726c0c087f09fbb029ac8ad0287ed3a272b16828dcbf6ed099ffac43ea0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/duplexify" + } + ] + }, + { + "type": "library", + "name": "inherits", + "version": "2.0.4", + "bom-ref": "inherits@2.0.4", + "description": "Browser-friendly inheritance fully compatible with standard node.js inherits()", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inherits@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/inherits.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inherits#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inherits/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93fbc6697e3f6256b75b3c8c0af4d039761e207bea38ab67a8176ecd31e9ce9419cc0b2428c859d8af849c189233dcc64a820578ca572b16b8758799210a9ec1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inherits" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "3.6.2", + "bom-ref": "readable-stream@3.6.2", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@3.6.2", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f6efec9e20ab6370f959db04447cc71381b66025eaa06e454c7522082e1221bafa5dc2d9058d39c9af442a361e93d3b9c4e0308c6abed497460404bb43d49ca0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "stream-shift", + "version": "1.0.3", + "bom-ref": "stream-shift@1.0.3", + "author": "Mathias Buus", + "description": "Returns the next buffer/object in a stream's readable queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-shift@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/stream-shift.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efa3914740ced68d6194ac136e2fc33371175867f764960ef1c5d7e512709ee9760c4836a32a19ca32cda1033c5acbd988528245f0b53b427b882be27b745999" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-shift" + } + ] + }, + { + "type": "library", + "name": "strip-bom-stream", + "version": "4.0.0", + "bom-ref": "strip-bom-stream@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-stream@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-stream/-/strip-bom-stream-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d00a4ade20241efe966e02c80b0fc9e278701de0d9b01c4822c383fa01e064808be92789d12f5ffd666a7a691af5c8e44f230de6078877a7bc5395861409f771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-stream" + } + ] + }, + { + "type": "library", + "name": "first-chunk-stream", + "version": "3.0.0", + "bom-ref": "first-chunk-stream@3.0.0", + "author": "Sindre Sorhus", + "description": "Transform the first chunk in a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/first-chunk-stream@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/first-chunk-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/first-chunk-stream/-/first-chunk-stream-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd46f47886bfd2f1c5d7908639a538153fb2f7b6ae8b95859c83d9d606e5bba3534cc4a668ea83956bfe8621e90c188d08c3bb82f875a298c7bdbbf54078aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/first-chunk-stream" + } + ] + }, + { + "type": "library", + "name": "strip-bom-buf", + "version": "2.0.0", + "bom-ref": "strip-bom-buf@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-buf@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-buf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-buf/-/strip-bom-buf-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80b14d1ee71dea0cdbf2332c9794266774209d4266a7baa7e2e5121cdc045ee980a7b622ce8198c35f595157eeab868139052dca7da4f17fc2c33581ef75b695" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-buf" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "acc60f62f0b3b17cb022c95d80b692a0f970e4f7e807fb2cafb858e292df72876b03933f780af36b56bd5664e234804d323386af53b0f664f2536a3af54e94f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.4.0", + "bom-ref": "fast-xml-parser@4.4.0", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90b6378c5970218c01343a237252ac3400b5dac7c3e8dc16ef8401d82a0d18fbed5718e58987a156e9c1dc7632362fa7e13b75740720c18be6285fd9d7c7e5aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "html-entities", + "version": "2.5.2", + "bom-ref": "html-entities@2.5.2", + "author": "Marat Dulin", + "description": "Fastest HTML entities encode/decode library.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-entities@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mdevils/html-entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mdevils/html-entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdevils/html-entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-entities/-/html-entities-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bffcf491310938159efc2b26aefa666eac79f7147d15c2bf87dfa784d2b3db798911462f58c5c7983e1b8deb45305a8af1c8a1e1aa800997638529ae0156d68" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-entities" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "9.1.0", + "bom-ref": "htmlparser2@9.1.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@9.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e737e0ea61d4a1a7abffded3c671a9c666d1ef326d3f021814c67f1f9b9c4e53d984abedba6d39ca23cadcc81a8b76b40f2571bfba98aa8c1e6847769eb610cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "inspecjs", + "version": "2.10.8", + "bom-ref": "inspecjs@2.10.8", + "description": "Schema definitions, classes on top, and utilities to deal with HDF files", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/inspecjs@2.10.8", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inspecjs/-/inspecjs-2.10.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7254873aba523f31f309f195a81cf5f5fa6162c37032af4b2383ed3d690a45521ee79e1bb2a255b7f49f665859d4be7919ac4ff7e3e49d8b026984338d276109" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inspecjs" + } + ] + }, + { + "type": "library", + "name": "lodash", + "version": "4.17.21", + "bom-ref": "lodash@4.17.21", + "author": "John-David Dalton", + "description": "Lodash modular utilities.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash@4.17.21", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf690311ee7b95e713ba568322e3533f2dd1cb880b189e99d4edef13592b81764daec43e2c54c61d5c558dc5cfb35ecb85b65519e74026ff17675b6f8f916f4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash" + } + ] + }, + { + "type": "library", + "name": "moment", + "version": "2.30.1", + "bom-ref": "moment@2.30.1", + "author": "Iskren Ivov Chernev", + "description": "Parse, validate, manipulate, and display dates", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/moment@2.30.1", + "externalReferences": [ + { + "url": "git+https://github.com/moment/moment.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://momentjs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moment/moment/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/moment/-/moment-2.30.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b849ad3616c33ab58f152fa176314205fcbd7f6628cb3469c1c97e0eaa42ead697db5173b132d055b315fd6ecfccd497eb1fdb842d73037736510e4dcc7ea1a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/moment" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e85973b9b4cb646dc9d9afcd542025784863ceae68c601f268253dc985ef70bb2fa1568726afece715c8ebf5d73fab73ed1f7100eb479d23bfb57b45dd645394" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "version": "4.2.0", + "bom-ref": "mustache@4.2.0", + "author": "mustache.js Authors", + "description": "Logic-less {{mustache}} templates with JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mustache@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/janl/mustache.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/janl/mustache.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/janl/mustache.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef58a9a52cb0ab961beffb5563219b9018206d4f07deee51cf9e9f1fad2318582bf2e1f0c6cf9a48a7aa9a5b885733349b4901ef1423292eaa3df7746f6668a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "version": "5.4.1", + "bom-ref": "papaparse@5.4.1", + "author": "Matthew Holt", + "description": "Fast and powerful CSV parser for the browser that supports web workers and streaming large files. Converts CSV to JSON and JSON to CSV.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/papaparse@5.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/mholt/PapaParse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://papaparse.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mholt/PapaParse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e2a4cb2026466ef1baf6de95b5e6ebe8eac89beb09deff8c282d93e515fdeba43c8c7bdcb011752cb83efee8af4f464265553e758ffb023980ca1864b7649af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "version": "0.3.1", + "bom-ref": "revalidator@0.3.1", + "author": "Charlie Robbins", + "description": "A cross-browser / node.js validator powered by JSON Schema", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/revalidator@0.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/flatiron/revalidator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flatiron/revalidator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flatiron/revalidator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/revalidator/-/revalidator-0.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2babe370f95e690e9430184b8dda7d40809fb403c5aa8451cab792a09317c0a3050a80ed42595df6211dd3341e20f7f157de026df6a0493bc0d8970a279c1d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/revalidator" + } + ] + }, + { + "type": "library", + "name": "run-script-os", + "version": "1.1.6", + "bom-ref": "run-script-os@1.1.6", + "author": "Charlie Guse", + "description": "run-script-os is a tool that will let you use generic npm script commands that will pass through to os specific commands.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-script-os@1.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/charlesguse/run-script-os.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-script-os/-/run-script-os-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa5e8fd8bce10534c37f32adb3e428e07f785542a9c4a0c5cfa431c7069464dd26c2f8bb2f7969388ec1a8f0aaee58038775cb974769797c1f715222b65ad8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-script-os" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-7.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d0080560b1f6a7118681dc81c27482f53b48dd65614d995ee49f974e1b482e4ea6f0c71722428dd347a263d7c6342508153aed85bae0fcd8eff548107ec5db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.4.3", + "bom-ref": "tailwindcss@3.4.3", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bb31424fe7dfdec19b1e091db271fe248e3afe46f882377f59292e963641e52fe4370f75c4ec60b96eb197ead4db611d2d5cd5c668c859a691ec75af391ed0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "group": "@alloc", + "version": "5.2.0", + "bom-ref": "@alloc/quick-lru@5.2.0", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40alloc/quick-lru@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@alloc/quick-lru/-/quick-lru-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52b700041fb86d4ac5001c1b96e4c8044ad7c2f6ec53f57b4d959f99b8097db930881bb3892f60c5d383532ba279c7dd190f398e094c5ba8ee4b7fb3e53b0a2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@alloc/quick-lru" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "5.0.2", + "bom-ref": "arg@5.0.2", + "author": "Josh Junon", + "description": "Unopinionated, no-frills CLI argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@5.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d88f214e2ca43dcb9ec9bd0e902e8f1d02036ab3087c33544c25875076e4fac5b59280adfa3ff67fbfea7cf3ca4cebd8cc31f4bc5ddf05e88d6443f23d1d41a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "chokidar", + "version": "3.5.3", + "bom-ref": "chokidar@3.5.3", + "author": "Paul Miller", + "description": "Minimal and efficient cross-platform file watching library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chokidar@3.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/paulmillr/chokidar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/chokidar", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/chokidar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ebdec7ca44fea84dc8dfd8999498525f79532f5c175e83107489543979bd95d74b852540804bc381c9975503255bf315cdcf71a38d3823f642d6b194ea13a93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar" + } + ] + }, + { + "type": "library", + "name": "didyoumean", + "version": "1.2.2", + "bom-ref": "didyoumean@1.2.2", + "author": "Dave Porter", + "description": "Match human-quality input to potential matches by edit distance.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/didyoumean@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/dcporter/didyoumean.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/didyoumean/-/didyoumean-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "831b727ea320ec62b285099bd39e8aeccdf1b33cbf9b21fcc3e078453f905c142cbc039d7375f29aa0c33c7c750603e0b1d000e522227e89daf3d62d4404c3cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/didyoumean" + } + ] + }, + { + "type": "library", + "name": "dlv", + "version": "1.1.3", + "bom-ref": "dlv@1.1.3", + "author": "Jason Miller", + "description": "Safely get a dot-notated property within an object.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dlv@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/developit/dlv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/developit/dlv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/developit/dlv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dlv/-/dlv-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87972b728e53ca9c81bc5ee446f16be604ff31b3c3fbd72f9228a4ba6575a81202ee78fc6d0e8504887ed691d78f5ab439241a44e9aa15a9f65f2544248d7c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dlv" + } + ] + }, + { + "type": "library", + "name": "fast-glob", + "version": "3.3.2", + "bom-ref": "fast-glob@3.3.2", + "author": "Denis Malinochkin", + "description": "It's a very fast and efficient glob library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-glob@3.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/mrmlnc/fast-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a17dabb80150c1ffceae3f26ef7ed8e5a7710d03b42c007bfd2e4c9f109d4cd0dde29e81b32215b2ff4942c0136d34aaf0a1d1a4bc081db56550d6adc5dfb53b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob" + } + ] + }, + { + "type": "library", + "name": "fs.stat", + "group": "@nodelib", + "version": "2.0.5", + "bom-ref": "@nodelib/fs.stat@2.0.5", + "description": "Get the status of a file with some features", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.stat@2.0.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "46484f3e9db3aea0c0400ff68cd867ced70f025bfae17761229edaef8e78039a2f23b06e93182decc5fbb9dc00bb7ce0d437293d4d2bcf7555d5279aaaf638f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.stat" + } + ] + }, + { + "type": "library", + "name": "fs.walk", + "group": "@nodelib", + "version": "1.2.8", + "bom-ref": "@nodelib/fs.walk@1.2.8", + "description": "A library for efficiently walking a directory recursively", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.walk@1.2.8#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0607e53196059c810920c28f067041b07a6a1316ddc520ef5a6da6c199a1b05c8a01299f864f2d293f5f396de1a0ecb96287f3521d25765c0b35967ce7a1c4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.walk" + } + ] + }, + { + "type": "library", + "name": "is-glob", + "version": "4.0.3", + "bom-ref": "is-glob@4.0.3", + "author": "Jon Schlinkert", + "description": "Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-glob@4.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/is-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/is-glob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/is-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e9526b21c7dfa66013b6568658bba56df884d6cd97c3a3bf92959a4243e2105d0f7b61f137e4f6f61ab0b33e99758e6611648197f184b4a7af046be1e9524a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-glob" + } + ] + }, + { + "type": "library", + "name": "merge2", + "version": "1.4.1", + "bom-ref": "merge2@1.4.1", + "description": "Merge multiple streams into one stream in sequence or parallel.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge2@1.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/teambition/merge2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/teambition/merge2", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/teambition/merge2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2aed51203095b827cb5c7d53f2f20d3d35c43065d6f0144aa17bf5999282338e7ff74c60f0b4e098b571b10373bcb4fce97330820e0bfe3f63f9cb4d1924e3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge2" + } + ] + }, + { + "type": "library", + "name": "micromatch", + "version": "4.0.5", + "bom-ref": "micromatch@4.0.5", + "author": "Jon Schlinkert", + "description": "Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/micromatch@4.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/micromatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/micromatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/micromatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0cccbe1117045b6abc6763e8f96357bb0ddce586944858c03b91ac26a7c497b523bed22e14a3ba66b2af708b5dcbdf1dc05236375b60df334874a6904fe68d74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/micromatch" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "6.0.2", + "bom-ref": "glob-parent@6.0.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@6.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f1c08f043a1550816a7a8832feddbd2bf3a7f877a017eb3494e791df078c9d084b972d773915c61e3aefa79c67ed4b84c48eeff5d6bb782893d33206df9afe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "jiti", + "version": "1.21.0", + "bom-ref": "jiti@1.21.0", + "description": "Runtime typescript and ESM support for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jiti@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/unjs/jiti.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/unjs/jiti#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/unjs/jiti/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jiti/-/jiti-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "805a8021bb8acb2b28ff71b6aa188ed8e33ab2163a10f3ff474fa69036f2b29c4a6b387c0570c2e45885b148e573381d373fef7eb6b475adb2f9a1ebbac2c6fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jiti" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "2.1.0", + "bom-ref": "lilconfig@2.1.0", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad58eb7f187cee5319cb2b107a764f3546839ea0d78781bad78ae1a4e32c85e6a951cfe888556bb9e84d9fa861c5ad7cf440d5212c1ffc9caaaf447eba24a19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "braces", + "version": "3.0.2", + "bom-ref": "braces@3.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/braces@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/braces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/braces", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/braces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fcba6f8bd51cccdd60d2cef866ea0233d727d36c1b7a61395c10a02fb26a82659170e3acfadba9558fd8f5c843d6df71f91fe94142964c3f593c97eefc1dad0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/braces" + } + ] + }, + { + "type": "library", + "name": "picomatch", + "version": "2.3.1", + "bom-ref": "picomatch@2.3.1", + "author": "Jon Schlinkert", + "description": "Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/picomatch@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/picomatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/picomatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/picomatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "254ded7874cd8e6136542185cee63c117cc20d5c04a81d9af1fb08bf0692b4784058911e55dd68d500fcd0253af997445d748b6d2b2e2f0263902056a9141454" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picomatch" + } + ] + }, + { + "type": "library", + "name": "normalize-path", + "version": "3.0.0", + "bom-ref": "normalize-path@3.0.0", + "author": "Jon Schlinkert", + "description": "Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-path@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/normalize-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9e66ce4bb375ad0a2b075a9f52d86532f1daa4a468b80554b3dc66aa884e9ecee6f4e75d844b3b57530501e82e8829b4246363e76ff983e166288c24707302c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-path" + } + ] + }, + { + "type": "library", + "name": "object-hash", + "version": "3.0.0", + "bom-ref": "object-hash@3.0.0", + "author": "Scott Puleo", + "description": "Generate hashes from javascript objects in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-hash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/puleos/object-hash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/puleos/object-hash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/puleos/object-hash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4529fd17af0f8c7f47aad96db129ea602d575e859ef418eee7edb5dd1f7c70d1adb5a83dabdc80393cdd6ecaaf21aeda366e567df059169598af6696ae495603" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-hash" + } + ] + }, + { + "type": "library", + "name": "picocolors", + "version": "1.0.0", + "bom-ref": "picocolors@1.0.0", + "author": "Alexey Raspopov", + "description": "The tiniest and the fastest library for terminal output formatting with ANSI colors", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/picocolors@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexeyraspopov/picocolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5fca0ae84cb947bbaeb38b6e95a130eff324609b415c71e72cb2da3e321b19d03fc3196dac9bc13c0235bb354e5555346de46c5b799e6a06e26bf87c8b6248d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picocolors" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "15.1.0", + "bom-ref": "postcss-import@15.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@15.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-15.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "869afe274e41d855585005c778ad58c88dbaec9fdd0c384c53a07a722be6f21498d636099c15f1cca0ca0ecc33266b4b1ebcab8e19c38eaaa9ff8f6df0500b7b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-value-parser", + "version": "4.2.0", + "bom-ref": "postcss-value-parser@4.2.0", + "author": "Bogdan Chadkin", + "description": "Transforms css values and at-rule params into the tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-value-parser@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/postcss-value-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4d342b3abaeadf9156de5c6e12f09153f6dd7d9b8e480a789ff3358b779a0f499e74427c0c7caf87de3bf8d3c7788f0ffb06db6fe5ac52e48887a0b69534779" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-value-parser" + } + ] + }, + { + "type": "library", + "name": "postcss", + "version": "8.4.38", + "bom-ref": "postcss@8.4.38", + "author": "Andrey Sitnik", + "description": "Tool for transforming styles with JS plugins", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss@8.4.38", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://postcss.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a0969764d370527d7907a106b76ffa2e96ba2d024c2b94b0d148e6fd0f46cdf3a15d47213d969a52a77dda1cd3e005ad09282a01f9dac52d9910a1145869ee4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss" + } + ] + }, + { + "type": "library", + "name": "read-cache", + "version": "1.0.0", + "bom-ref": "read-cache@1.0.0", + "author": "Bogdan Chadkin", + "description": "Reads and caches the entire contents of a file until it is modified", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-cache@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/read-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/read-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/read-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-cache/-/read-cache-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b076ffc5b7b2233a09bf8b4c6f3436752eb4403517dec386f6a6b1773963102f12dfbb76d2f055610acad208c2b8951e7a63dc9af804e1a13a43093c429a944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-cache" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9d82c018f9f4e7befee423b69ac5bab058d6f4007881d2a04ef3d3d928f9284e618e81d6eb1c3283fb40765f8b937c9fc54f5474f6bf604ec8d48cd268b6ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "resolve", + "version": "1.22.8", + "bom-ref": "resolve@1.22.8", + "author": "James Halliday", + "description": "resolve like require.resolve() on behalf of files asynchronously and synchronously", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve@1.22.8", + "externalReferences": [ + { + "url": "git://github.com/browserify/resolve.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserify/resolve#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserify/resolve/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a59e3c2c6aa5de8594bbc6575554d31edb90f9a608da25c738cc7f835cce80e741c216ac017e70fb599f98ba9fe45f0f677d8b4b73a4a9c6e98935ebcc88cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve" + } + ] + }, + { + "type": "library", + "name": "postcss-js", + "version": "4.0.1", + "bom-ref": "postcss-js@4.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS for CSS-in-JS and styles in JS objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-js@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-js/-/postcss-js-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7432c5f2910ed7dd6124cb651c53d16bcc6c8b31da33cd8c2df364507754b55115ded813a79a23fbca9b12a60ce7b48b7dcef82926f0fffe1278999ad8b45523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-js" + } + ] + }, + { + "type": "library", + "name": "camelcase-css", + "version": "2.0.1", + "bom-ref": "camelcase-css@2.0.1", + "author": "Steven Vachon", + "description": "Convert a kebab-cased CSS property into a camelCased DOM property.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase-css@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/stevenvachon/camelcase-css.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40e4af7af86c9628e0630471e91bfbcca74c17c95b466c7eb901b1dbebc373e288fde067b32f648ade5a8f6dc0806bb7a5ae2df408306e75d6a92fa2398fb668" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase-css" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "4.0.2", + "bom-ref": "postcss-load-config@4.0.2", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2561c8918bd34c0c5683d4cc05409db1285b2a91c648efeb8b54978dbb48a9cfac436daba849c14a23ae8333d9507e43579d9a2e087eb00fa5a9a2e5556031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "10.9.2", + "bom-ref": "ts-node@10.9.2", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@10.9.2", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://typestrong.org/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f4145a4875c1e09fccdc3d26dfd5d45ebf0b74e3b60c9da889337bb6c3645ec2b07e7e86ffcde3d972b3b24282cc30eeda04875d2dc40810ae5d62390b9c6ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "2.4.3", + "bom-ref": "yaml@2.4.3", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b27b609b18fca3b0c4ee0fd08bad1caa92c10371c6dd24dc0c0d243be59f074e6310a85931b63bba6366dab06942fb26675ebf94f5c22465b6ebbd9d80e524ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.1", + "bom-ref": "postcss-nested@6.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "984a78c4f322e5b49688c6ec8283df70fef896c58b1e441b65cdec63e8d661deb9094c17ad4693a747e63696b4d597044ca94881474537f3294b6c59b6a2fd75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03445526b5fe21491565b5b70a5ae8456bab7ab70586279ebc7077f2caf6fa5f5e50294caa899edcb9849a7865372fb932bd8460de81d8a6b0f7061d77e5478b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-selector-parser" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd36ff25c8cad75d67352706a1be4c36db27b4d3356823540e2a41fd39306458720ebac4e3b48ec7fd7cc05d9b6e381cdd9cc248a5b54f99ede446c5a00cff56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cssesc" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f0f9ab5b97c85c49a42acb9c27359c79eade039ae83641a1c008888d93692080ed5089d5424331a802cc891736c5187c3d5d68afff2d3110f318886eb1ed73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/util-deprecate" + } + ] + }, + { + "type": "library", + "name": "nanoid", + "version": "3.3.7", + "bom-ref": "nanoid@3.3.7", + "author": "Andrey Sitnik", + "description": "A tiny (116 bytes), secure URL-friendly unique string ID generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nanoid@3.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/ai/nanoid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ai/nanoid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ai/nanoid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "792469a6370f21ab5120c0b553a52780ff1715ccfc31058641db75313050ecd6809af5c37ef3716ef595df1db2e8274451c8824ac0c70d065b858681f10128da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nanoid" + } + ] + }, + { + "type": "library", + "name": "source-map-js", + "version": "1.2.0", + "bom-ref": "source-map-js@1.2.0", + "author": "Valentin 7rulnik Semirulnik", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map-js@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/7rulnik/source-map-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad256f25bd20344d71298624686b0b0292c9e57fc4b2be617322196da801e5b9777cf2990277e7172551d30f0742af4233c29b529b4df9207424b54bb541432" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-js" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "847ac88ef66c7ed3acbca4a7d9345897adf3bf1b201342bed2660ca07ea00f8a264792160762b29e2bc141cce8dfec05d5c0a48f3be9b6723d434b0f53aea297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-core-module" + } + ] + }, + { + "type": "library", + "name": "path-parse", + "version": "1.0.7", + "bom-ref": "path-parse@1.0.7", + "author": "Javier Blanco", + "description": "Node.js path.parse() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-parse@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jbgutierrez/path-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c32733d510410f47ecb8f33f7703411dd325dbf29001c865a8fe4e5861d620a58dbfd84b0eb24b09aeaee5387c6bcab54e9f57a31baa00a7c6a1bce2100fcb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-parse" + } + ] + }, + { + "type": "library", + "name": "supports-preserve-symlinks-flag", + "version": "1.0.0", + "bom-ref": "supports-preserve-symlinks-flag@1.0.0", + "author": "Jordan Harband", + "description": "Determine if the current node version supports the `--preserve-symlinks` flag.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/node-supports-preserve-symlinks-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2dd169d74bd7e076480871e3dee911cd935580f3e9ae3dae9c4a3791dd5f0adbbabd041d6b4c4dd1d69ec7bf4cf567201cf2ce95beff0323259febcd4c02dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-preserve-symlinks-flag" + } + ] + }, + { + "type": "library", + "name": "sucrase", + "version": "3.35.0", + "bom-ref": "sucrase@3.35.0", + "author": "Alan Pierce", + "description": "Super-fast alternative to Babel for when you can target modern JS runtimes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sucrase@3.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/alangpierce/sucrase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alangpierce/sucrase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alangpierce/sucrase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sucrase/-/sucrase-3.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f046d50e2bbd88dfe7112c31792c4329ed1dba7b5ad463a51ee7e64925f1303db3dbfb4c6690cca6f5d01ac73e6a31a8f32dae6149a2c5a49151cfd03e843418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase" + } + ] + }, + { + "type": "library", + "name": "gen-mapping", + "group": "@jridgewell", + "version": "0.3.5", + "bom-ref": "@jridgewell/gen-mapping@0.3.5", + "author": "Justin Ridgewell", + "description": "Generate source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/gen-mapping@0.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/gen-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2332fc66810320145613394271184e682ba963237981d20af90e9f6c574f0e0e87a97ea3a6422d9fb0c52295bd2d0cd71ba0dff6c03bf8e2a7ab4aa5cff19a42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/gen-mapping" + } + ] + }, + { + "type": "library", + "name": "set-array", + "group": "@jridgewell", + "version": "1.2.1", + "bom-ref": "@jridgewell/set-array@1.2.1", + "author": "Justin Ridgewell", + "description": "Like a Set, but provides the index of the `key` in the backing array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/set-array@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/set-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/set-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/set-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47c80b45365eca9d37ca6ccfffa2e297fdbcb46786133871d6ada4ef4dca19644023555dbcf217746ef4549736a40330dcd03a24a2f986116ed6c257d0c9e7fc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/set-array" + } + ] + }, + { + "type": "library", + "name": "sourcemap-codec", + "group": "@jridgewell", + "version": "1.4.15", + "bom-ref": "@jridgewell/sourcemap-codec@1.4.15", + "author": "Rich Harris", + "description": "Encode/decode sourcemap mappings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/sourcemap-codec@1.4.15", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/sourcemap-codec.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "785dabc4246e9442971d34620eb0f2e9eacc616a8dc382cf750f14400e21baec5a42c55e44f165da833ca031b130584951665ff4c7292ed25ab030d96ff0697a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/sourcemap-codec" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.25", + "bom-ref": "@jridgewell/trace-mapping@0.3.25", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.25", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bcd93a684c326c6b5ac169b2fcfcf09c60ce8c290b5920f6c2abe3186020380c02196c926177d8a31b74d082644c5fbc2dbe7b0f039bdc06b4a3d080a5ea6261" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cc28352722d7ba6df6f99d6bfb57f71a235ebd38782fc236fb5785a4794bdb410763af9ad62aa1c588a59bfdf70ec01f82cc14fea9b5a3be3f8357046c92922" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8910cf24a50f544343edd1cf3bcae46ce9cfa720f281c0c5b568e9796342832f163f6ad77315cbf13b2445e425e8eac1d86efe509ada82cd6ad7916e75cec6eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cross-spawn" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "377c824bf35e82c381a2473c18074cf147267ec2a2492f1c8a985e0ff9e2bf3afbd341fe9ec30ec498d09efc0e711615b8591d1f4c0652f5b659b5c69ab6466d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jackspeak" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc8dc8da6d76a578e1bd0d0d3e0115d66414df9cfe16340ab3ba224aee5978e009b118abff2763384cf8f18d8df39c109fbc15c5cee726d6dc1dc85c9b16a10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width-cjs" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3128d8cdc58d380d1ec001e9cf4331a5816fc20eb28f2d4d1b7c6d7a8ab3eb8e150a8fd13e09ebd7f186b7e89cde2253cd0f04bb74dd335e126b09d5526184e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf29a6e7ebbeb02b125b20fda8d69e8d5dc316f84229c94a762cd868952e1c0f3744b8dbee74ae1a775d0871afd2193e298ec130096c59e2b851e83a115e9742" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23cf1361959cf578981d1438ff7739ae38df8248e12f25b696e18885e18445b350e8e63bc93c9b6a74a90d765af32ed550ff589837186be7b2ab871aee22ea58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eastasianwidth" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aae2505e54d25062f62c7f52517a3c570b18e2ca1a9e1828e8b3529bce04d4b05c13cb373b4c29762473c91f73fd9649325316bf7eea38e6fda5d26531410a15" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdb07dac22404f5adb8e25436f686a2851cd60bc60b64f0d511c59dc86700f717a36dc5b5d94029e74a2d4b931f880e885d3e5169db6db05402c885e64941212" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb55648dd0f44012cfa1d1ab2547aa6ab1fc54022f40e0c86f087d5e93f94b28ac7fb628420b0928f345a2aa8b425bbe550fed552b21311ea5a0f327f14f9d3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@pkgjs/parseargs" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2aa5a1f957217f170c3510098e3dad9ec48974d6c7b1582790185336b5bb023568e8ebcbb71c3ccdf4fda0bc35252a21945cc9f230a84e06a85ef27e907b7a7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.10.2", + "bom-ref": "path-scurry@1.10.2", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef14dabcdcb94505e7b2300dbd5bcc9048ef9683a29e4023bff67a225773f6fd918a767848129358539545b685f29d2fa479f28d5fd4c0d0dd2ae52fe8ce6a70" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry" + } + ] + }, + { + "type": "library", + "name": "lines-and-columns", + "version": "1.2.4", + "bom-ref": "lines-and-columns@1.2.4", + "author": "Brian Donovan", + "description": "Maps lines and columns to character offsets and back.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lines-and-columns@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/eventualbuddha/lines-and-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef297295eb1943f3d5dbd8e110397751f8e8e995fb802a89af917b3caaea73ddefedfcd2ca6b75069c0453c9c0517b3cab3cefaa16e384ae50660e8cb7f1e406" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lines-and-columns" + } + ] + }, + { + "type": "library", + "name": "mz", + "version": "2.7.0", + "bom-ref": "mz@2.7.0", + "author": "Jonathan Ong", + "description": "modernize node.js to current ECMAScript standards", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mz@2.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/normalize/mz.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/normalize/mz#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/normalize/mz/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfcd4634eee79d830486b1a1f4b7b29a8138f98af45a7e4c70721930ae5c7d00a5f8d0d7d3cb0266051cf7fe8c1e78bd216b852e6d59dc74c25eedb3f5f37ad9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mz" + } + ] + }, + { + "type": "library", + "name": "any-promise", + "version": "1.3.0", + "bom-ref": "any-promise@1.3.0", + "author": "Kevin Beaty", + "description": "Resolve any installed ES6 compatible promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/any-promise@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevinbeaty/any-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/kevinbeaty/any-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevinbeaty/any-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed4be629a95646dd708232f546b1b1a12256ff44191487a0a5e1af646f648e9f2fad1bb9e574c76f09eaab61a95e6f6e2db72e8719b722a5fd381e0c651d5bd8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/any-promise" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.1.1", + "bom-ref": "object-assign@4.1.1", + "author": "Sindre Sorhus", + "description": "ES2015 `Object.assign()` ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac98134279149c7d6c170f324fa552537cc3dec5a6bbab19848b1e63c557f8646edcfe85ec5bbe24d0e85df9251256cb2529dcdc55101d57b8714e618fe05c52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "thenify-all", + "version": "1.6.0", + "bom-ref": "thenify-all@1.6.0", + "author": "Jonathan Ong", + "description": "Promisifies all the selected functions in an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify-all@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify-all.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify-all#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify-all/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44dc501ffa88f3fb77b615c90f072cb543b8cdeaa8eb8f94cbffac355441c785e7d8e5fe399f683fe8899cd16aa6516b6b665455e28249ada85568b74f8b9598" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify-all" + } + ] + }, + { + "type": "library", + "name": "thenify", + "version": "3.3.1", + "bom-ref": "thenify@3.3.1", + "author": "Jonathan Ong", + "description": "Promisify a callback-based function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "455652215e481b5d079377a7a2dae1bf3d13f5e9ba7321c12e41ff60066e2aa77c85190a8527c218870fd8a518d043f19ddcc034198d965cd63f06a4f9b85e4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify" + } + ] + }, + { + "type": "library", + "name": "pirates", + "version": "4.0.6", + "bom-ref": "pirates@4.0.6", + "author": "Ari Porad", + "description": "Properly hijack require, i.e., properly define require hooks and customizations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pirates@4.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/danez/pirates.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/danez/pirates#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/danez/pirates/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1a2ec1fb59e6183e20f6e4b0ee2d1458fe2fba1da3d8afa1b539494ddfda2dce4493c4a9ee6d1f514f14b7fca939d2cd60d894e01705900d0ca9942e7f48766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pirates" + } + ] + }, + { + "type": "library", + "name": "ts-interface-checker", + "version": "0.1.13", + "bom-ref": "ts-interface-checker@0.1.13", + "author": "Dmitry S, Grist Labs", + "description": "Runtime library to validate data against TypeScript interfaces", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ts-interface-checker@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/gristlabs/ts-interface-checker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-interface-checker/-/ts-interface-checker-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63f6abbdb9feaebcf72422a5f42e2454d7d37d29b6fe6129e454b3e44b194803463d2950ae9448e4ce0f285fa6267139da338ef743e73d273752bddb4d0c3480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-interface-checker" + } + ] + }, + { + "type": "library", + "name": "tw-elements", + "version": "1.1.0", + "bom-ref": "tw-elements@1.1.0", + "author": "MDBootstrap", + "licenses": [ + { + "license": { + "name": "AGPL" + } + } + ], + "purl": "pkg:npm/tw-elements@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/Tailwind-Elements.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwind-elements.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/Tailwind-Elements/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tw-elements/-/tw-elements-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "214afd616da5f7da13559c6e563420eaba6e0a9a3a559a9b68a19899950d555b2849553f9633e9909018d8f9ff9a8ae55f028f84ff4c4cf3503255a8b2a1cbe3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@popperjs", + "version": "2.11.8", + "bom-ref": "@popperjs/core@2.11.8", + "author": "Federico Zivolo", + "description": "Tooltip and Popover Positioning Engine", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40popperjs/core@2.11.8", + "externalReferences": [ + { + "url": "git+https://github.com/popperjs/popper-core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/popperjs/popper-core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/popperjs/popper-core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f5b2dd1a92c0ab9fdb06661a7c18c63006742c6ef016b19017e38a1734dbcb1c6a8039ca15c668d98a886cb7043b4aa2a76d1e3b6a474d8beba57960fcfa0e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@popperjs/core" + } + ] + }, + { + "type": "library", + "name": "chart.js", + "version": "3.9.1", + "bom-ref": "chart.js@3.9.1", + "description": "Simple HTML5 charts using the canvas element.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chart.js@3.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/Chart.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.chartjs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/Chart.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chart.js/-/chart.js-3.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "468d896cb9af83cde05c5e45e2c9e2690fa54db4afd7c13e4c87f670e7a21f522a7763c614eb5e9be0d4b9f319b02270144ef2c0f3a97d7141c114c6abb761eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chart.js" + } + ] + }, + { + "type": "library", + "name": "chartjs-plugin-datalabels", + "version": "2.2.0", + "bom-ref": "chartjs-plugin-datalabels@2.2.0", + "description": "Chart.js plugin to display labels on data elements", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chartjs-plugin-datalabels@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/chartjs-plugin-datalabels.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://chartjs-plugin-datalabels.netlify.app", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/chartjs-plugin-datalabels/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chartjs-plugin-datalabels/-/chartjs-plugin-datalabels-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d78654df4947ee7f3da2af80e1b59a24f9c01bc6bb65393b74a7f8f1803332f26342d8eb820e43a64f5ff8b6e3085e9ba71dd10064de2f5dc85e929063246f97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chartjs-plugin-datalabels" + } + ] + }, + { + "type": "library", + "name": "deepmerge", + "version": "4.3.1", + "bom-ref": "deepmerge@4.3.1", + "description": "A library for deep (recursive) merging of Javascript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deepmerge@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/TehShrike/deepmerge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dec52a6cc11cefb5eaa5d34eec547246883e796de987e19809b8feacafae63244cbb0b15cb4acc895b4f9fe40994a16f58fff53d8a5aa6a627d0c7b6927167f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deepmerge" + } + ] + }, + { + "type": "library", + "name": "detect-autofill", + "version": "1.1.4", + "bom-ref": "detect-autofill@1.1.4", + "author": "Matteo Badini", + "description": "Small javascript library to detect and even prevent browsers autofill of form elements. Usefull for implementing floating labels or applying custom logics/styles.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-autofill@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/matteobad/detect-autofill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-autofill/-/detect-autofill-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad081430091fdb7929c00d09810bb0b8b53b9e0419180a5e964a97c652460a3bff8cccfc6a6068fa1b832f1f370a987d600932be56e9d7daf69a82f9115cfbc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-autofill" + } + ] + }, + { + "type": "library", + "name": "custom-event-polyfill", + "version": "1.0.7", + "bom-ref": "custom-event-polyfill@1.0.7", + "author": "Evan Krambuhl", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/custom-event-polyfill@1.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumarharsh/custom-event-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/custom-event-polyfill/-/custom-event-polyfill-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c30e47790e4699c5914cf29fb5237c8096f337ad2af5c1bace9621b8c898b08a731937ccff8862fb05394392b25c6139a05126f8cb054273765a52d3ad0bbeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/custom-event-polyfill" + } + ] + }, + { + "type": "library", + "name": "perfect-scrollbar", + "version": "1.5.5", + "bom-ref": "perfect-scrollbar@1.5.5", + "author": "Hyunje Jun", + "description": "Minimalistic but perfect custom scrollbar plugin", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/perfect-scrollbar@1.5.5", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/perfect-scrollbar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://perfectscrollbar.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/perfect-scrollbar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/perfect-scrollbar/-/perfect-scrollbar-1.5.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7736a57eeb723f77bf14ea5d96156bc8de002795c355ab955b1c9b4a42d999a905136b12df2de97382674a9af0f2d1a61ef91a1b911daf94fb2c14d9f96594da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/perfect-scrollbar" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74ecbedc0b96ddadb035b64722e319a537208c6b8b53fb812ffb9b71917d3976c3a3c7dfe0ef32569e417f479f4bcb84a18a39ab8171edd63d3a04065e002c40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "version": "5.1.1", + "bom-ref": "quick-lru@5.1.1", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/quick-lru@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5aec802d18d63c31adb7fc3326269d3b901763ef2167cd215697ba3328af82b691116ef9d57dd26e146f1b778b28e60dfbc544bea2dc7f7c1d9ede386784b848" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/quick-lru" + } + ] + }, + { + "type": "library", + "name": "validator", + "version": "13.12.0", + "bom-ref": "validator@13.12.0", + "author": "Chris O'Hara", + "description": "String validation and sanitization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/validator@13.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/validatorjs/validator.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/validatorjs/validator.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/validatorjs/validator.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73543498288f960753555548248ac1bb136271813eb7fee829e23d3162e3ddf87fbaad8fc61ff779e59b559e0e7065b54d47f9dc0b749e31f0e5231d037b6632" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validator" + } + ] + }, + { + "type": "library", + "name": "winston", + "version": "3.13.0", + "bom-ref": "winston@3.13.0", + "author": "Charlie Robbins", + "description": "A logger for just about everything.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston@3.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/winston.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af089d980d70dd21388f413932e22e7c587224f0431bb36eef5464668af5a76faa1ef25267d1980c0f3503295e41c65b87ff95e878de05d7e74d9266f6b49e41" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston" + } + ] + }, + { + "type": "library", + "name": "xml-formatter", + "version": "3.6.2", + "bom-ref": "xml-formatter@3.6.2", + "author": "Chris Bottin", + "description": "Converts a XML string into a human readable format (pretty print) while respecting the xml:space attribute", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-formatter@3.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-formatter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-formatter/-/xml-formatter-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a75a17af64d3b07df645521ce5d5631c85af2514b654809ecdcc5b39520e193850a8361786617cf527d233fdef9c4e7f6b0a4b93d46c1369ccfe6259851ce1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-formatter" + } + ] + }, + { + "type": "library", + "name": "xml-parser-xo", + "version": "4.1.1", + "bom-ref": "xml-parser-xo@4.1.1", + "author": "Chris Bottin", + "description": "Parse a XML string into a proprietary syntax tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-parser-xo@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-parser-xo/-/xml-parser-xo-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a07f6cbdd3e63a7bd20ae61a0fb9e99b547274dcf84349d8657449a0cdb8a1ceef64d17068d2c7dc1716928b85b53e5512488d6893e309d09097527f94e0897" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-parser-xo" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "version": "0.6.2", + "bom-ref": "xml2js@0.6.2", + "author": "Marek Kubica", + "description": "Simple XML to JavaScript object converter.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml2js@0.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/Leonidas-from-XIV/node-xml2js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f8ae2787682d445dc112d0ac718f825681a5101c393eab01dc60e0851df8b02b3eed3953cbabb1e3abd74cd5608c87296a3047cfee131c3880a1be8b6265e80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml2js" + } + ] + }, + { + "type": "library", + "name": "heimdall-lite", + "group": "@mitre", + "version": "2.10.9", + "bom-ref": "@mitre/heimdall-lite@2.10.9", + "description": "Heimdall-Lite 2 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load locally or from S3 and other data sources.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/heimdall-lite@2.10.9", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/heimdall-lite/-/heimdall-lite-2.10.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2461c6dd654cc64d0fe72259a9ce9c523f6cc15b5f4dab68a0b6408109cca569420a5f72a47f4d15c350a49f04c5300a91b4c4aa9d260f00155d13e8d4cec663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/heimdall-lite" + } + ] + }, + { + "type": "library", + "name": "express", + "version": "4.19.2", + "bom-ref": "express@4.19.2", + "author": "TJ Holowaychuk", + "description": "Fast, unopinionated, minimalist web framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/express@4.19.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/express.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://expressjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/express/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e53ea7863b13f8438ccee724f098c11c04531df321b743cece503ad16576a4c0f78325f0d8b66767eb9e19d3711bed1c6a538971629ba4572eccb67dd585aaf5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express" + } + ] + }, + { + "type": "library", + "name": "inspec-objects", + "group": "@mitre", + "version": "1.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1", + "author": "The MITRE Security Automation Framework", + "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/inspec-objects@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/ts-inspec-objects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/inspec-objects/-/inspec-objects-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a7136eb75cf5d4548971c289f5e7466f82a8cf013f3f797022b0b49b04307009b52f45647794525979c232788ae0db3f437334472066b39cea8733e4fcd8038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects" + } + ] + }, + { + "type": "library", + "name": "flat", + "group": "@types", + "version": "5.0.5", + "bom-ref": "@types/flat@5.0.5", + "description": "TypeScript definitions for flat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/flat@5.0.5#types/flat", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/flat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/flat/-/flat-5.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cf2e58d940a4a769ce77283503ceecdd45f188d130dbe6a3eb6fe4ab43237732d750ace9c6b0a9e21cdd62619b0910121542f7bde18ea0373db6b2021266af9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "group": "@types", + "version": "1.2.3", + "bom-ref": "@types/he@1.2.3", + "description": "TypeScript definitions for he", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/he@1.2.3#types/he", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/he", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/he/-/he-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abaeffab09716e50f3103bf31e1564c1cd60cd55b168dc5ec87501178c4496bbe32f5d4ef98b737bed5f1a904796bfc7f66ca20546945cd9cd3e6047c717c070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/he" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "group": "@types", + "version": "0.7.0", + "bom-ref": "@types/json-diff@0.7.0", + "description": "TypeScript definitions for json-diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-diff@0.7.0#types/json-diff", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-diff/-/json-diff-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db4209aaea461f2c2d21a13a7d2df48b2821ddd56a55dce6b27ad89ff545b916902b12f1fd1187e4af618427dcb55c6037b2b32659c3ee060500eacdc220a0b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-diff" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/jstoxml@2.0.4", + "description": "TypeScript definitions for jstoxml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jstoxml@2.0.4#types/jstoxml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jstoxml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jstoxml/-/jstoxml-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c750ca76b7c09f254b0ab7caa396ca595a59157af785836785fe4455f022a2350f8577798991f7b12035ed6449c6ff868965109534d9f8eb335d75254850dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jstoxml" + } + ] + }, + { + "type": "library", + "name": "lodash", + "group": "@types", + "version": "4.17.4", + "bom-ref": "@types/lodash@4.17.4", + "description": "TypeScript definitions for lodash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/lodash@4.17.4#types/lodash", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/lodash", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/lodash/-/lodash-4.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1808fdba64bc5a4f7477f6488ddbe1dc278913777535c1a23f718ee2bd662a14fea95b764da6f8ba59de8f1d9c7b4ffb7ccf4be5917320dd060b6bb0d9fc825" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/lodash" + } + ] + }, + { + "type": "library", + "name": "pretty", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/pretty@2.0.3", + "description": "TypeScript definitions for pretty", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pretty@2.0.3#types/pretty", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pretty", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pretty/-/pretty-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c51f7aa5284d96bc4b777819ab30a76da0266d88624588d6e750831637a4b597a6aa9059040024330c66e2006b6893ffc5280a72c4212d77655cec03356a3855" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pretty" + } + ] + }, + { + "type": "library", + "name": "flat", + "version": "5.0.2", + "bom-ref": "flat@5.0.2", + "author": "Hugh Kennedy", + "description": "Take a nested Javascript object and flatten it, or unflatten an object with delimited keys", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/flat@5.0.2", + "externalReferences": [ + { + "url": "git://github.com/hughsk/flat.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hughsk/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hughsk/flat/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fab2e103fb9ff7ad3a5405d1b582ea4897c30f14200c034417c269632e1bc250a714bdd138816932f73a6e1827171ceb33e09f703c6356aba38aa66233cf785" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "version": "1.2.0", + "bom-ref": "he@1.2.0", + "author": "Mathias Bynens", + "description": "A robust HTML entities encoder/decoder with full Unicode support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/he@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/he.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/he/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17fd439d418fa29391662d278be0afac28074391721001d12d2029b9858c9ab6d2c28376327ffb93e1a5dfc8099d1ef2c83664e962d7c221a877524e58d0ca1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/he" + } + ] + }, + { + "type": "library", + "name": "domelementtype", + "version": "2.3.0", + "bom-ref": "domelementtype@2.3.0", + "author": "Felix Boehm", + "description": "all the types of nodes in htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domelementtype@2.3.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domelementtype.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domelementtype#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domelementtype/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38b113063eb0d0eb1a801c1d5e73dd37472731f17da2937af5ca3eed9adb7cf1ab7693d5341523d36b298ba07537bc0284b4223e7e02487ff326f5f0e7a8261f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domelementtype" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "4.1.2", + "bom-ref": "chalk@4.1.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a9db845c91217a54b9ecfc881326c846b89db8f820e432ba173fc32f6463bfd654f73020ef5503aebc3eef1190eefed06efa48b44e7b2c3d0a9434eb58b898" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "3.0.0", + "bom-ref": "slash@3.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83d43585a79bcb7e8e492b706f89ed08618668ab1a5528d0ebc7c1c6841cbad9797d2d6fb98d7c1f7c12b778c5c85b6b931f8acf45751bce40e0cc80743322d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slash" + } + ] + }, + { + "type": "library", + "name": "v8-coverage", + "group": "@bcoe", + "version": "0.2.3", + "bom-ref": "@bcoe/v8-coverage@0.2.3", + "author": "Charles Samborski", + "description": "Helper functions for V8 coverage files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40bcoe/v8-coverage@0.2.3", + "externalReferences": [ + { + "url": "git://github.com/demurgos/v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://demurgos.github.io/v8-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/demurgos/v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21610f120780dbe73bd90786b174c1c6c046908e467316342237d2d562f2050769d25075bdb58a715ab88fad60c0488c626976b1f3744470bc6e49d9c63d9b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@bcoe/v8-coverage" + } + ] + }, + { + "type": "library", + "name": "collect-v8-coverage", + "version": "1.0.2", + "bom-ref": "collect-v8-coverage@1.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/collect-v8-coverage@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/SimenB/collect-v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "947978779fce3446cb949bda24db6c17f2f3f96bc1d3bbb6c9ca9361b76babb532a435da8a5112e2f6a561bd9e5a2245c599559a919e91faa8c50873c85753e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/collect-v8-coverage" + } + ] + }, + { + "type": "library", + "name": "exit", + "version": "0.1.2", + "bom-ref": "exit@0.1.2", + "author": "\"Cowboy\" Ben Alman", + "description": "A replacement for process.exit that ensures stdio are fully drained before exiting.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://github.com/cowboy/node-exit/blob/master/LICENSE-MIT" + } + } + ], + "purl": "pkg:npm/exit@0.1.2", + "externalReferences": [ + { + "url": "git://github.com/cowboy/node-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cowboy/node-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cowboy/node-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "664fde34a576cdb8e92b3aec43e9f51baa6855b12b4312742c13895da299d445622f31fe86b2eef5c757238cf0f5d05026c970044a5b4363f5a12ee70f1b3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exit" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "7.2.3", + "bom-ref": "glob@7.2.3", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@7.2.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c5474ccba54d9809a471c28089bcbe94bc21f6245c85548bf04cbb087f6d40b8794cb240358614dd93e2e5609b4e958b7dbfa76fb330f604646a04bfa240af5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45b279fe398570d342703579a3d7939c12c9fc7b33595d0fef76dcf857f89d2feb263f98692e881b288e2f45680585fe9755ab97793ade1fcaac7fa7849d17bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "version": "3.2.2", + "bom-ref": "istanbul-lib-coverage@3.2.2", + "author": "Krishnan Anantheswaran", + "description": "Data library for istanbul coverage objects", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-coverage@3.2.2#packages/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc769b05fabd1657ff0c35129f9e6aed09686e2a3c6bab6c3e8e9cc12f95192938b62de5569d63a6591c4595eb0938d99cfb02c01af29064439a9e4a342c54e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/core@7.24.4", + "author": "The Babel Team", + "description": "Babel compiler core.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/core@7.24.4#packages/babel-core", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20core%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3015653173fe924979dfde1104b4b1c64fe22d37951ae5d35777080d76af3e930caa74a7b7a6a92a06a7fd4f0edd44966425994ff4db81f12929ae2e3203780e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/parser@7.24.4", + "author": "The Babel Team", + "description": "A JavaScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/parser@7.24.4#packages/babel-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd3bc405c82199e0666bd4081ae9d67afbc1029e3f42ef4176afb69343ade1f54c0fabf776c0bd58e71148a93bb5147204cff9df228c264a3dc4e6ad1900304a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/parser" + } + ] + }, + { + "type": "library", + "name": "schema", + "group": "@istanbuljs", + "version": "0.1.3", + "bom-ref": "@istanbuljs/schema@0.1.3", + "author": "Corey Farrell", + "description": "Schemas describing various structures used by nyc and istanbuljs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/schema@0.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "657458e2336f56049543c0cbdcb4dc6a4680b57c13554c44f3586c96cc83d80b685d6ff05686f5d0790e2755ffa4095c23b0fed98a192a0e5da3c1bfc3a45880" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/schema" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "version": "3.0.1", + "bom-ref": "istanbul-lib-report@3.0.1", + "author": "Krishnan Anantheswaran", + "description": "Base reporting library for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-report@3.0.1#packages/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1827c4d66b6c1c63842c253c7bf67b616ce99b26ebc7ff9d4937cbaef63ca9199a63acd74ca5a7e964088da005c34ebd89c9ba19530d920bb437323888f65437" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-source-maps", + "version": "4.0.1", + "bom-ref": "istanbul-lib-source-maps@4.0.1", + "author": "Krishnan Anantheswaran", + "description": "Source maps support for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-source-maps@4.0.1#packages/istanbul-lib-source-maps", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-source-maps", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f7b3c13091d1482421b704f28162fb248171a8cbcf00473bde8248ad93ad0dc5177096d2ce4da1fb09488c457bf0628ae5d10ef5da212371607e7cafccad657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-source-maps" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "version": "3.1.7", + "bom-ref": "istanbul-reports@3.1.7", + "author": "Krishnan Anantheswaran", + "description": "istanbul reports", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-reports@3.1.7#packages/istanbul-reports", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05ec265172267ae464d986343d56f180a032b2f8513d4404d21e5044cfbe9d55b2b9b28657497ca90e68a7cf81d833a6c127badc98af8f406390f4157fc7cfe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "merge-stream", + "version": "2.0.0", + "bom-ref": "merge-stream@2.0.0", + "author": "Stephen Sugden", + "description": "Create a stream that emits events from multiple other streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-stream@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/grncdr/merge-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/grncdr/merge-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/grncdr/merge-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69bbffa8e72e3df9375113df0f39995352ca9aec3c913fb49c81ef2ab2a016bc227e897f76859c740e19aac590f0436b14a91debb31fa68fcba2f6c852c6eddf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-stream" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "8.1.1", + "bom-ref": "supports-color@8.1.1", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@8.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3295043763a876d533c6f29097bd9c505ed14391221ec1af4ac546d226bd73945b5862f6088e02ec4a4f4bc513048a659e5cd988db95e7ac3e16e371cb7b72d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "string-length", + "version": "4.0.2", + "bom-ref": "string-length@4.0.2", + "author": "Sindre Sorhus", + "description": "Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-length@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa5eab34de5f607361659cb8d515ec629b428c0d88826ab8106ee4640605408d44d554d76abafa64f5c183a7aaed8e9e2b8144858e80265cae1486ffbff4b455" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-length" + } + ] + }, + { + "type": "library", + "name": "terminal-link", + "version": "2.1.1", + "bom-ref": "terminal-link@2.1.1", + "author": "Sindre Sorhus", + "description": "Create clickable links in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/terminal-link@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/terminal-link.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d059a245440daf93c9ab2f643fb738d05e4139fa469584ebc689c30a111907ba7367144da7f6edfb29a2cbdfe7a705f26bd287f7d9c9fc65c522252460615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/terminal-link" + } + ] + }, + { + "type": "library", + "name": "ansi-escapes", + "version": "4.3.2", + "bom-ref": "ansi-escapes@4.3.2", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for manipulating the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-escapes@4.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ansi-escapes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80a5e3e402eb29640bb181bd8e54d1991ff12a5bb11d5f99f501303488027ccd7fbb03cc0aecd55678799b04ddf8eb8165cc1220c6eab2c356466d65139d5069" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-escapes" + } + ] + }, + { + "type": "library", + "name": "supports-hyperlinks", + "version": "2.3.0", + "bom-ref": "supports-hyperlinks@2.3.0", + "author": "James Talmage", + "description": "Detect if your terminal emulator supports hyperlinks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-hyperlinks@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/supports-hyperlinks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "469b00665a56703c0e3d0036d9a087e09d2decbf09980bec0b17ce484c26edc42cdcbb21377e9069393077bd039c13970d61acb30d9e52873c09a4564f45ee9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks" + } + ] + }, + { + "type": "library", + "name": "v8-to-istanbul", + "version": "9.2.0", + "bom-ref": "v8-to-istanbul@9.2.0", + "author": "Ben Coe", + "description": "convert from v8 coverage format to istanbul's format", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/v8-to-istanbul@9.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/v8-to-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fc41ffb03831536786c5a8ca7702c20e6438156abe9298b7b829811a9c35c49b67031123943f23f0f122196a4220c22cddc88d0201f47774d3262524633c998c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-to-istanbul" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "group": "@types", + "version": "2.0.6", + "bom-ref": "@types/istanbul-lib-coverage@2.0.6", + "description": "TypeScript definitions for istanbul-lib-coverage", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6#types/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9017fb7f6ae5a6d25b32f17b4a54f1b5f6fdec48e42525efd81d981f8dbfca0411ce19257e276abf4baef5adcabdb9306b2c05e6669a8989a41b313fb3354d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-istanbul", + "version": "6.1.1", + "bom-ref": "babel-plugin-istanbul@6.1.1", + "author": "Thai Pangsakulyanont @dtinth", + "description": "A babel plugin that adds istanbul instrumentation to ES6 code", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/babel-plugin-istanbul@6.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/babel-plugin-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635210a24f7cdb5702f689c2c79a2d8057d19bb2e6f88fb0c313b1ef7f0cfd62cf67d438da6e081b95b414d5fc58b2f6818319a37264b97207d833a958cfaac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul" + } + ] + }, + { + "type": "library", + "name": "fast-json-stable-stringify", + "version": "2.1.0", + "bom-ref": "fast-json-stable-stringify@2.1.0", + "author": "James Halliday", + "description": "deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-json-stable-stringify@2.1.0", + "externalReferences": [ + { + "url": "git://github.com/epoberezkin/fast-json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96177fc05f8b93df076684c2b6556b687b5f8795d88a32236a55dc93bb1a52db9a9d20f22ccc671e149710326a1f10fb9ac47c0f4b829aa964c23095f31bf01f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-json-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "4.0.2", + "bom-ref": "write-file-atomic@4.0.2", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecac5ab947419927569e6a5a18583ea69363285f2e34baf2f0bcb38dab900ce54e35f14b34aacabd03b167f56e4c8712fe081efd835a85fe512084164d26ab96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/write-file-atomic" + } + ] + }, + { + "type": "library", + "name": "execa", + "version": "5.1.1", + "bom-ref": "execa@5.1.1", + "author": "Sindre Sorhus", + "description": "Process execution for humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/execa@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/execa.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/execa#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/execa/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e4a9659a1c01944100f20420d263dcba3d1f21a2b6595ccdcdbb121e586288e3305327f321cc0cc6941c4d89a9fab4e43ff0b9cc08e091944725edd6f721ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/execa" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "3.1.0", + "bom-ref": "p-limit@3.1.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d839a9ccdf01b0346b193767154d83c0af0e39e319d78f9aa6585d5b12801ce3e714fe897b19587ba1d7af8e9d4534776e1dcdca64c70576ec54e5773ab8945" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "co", + "version": "4.6.0", + "bom-ref": "co@4.6.0", + "description": "generator async control flow goodness", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/co@4.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/tj/co.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/co#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/co/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4156f474ce47bc6fae6b18ad9bcc0e365ee396dc7c76a85f537dc372ab4e65c2d25482920c32c38bbfb42db00a8b223c843f6ee369b66315d290c1964e169e71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/co" + } + ] + }, + { + "type": "library", + "name": "is-generator-fn", + "version": "2.1.0", + "bom-ref": "is-generator-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if something is a generator function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-generator-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-generator-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "713201e323d82ff1abc3411a4b3012ce0e9b072f60a82a1fbd637ca244e1018231289642fae7654409866ccd172de9e21094acf2e1201cf1ae1d27b55ec38b49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-generator-fn" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "version": "2.0.6", + "bom-ref": "stack-utils@2.0.6", + "author": "James Talmage", + "description": "Captures and cleans stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-utils@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/stack-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/stack-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/stack-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5916bdf226e919ac5ad349c7ebaab4a2d2f1ea856f1520d19ccb5ea63471a132f65ee1aee5fc2298839e3b0b6afa0182a08247bd53a963bc31a5d885e27745" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "5.2.0", + "bom-ref": "parse-json@5.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b208abe6fe98421b13a461148233cda20f072df3f1289d2120092c56c43eef7ba8c7820b059787d955004f44d810a0a8ae57fa1d845ac6cd05d9c1b89f0bc46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "strip-json-comments", + "version": "3.1.1", + "bom-ref": "strip-json-comments@3.1.1", + "author": "Sindre Sorhus", + "description": "Strip comments from JSON. Lets you use comments in your JSON files!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-json-comments@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-json-comments.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9f3dcf91e22870a8fe8dfda22fd9fd60307f25395b56407a2a0b8c8aea8483555a1cba602c7c2aa39179ea89832198cc12fe61072e9ed57a196ddea97a9448a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-json-comments" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "group": "@types", + "version": "4.1.9", + "bom-ref": "@types/graceful-fs@4.1.9", + "description": "TypeScript definitions for graceful-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/graceful-fs@4.1.9#types/graceful-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/graceful-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/graceful-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a253f7b1dd6a3847b97574d2685bd01bed3655d45771dcad58b019b00ab53de714f2ea9002192b9db962ec36a08ed5ca5bf065ed825b52c6bc30f72e73c2c711" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "anymatch", + "version": "3.1.3", + "bom-ref": "anymatch@3.1.3", + "author": "Elan Shanker", + "description": "Matches strings against configurable strings, globs, regular expressions, and/or functions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/anymatch@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/anymatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/anymatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/anymatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28c45e154af4078b7e0fe381923477298aafa1ca765da4b33b9e54701ea681031ddca6dc13e9964f2bd557b0ffcec7446cd9d5e9a71952eb64887417bd3af547" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/anymatch" + } + ] + }, + { + "type": "library", + "name": "fb-watchman", + "version": "2.0.2", + "bom-ref": "fb-watchman@2.0.2", + "author": "Wez Furlong", + "description": "Bindings for the Watchman file watching service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/fb-watchman@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79d7ad41a9bb826929c1f2321bcd01ce96982c3e62b9ac95437c328ef75031b39342d6ebb71d1426eb0b7d71df7ff86b504083b9dc97465d7a320e94c0b2060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fb-watchman" + } + ] + }, + { + "type": "library", + "name": "fsevents", + "version": "2.3.3", + "bom-ref": "fsevents@2.3.3", + "description": "Native Access to MacOS FSEvents", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fsevents@2.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/fsevents/fsevents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fsevents/fsevents", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fsevents/fsevents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e71a037d7f9f2fb7da0139da82658fa5b16dc21fd1efb5a630caaa1c64bae42defbc1d181eb805f81d58999df8e35b4c8f99fade4d36d765cda09c339617df43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fsevents" + } + ] + }, + { + "type": "library", + "name": "walker", + "version": "1.0.8", + "bom-ref": "walker@1.0.8", + "author": "Naitik Shah", + "description": "A simple directory tree walker.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/walker@1.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-walker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6cffc13c9796fb918d2f9562dec0e9035cc98f74b7155781a63902f2c6e4acc0826cc1e78566d02c305ee4d4db33cfe4d8050ae56119b33a7af7f7ccb525e99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/walker" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/code-frame@7.24.2", + "author": "The Babel Team", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.24.2#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-code-frame", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb9fad2d0c95f298377ec8a59faec154b0f53f5dc4838961e515bd985d3352ebcbaeff6e210e0c08bf82453f854ec0650637086a7e8f1ac2dc04dd26dc2954c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/code-frame" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/stack-utils@2.0.3", + "description": "TypeScript definitions for stack-utils", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/stack-utils@2.0.3#types/stack-utils", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/stack-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/stack-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5a11b619dd36d83339cf75c76bdd2988acb5f00bf00a65741e09ff4f81aa3908a6fc0b21ee117e63cd63d392fade82f85124772944ee81168196f7271a3a463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/stack-utils" + } + ] + }, + { + "type": "library", + "name": "jest-pnp-resolver", + "version": "1.2.3", + "bom-ref": "jest-pnp-resolver@1.2.3", + "description": "plug'n'play resolver for Webpack", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-pnp-resolver@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/arcanis/jest-pnp-resolver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb7369c10127468201b71e1fca16e54033e0248d07d48108917ed284b5233c603b4ed513bc8d6888a8b7491e28051d21421411f349785807b946b5c1c16300f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-pnp-resolver" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "3.1.0", + "bom-ref": "detect-newline@3.1.0", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cbcfec7fbc45e6fd8ecfef09f510914d2f1629503e1380ca2cc58e9f0152549c931bba91c13a7731c96506f4ea53687f44043eee148e4b7c482630e739e03b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-newline" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "version": "0.5.13", + "bom-ref": "source-map-support@0.5.13", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/source-map-support@0.5.13", + "externalReferences": [ + { + "url": "git+https://github.com/evanw/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "48748a14769d8d5039a11e0f3ea86d01575c056c1161577a83a7005e721b4622307361213eb4ee29405d48bbe510ac883f71827fcf5f96dbdc6623fd30c140d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-support" + } + ] + }, + { + "type": "library", + "name": "type-detect", + "version": "4.0.8", + "bom-ref": "type-detect@4.0.8", + "author": "Jake Luer", + "description": "Improved typeof detection for node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-detect@4.0.8", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/type-detect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/type-detect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/type-detect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1faff9881f57653bec7b4e570ccbe6c80ea28fb30ffbd2d5727875bbf3b828423866a9a65ed74bb02ee8ee6caf6af4b83a162868d4a50a0d8cf467b93b839fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-detect" + } + ] + }, + { + "type": "library", + "name": "callsites", + "version": "3.1.0", + "bom-ref": "callsites@3.1.0", + "author": "Sindre Sorhus", + "description": "Get callsites from the V8 stack trace API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/callsites@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/callsites.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/callsites#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/callsites/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fc06302c5ef652f95203508d7584709012fef8613ebb6148b924914d588a8bdb7e6c0668d7e3eab1f4cbaf96ce62bf234435cb71e3ac502d0dda4ee13bb2c69" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/callsites" + } + ] + }, + { + "type": "library", + "name": "cjs-module-lexer", + "version": "1.2.3", + "bom-ref": "cjs-module-lexer@1.2.3", + "author": "Guy Bedford", + "description": "Lexes CommonJS modules, returning their named exports metadata", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cjs-module-lexer@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/cjs-module-lexer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d133621acb5b426085c2de1a9238c1839a4b4534b28ff3e4590d59a0edb39ed9a0f722ea491c7011ae2209f40b1a3aa18aa05f3896bb5bf13cc1f1ab4c39a565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cjs-module-lexer" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "4.0.0", + "bom-ref": "strip-bom@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df1bab16fe6d1208a2df7662f09b69e79c042082d1f5e877e05016d343d97fe2674ac4e657f8a87b04a0425f7b247be08e8446c0f4a1b169be21daf1077e5dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "generator", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/generator@7.24.4", + "author": "The Babel Team", + "description": "Turns an AST into code.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/generator@7.24.4#packages/babel-generator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ddebebfa4a78d6571fe7bacfb2d25d6cc4c39338c064c8be3e04875b00bc9ab509c07bf49156300d7833d2098697fa2d62266b8648a7f767e13e57fbdad47bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-typescript", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-typescript@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of TypeScript syntax", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-typescript@7.24.1#packages/babel-plugin-syntax-typescript", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-typescript", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6219e6bf2e476449c752dcba8befa071f1f5fe5ebc0079c8b451e7682bfa867f5d361d2142fbd026cc698b804c0453790cb78706eb9c4ffd038335e27ff3b247" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-typescript" + } + ] + }, + { + "type": "library", + "name": "traverse", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/traverse@7.24.1", + "author": "The Babel Team", + "description": "The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/traverse@7.24.1#packages/babel-traverse", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20traverse%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6e53aa3d9baf0a7aa65b42e0edd9370a4b1530fe6aecbdabe512a43595e67f07e0bdb64e84e2c456cbded669782fab913e9d4ddc5ccc6fdd628e09a9d530299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/types@7.24.0", + "author": "The Babel Team", + "description": "Babel Types is a Lodash-esque utility library for AST nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/types@7.24.0#packages/babel-types", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20types%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa3edae5cdb9dd17ca87c880041872c1cf0d49f3f92d445eed4878aa9b21ea373e68b260baf98850176349d10c42fd9b10dac247931f45d8c6a3bbf34bfa1bef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/types" + } + ] + }, + { + "type": "library", + "name": "babel__traverse", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__traverse@7.20.5", + "description": "TypeScript definitions for @babel/traverse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__traverse@7.20.5#types/babel__traverse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5970b239c46d1f7ec70149295e151db9ac5d9bcd9be064a5c93a9a8d7be237811f8ae3e0358475d3dc4c08abe997accf229b9ad031a53040c2abe83c11da2179" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__traverse" + } + ] + }, + { + "type": "library", + "name": "prettier", + "group": "@types", + "version": "2.7.3", + "bom-ref": "@types/prettier@2.7.3", + "description": "TypeScript definitions for prettier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prettier@2.7.3#types/prettier", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prettier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prettier", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbaf243fdcb3b382cca7b54d87c81dccc48f6452f8e0c2c6aa21d6bedb5825efbaaa7b95af8124f70481428bdea98febf8bc2309c536f643559227708a6fa460" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prettier" + } + ] + }, + { + "type": "library", + "name": "babel-preset-current-node-syntax", + "version": "1.0.1", + "bom-ref": "babel-preset-current-node-syntax@1.0.1", + "author": "Nicolò Ribaudo", + "description": "A Babel preset that enables parsing of proposals supported by the current Node.js version.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-current-node-syntax@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "33b2d0d1bc5aae4c50a0dfafcf96893ec2c19fbee7f10813166a3c58ad3fe386ae2b6c65097ad8714c47171814eea5b9633c3f0a398b44adae27368277b2efa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-current-node-syntax" + } + ] + }, + { + "type": "library", + "name": "natural-compare", + "version": "1.4.0", + "bom-ref": "natural-compare@1.4.0", + "author": "Lauri Rooden", + "description": "Compare strings containing a mix of letters and numbers in the way a human being would in sort order.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-compare@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/litejs/natural-compare-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "396343f1e8b756d342f61ed5eb4a9f7f7495a1b1ebf7de824f0831b9b832418129836f7487d2746eec8408d3497b19059b9b0e6a38791b5d7a45803573c64c4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-compare" + } + ] + }, + { + "type": "library", + "name": "leven", + "version": "3.1.0", + "bom-ref": "leven@3.1.0", + "author": "Sindre Sorhus", + "description": "Measure the difference between two strings using the fastest JS implementation of the Levenshtein distance algorithm", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/leven@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/leven.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/leven#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/leven/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aac75af87f234da51a37fc79bf35b6af373ef11c384c043fe0a8c1e3a2302b9547f8895579e7a37bf128651a625ef22a8c580af3841f7ea3f3b462375412c6d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/leven" + } + ] + }, + { + "type": "library", + "name": "react-is", + "version": "18.2.0", + "bom-ref": "react-is@18.2.0", + "description": "Brand checking of React Elements.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/react-is@18.2.0#packages/react-is", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/react.git#packages/react-is", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://reactjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/react/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c56183216eb1f76d71b733e486250bb6d8491e826f05b177ab6e9fce5a0f08ad21b2fc6d3d57a5bdfb70df38db1d64a4476926f59fb8bb16c30caffa670f41f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/react-is" + } + ] + }, + { + "type": "library", + "name": "rimraf", + "version": "3.0.2", + "bom-ref": "rimraf@3.0.2", + "author": "Isaac Z. Schlueter", + "description": "A deep deletion module for node (like `rm -rf`)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/rimraf@3.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/rimraf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/rimraf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/rimraf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "25990931990018514f3f662a5d95cf6cc94c060b31cc4f082ece253085ffda8d0bf54070f4efd8de8eb0170fe2f582daa5c5095b0a9b8b791dc483dd0bad9320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rimraf" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "group": "@types", + "version": "3.0.4", + "bom-ref": "@types/istanbul-reports@3.0.4", + "description": "TypeScript definitions for istanbul-reports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-reports@3.0.4#types/istanbul-reports", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-reports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a64d81d4d59a945f6da0246eea08c1cd1ebdb321633f839df164405fed2699ff6502309189c2ce59cf99af1647c7fd17463a2d82417db7a89a309f9a5dc39d65" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "yargs", + "group": "@types", + "version": "17.0.32", + "bom-ref": "@types/yargs@17.0.32", + "description": "TypeScript definitions for yargs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs@17.0.32#types/yargs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.32.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c50ebb61cfe568e1b9b8c7d7ff4f77311946182201cd931aad56be81f34a271580220ca462954690175ba84cc60c37c2ad5523e8789f7f8993679040e93980a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs" + } + ] + }, + { + "type": "library", + "name": "import-local", + "version": "3.1.0", + "bom-ref": "import-local@3.1.0", + "author": "Sindre Sorhus", + "description": "Let a globally installed package use a locally installed version of itself if available", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-local@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-local.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-local#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-local/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012074eee2ed9c3b35a3a1078caa57df804a6034aa9c57ab7d33892f61ef32a17bd0b9f1a639330c1f09e38a13f69bb800c3e44307fc8e5eacce0bcd776b5122" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-local" + } + ] + }, + { + "type": "library", + "name": "prompts", + "version": "2.4.2", + "bom-ref": "prompts@2.4.2", + "author": "Terkel Gjervig", + "description": "Lightweight, beautiful and user-friendly prompts", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompts@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/prompts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/prompts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/prompts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37136ffe42e0b8203ba778c4f282f668406cac95a001a901a609a02ba9693d657e5ae3a663aaf6ff36c05673fe4fc6d0940d27cc75d2252256d07abbca5683d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompts" + } + ] + }, + { + "type": "library", + "name": "kleur", + "version": "3.0.3", + "bom-ref": "kleur@3.0.3", + "author": "Luke Edwards", + "description": "The fastest Node.js library for formatting terminal text with ANSI colors~!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kleur@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/kleur.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/kleur#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/kleur/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "793233955392511f89c5d0c57a911870132d67d42a75e7feae7cd675166e31b3b2c2ee6d3b6c3637baea8e800d67993dbf2c212fa06bd55463508813431e04f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kleur" + } + ] + }, + { + "type": "library", + "name": "sisteransi", + "version": "1.0.5", + "bom-ref": "sisteransi@1.0.5", + "author": "Terkel Gjervig", + "description": "ANSI escape codes for some terminal swag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sisteransi@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/sisteransi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/sisteransi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/sisteransi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cb186951d50c417329e7d9de589835f83068e566fcb631104344d1cb27c548ea5ebef45522c9314d27422f78e48fd1b7178150cf45c7c6a80d298daa94a5f56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sisteransi" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "17.7.2", + "bom-ref": "yargs@17.7.2", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@17.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd4b3cd143ef822a7348fe4aca9d8455ec928a3d45cc121eb5b286872a0f66ad6121cc55a1167c4fc4697eebd703d4ebbadc2d773543c29e621caefa82b8ceb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "version": "0.9.1", + "bom-ref": "json-diff@0.9.1", + "author": "Andrey Tarantsov", + "description": "JSON diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-diff@0.9.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/andreyvit/json-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/json-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-diff/-/json-diff-0.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67778c83a91b55306bde0fc8a6617acf6f322f6b2a8b89242252560d04add1ab905b6cb4405bb746648a8b3be3f3cd04fc453235a9ef598de88bf4f967b640d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-diff" + } + ] + }, + { + "type": "library", + "name": "cli-color", + "version": "2.0.4", + "bom-ref": "cli-color@2.0.4", + "author": "Mariusz Nowak", + "description": "Colors, formatting and other tools for the console", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-color@2.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/cli-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/cli-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/cli-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-color/-/cli-color-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce59e98348cd7226cdaceec61bd21e1c7ee669615e0b3f896b5c31ffbb59354e4049249267efea65c88cd3f2c7098c5276abf9876b1d6d0fcf5d874eb9eb57bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-color" + } + ] + }, + { + "type": "library", + "name": "d", + "version": "1.0.2", + "bom-ref": "d@1.0.2", + "author": "Mariusz Nowak", + "description": "Property descriptor factory", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/d@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/d.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/d#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/d/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/d/-/d-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30ea87bcc585f7ff4c5fa9f36b42a0bc51f81e9314d04179b940d7a97fc1b71b54f0d7c1d10cd1b49f0e7bfe92b92e246e1cb3549c2377dec40383caaf327c6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/d" + } + ] + }, + { + "type": "library", + "name": "es5-ext", + "version": "0.10.64", + "bom-ref": "es5-ext@0.10.64", + "author": "Mariusz Nowak", + "description": "ECMAScript extensions and shims", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es5-ext@0.10.64", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.64.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a76b270e188b6977ba75a86cb352dd771a849be4a4b83bd5f1d9c8406d0c5a3c87a5c30d7d728f13efc2734cbe3e1c495f7038c4635e1428f9a1cd01521e9d7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es5-ext" + } + ] + }, + { + "type": "library", + "name": "type", + "version": "2.7.2", + "bom-ref": "type@2.7.2", + "author": "Mariusz Nowak", + "description": "Runtime validation and processing of JavaScript types", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/type@2.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type/-/type-2.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77396f94d96de805d4ec40527e902c732750ee05c1fa93c6b0f9df26766988d2410e3ec8689cd094165819d122e11f4798f741bf65e6589e9852da136bb9660b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type" + } + ] + }, + { + "type": "library", + "name": "es6-iterator", + "version": "2.0.3", + "bom-ref": "es6-iterator@2.0.3", + "author": "Mariusz Nowak", + "description": "Iterator abstraction based on ES6 specification", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es6-iterator@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-iterator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf0e12473a1491df9c97e668135e40f68d6841df76d016f488e24c4244219778cd734dd8a958c0846eec71ff42e4a59153f475dceadfe7cf2e082eb9db9a34da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-iterator" + } + ] + }, + { + "type": "library", + "name": "es6-symbol", + "version": "3.1.4", + "bom-ref": "es6-symbol@3.1.4", + "author": "Mariusz Nowak", + "description": "ECMAScript 6 Symbol polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-symbol@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es6-symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d6c51635fcb458804e0b64275ce0db9f8abe2217a6046f4474bcb1abb719f855cd385142b39e92c3de4f40565b630d66cd4e1162750cf5ce40c9f428a464be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-symbol" + } + ] + }, + { + "type": "library", + "name": "ext", + "version": "1.7.0", + "bom-ref": "ext@1.7.0", + "author": "Mariusz Nowak", + "description": "JavaScript utilities with respect to emerging standard", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ext@1.7.0#ext", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git#ext", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/tree/ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ea1c5e25868bd75d1af5be531094a3d20a23c87400980d9c8793acfb2482880d5019d4baf7b5d6635a73b2b4a3a80f4b0c4120741fcaca9225479f5170bb8763" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ext" + } + ] + }, + { + "type": "library", + "name": "esniff", + "version": "2.0.1", + "bom-ref": "esniff@2.0.1", + "author": "Mariusz Nowak", + "description": "Low footprint ECMAScript source code parser", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/esniff@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/esniff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/esniff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/esniff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esniff/-/esniff-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91350818a43f9833c5a09d2855f726c899f88810d1a6d8cd548cf020547bb6a59775523dc5f03644cc18fe06d2a491b79647563448cb6a9fcda951d9889b1d7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esniff" + } + ] + }, + { + "type": "library", + "name": "event-emitter", + "version": "0.3.5", + "bom-ref": "event-emitter@0.3.5", + "author": "Mariusz Nowak", + "description": "Environment agnostic event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/event-emitter@0.3.5", + "externalReferences": [ + { + "url": "git://github.com/medikoo/event-emitter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/event-emitter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/event-emitter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fdad19fdcbb90b3e727e84cabb4bf9e1be82b0c2f5496a1062d813e6c776ef6ec11d2b75bd8a2f1c0521a33feef6fcb9cce27e9fa37f9d9025f915e4d0aee5c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/event-emitter" + } + ] + }, + { + "type": "library", + "name": "next-tick", + "version": "1.1.0", + "bom-ref": "next-tick@1.1.0", + "author": "Mariusz Nowak", + "description": "Environment agnostic nextTick polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/next-tick@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/next-tick.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/next-tick#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/next-tick/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977548897a66ec363b93a10bf16b23d917d56a86dee17b0b2fcb6b0e59a7cbbe2d9ac1f963f66382e9b1c8839d28ad7f0826f58a63dc1843fcc1da4a203ec95" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/next-tick" + } + ] + }, + { + "type": "library", + "name": "memoizee", + "version": "0.4.15", + "bom-ref": "memoizee@0.4.15", + "author": "Mariusz Nowak", + "description": "Memoize/cache function results", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/memoizee@0.4.15", + "externalReferences": [ + { + "url": "git://github.com/medikoo/memoizee.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/memoizee#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/memoizee/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5015a62692d97794933e6ecf31494ec3f4d2cbdef633ecfc81cc90e6f78e9d20d1444cffd1b9a9c937cab77ff9d4384406a099427d6e74cff97e57123d886475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/memoizee" + } + ] + }, + { + "type": "library", + "name": "es6-weak-map", + "version": "2.0.3", + "bom-ref": "es6-weak-map@2.0.3", + "author": "Mariusz Nowak", + "description": "ECMAScript6 WeakMap polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-weak-map@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-weak-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79ba6df61ce4ced643fec3b3d19c1fb9950e3767a9aeb8cb8831f7ef0cdf1907819c9e32c157acc64ada5b01220c9380c202f11a6a685edb387209bfd05d7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-weak-map" + } + ] + }, + { + "type": "library", + "name": "is-promise", + "version": "2.2.2", + "bom-ref": "is-promise@2.2.2", + "author": "ForbesLindesay", + "description": "Test whether an object looks like a promises-a+ promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-promise@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/then/is-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/then/is-promise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/then/is-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa53f8ffa94a5017d08d9da97714e166f2d401a7e665bf0e03115bf175ed890992df920d82bf3985d386a04b35db87b3d450a7649b7a8dabbf4fe6a5879f1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-promise" + } + ] + }, + { + "type": "library", + "name": "lru-queue", + "version": "0.1.0", + "bom-ref": "lru-queue@0.1.0", + "author": "Mariusz Nowak", + "description": "LRU Queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lru-queue@0.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/lru-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/lru-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/lru-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06975892df44bc697c39f5870d03c8495a5c979c59b616fe5cfb1b10b8f90105f1202f08ae20d92106230493c49b9ad2e36d2c8d9d132c4cd172ae4a741858ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-queue" + } + ] + }, + { + "type": "library", + "name": "timers-ext", + "version": "0.1.7", + "bom-ref": "timers-ext@0.1.7", + "author": "Mariusz Nowak", + "description": "Timers extensions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/timers-ext@0.1.7", + "externalReferences": [ + { + "url": "git://github.com/medikoo/timers-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/timers-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/timers-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fce4d50dcd349da1d4a14c86e4cba645d367bc493b5555f0fe7eee1a5d74a11042e9a331fe6c2a492d830f65bb0004ddb00c7edf269a88a17c49a736dfd0da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/timers-ext" + } + ] + }, + { + "type": "library", + "name": "difflib", + "version": "0.2.4", + "bom-ref": "difflib@0.2.4", + "author": "Xueqiao Xu", + "description": "text diff library ported from Python's difflib module", + "licenses": [ + { + "license": { + "name": "PSF", + "url": "http://docs.python.org/license.html" + } + } + ], + "purl": "pkg:npm/difflib@0.2.4", + "externalReferences": [ + { + "url": "git://github.com/qiao/difflib.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/difflib.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/difflib.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/difflib/-/difflib-0.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5857098c6f4c101d036be49f66e814a3e9f938a5f1884c640e3acf83f4597e20d38358539fbe1214d6136fe86811d510680bff4d25cc2eefbcd2871574913ef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/difflib" + } + ] + }, + { + "type": "library", + "name": "heap", + "version": "0.2.7", + "bom-ref": "heap@0.2.7", + "author": "Xueqiao Xu", + "description": "binary heap (priority queue) algorithms (ported from Python's heapq module)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/heap@0.2.7", + "externalReferences": [ + { + "url": "git://github.com/qiao/heap.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/heap.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/heap.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/heap/-/heap-0.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9bb1e8189241cefa1ffd3066e7e8a59c138e5c1d980f00da392d717b12f59d4f4c93d8482e4953b59c3814e5cf3e64e3f0a76bcc35aed816c26155c0d1f5276" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/heap" + } + ] + }, + { + "type": "library", + "name": "dreamopt", + "version": "0.8.0", + "bom-ref": "dreamopt@0.8.0", + "author": "Andrey Tarantsov", + "description": "Command-line parser with readable syntax from your sweetest dreams", + "purl": "pkg:npm/dreamopt@0.8.0", + "externalReferences": [ + { + "url": "git://github.com/andreyvit/dreamopt.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dreamopt/-/dreamopt-0.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf2253a7cfa60be1bee5d7e0b18fabddc931973f90317e345633d0b19739831540c4b9a2eb84c1a1590fe7803fa51017317b1bbb618c301ad93f136fdb7c1a32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dreamopt" + } + ] + }, + { + "type": "library", + "name": "wordwrap", + "version": "1.0.0", + "bom-ref": "wordwrap@1.0.0", + "author": "James Halliday", + "description": "Wrap those words. Show them at what columns to start and stop.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wordwrap@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/substack/node-wordwrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-wordwrap#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-wordwrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "82f57324594fc9c29ce5d64de323e43fcc3b0dcdfb06d3f5c9ccc49de39be2eab7e295d972faed45399657c5be5267be5c2c4a81b8ccfa77af93214f3326dde1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wordwrap" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "version": "3.2.10", + "bom-ref": "jstoxml@3.2.10", + "author": "David Calhoun", + "description": "Converts JavaScript/JSON to XML (for RSS, Podcasts, AMP, etc.)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jstoxml@3.2.10", + "externalReferences": [ + { + "url": "git://github.com/davidcalhoun/jstoxml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/davidcalhoun/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davidcalhoun/jstoxml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jstoxml/-/jstoxml-3.2.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "735bf6085c4aae120f5abf9c3ab04e2569029646b945f5161b5d98d60ab2143e1dcca4e5c646ab9e2925c0e4ffeb047565f97ec76655223448411f431621b5ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jstoxml" + } + ] + }, + { + "type": "library", + "name": "pretty", + "version": "2.0.0", + "bom-ref": "pretty@2.0.0", + "author": "Jon Schlinkert", + "description": "Some tweaks for beautifying HTML with js-beautify according to my preferences.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/pretty.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty/-/pretty-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bdc54721813122369a2b99d60197e3e16b9d20394a2f4f5f08bc07bb118319d7f7fd5bf59630f467fb123af325cd3149374171c3c28ff5c15ff835e8d535ed7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty" + } + ] + }, + { + "type": "library", + "name": "condense-newlines", + "version": "0.2.1", + "bom-ref": "condense-newlines@0.2.1", + "author": "Jon Schlinkert", + "description": "Replace extraneous newlines with a single newline, or pass a specified number of newlines to use.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/condense-newlines@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/condense-newlines.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/condense-newlines/-/condense-newlines-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fb5fe40bf476fd07f73c1c8e411452a68e006ed97a50b85f7c599f5790ef9d046824e57830890cfba354a6a6094d588777e7cd54712d1214059fa0884c1cf7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/condense-newlines" + } + ] + }, + { + "type": "library", + "name": "extend-shallow", + "version": "2.0.1", + "bom-ref": "extend-shallow@2.0.1", + "author": "Jon Schlinkert", + "description": "Extend an object with the properties of additional objects. node.js/javascript util.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/extend-shallow@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/extend-shallow.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc29d3b65c4da0088373782a636698016171ed759689ab2e1762bc31ee566cdf28b4729350a0708cfb4da51b3fadb5199bb2b158068d8fb3f56bfa79d866d5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/extend-shallow" + } + ] + }, + { + "type": "library", + "name": "is-whitespace", + "version": "0.3.0", + "bom-ref": "is-whitespace@0.3.0", + "author": "Jon Schlinkert", + "description": "Returns true if the value passed is all whitespace.", + "purl": "pkg:npm/is-whitespace@0.3.0", + "externalReferences": [ + { + "url": "git://github.com/jonschlinkert/is-whitespace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-whitespace/-/is-whitespace-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47274f865e12e89c00ca3d09263b215891051ba84dc9ede964505165a4d47d9170187c73a6935a34e56042e4bf13f4a586b029b8c5eba672b51042177dda370e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-whitespace" + } + ] + }, + { + "type": "library", + "name": "kind-of", + "version": "3.2.2", + "bom-ref": "kind-of@3.2.2", + "author": "Jon Schlinkert", + "description": "Get the native type of a value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kind-of@3.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/kind-of.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e5bd4105cca191a0fe8aa754da0d4d320510889dd7adbb5827df50124474cc58029abb98d13b0a9cee7083dcf99420db93e17a3ec8252997de13bea1b94eb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kind-of" + } + ] + }, + { + "type": "library", + "name": "is-buffer", + "version": "1.1.6", + "bom-ref": "is-buffer@1.1.6", + "author": "Feross Aboukhadijeh", + "description": "Determine if an object is a Buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-buffer@1.1.6", + "externalReferences": [ + { + "url": "git://github.com/feross/is-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/is-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/is-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35c7402f0a579139b966fbdb93ba303944af56f04a0e028fe7f7b07d71339e64057ece194666a739e2814e34558e46b7405a0de9727ef45dd44aa7c7a93694e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-buffer" + } + ] + }, + { + "type": "library", + "name": "is-extendable", + "version": "0.1.1", + "bom-ref": "is-extendable@0.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a value is any of the object types: array, regexp, plain object, function or date. This is useful for determining if a value can be extended, e.g. \"can the value have keys?\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extendable@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extendable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e413142cda1bd6f8055fa123430e62cd60f1ade7162bd00cef6aee80daf44c595d30e8b47e3e8993ecde288b74c468f87047d0209b61e30dce296389e1ff8017" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extendable" + } + ] + }, + { + "type": "library", + "name": "js-beautify", + "version": "1.15.1", + "bom-ref": "js-beautify@1.15.1", + "author": "Einar Lielmanis", + "description": "beautifier.io for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-beautify@1.15.1", + "externalReferences": [ + { + "url": "git://github.com/beautifier/js-beautify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://beautifier.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beautifier/js-beautify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.15.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1128cdcd296dfec584f2c722647f24045f013e5c173f0851ea958a030f1bc380708fe899727296e8e35652eb49ede39bb81650a6221bf12ece62ca56acab7bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify" + } + ] + }, + { + "type": "library", + "name": "config-chain", + "version": "1.1.13", + "bom-ref": "config-chain@1.1.13", + "author": "Dominic Tarr", + "description": "HANDLE CONFIGURATION ONCE AND FOR ALL", + "purl": "pkg:npm/config-chain@1.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/config-chain.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/dominictarr/config-chain", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/config-chain/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa3f9ff003c04571eb33486b6aa5d86f6fdb395495e0fbc9425359fc3563d10ae634cdaad9eba2ce47ae55c910e7b27e5b49911fa1ef8be939d0ce09ba5d9545" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/config-chain" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "1.3.8", + "bom-ref": "ini@1.3.8", + "author": "Isaac Z. Schlueter", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@1.3.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "255ff2ba0576bb35b988c4528990320ed41dfa7c6d5278de2edd1a70d770f7c90a2ebbee455c81f34b6c444384ef2bc65606a5859e913570a61079142812b17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ini" + } + ] + }, + { + "type": "library", + "name": "proto-list", + "version": "1.2.4", + "bom-ref": "proto-list@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "A utility for managing a prototype chain", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proto-list@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/proto-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/proto-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/proto-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bed2bff786a4c6c4cc85ed3f71b7e947eb323eeb3372ec21a958c9ab6e82b8d0e01468faf36a1105738fe4c269bf6afb26d13c32c89ea4622abef3930709f6bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proto-list" + } + ] + }, + { + "type": "library", + "name": "editorconfig", + "version": "1.0.4", + "bom-ref": "editorconfig@1.0.4", + "author": "EditorConfig Team", + "description": "EditorConfig File Locator and Interpreter for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/editorconfig@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/editorconfig/editorconfig-core-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fd41ed3c2964e5a98315bcc71322f300765d5c0d4b9bcd13582fe59f0386cb0cc1dee277a62a4a666339339c4d45c0b2aed04126cbaa1b8102b3309ae0e31f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig" + } + ] + }, + { + "type": "library", + "name": "wasm", + "group": "@one-ini", + "version": "0.1.1", + "bom-ref": "@one-ini/wasm@0.1.1", + "description": "Parse EditorConfig-INI file contents into AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40one-ini/wasm@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/one-ini/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/one-ini/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/one-ini/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@one-ini/wasm/-/wasm-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eec921b5137f1849c489a0c96aa2f2ebbb829350d4a38154c88f287ba8c5fa68d3791d8e42b792e14497713bbf49b53cca7f357f6e75a9cfeceab98ac84acbf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@one-ini/wasm" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "10.0.1", + "bom-ref": "commander@10.0.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@10.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb8320dad5ec8699446d21b3c7b6a6ccfc0a28e086ba84913ff0a311dc3093414e1a551baba94aba8c83653359926c47749b69e7885d7d8fc952b74bed77ddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7008bd0f1e33e902e9a50bc7ac2e422c15b27cec8bd7775b1cd5dc5a564c6035f45eb6d64c1d6ec01c14a5e02941d95accbe998ea22f5b074f1584142cad0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "js-cookie", + "version": "3.0.5", + "bom-ref": "js-cookie@3.0.5", + "author": "Klaus Hartl", + "description": "A simple, lightweight JavaScript API for handling cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-cookie@3.0.5", + "externalReferences": [ + { + "url": "git://github.com/js-cookie/js-cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70488910012821b59f09960a5a157016ebcf5f58044d160fc3a2e56932a8c43decd80917ce40a39e9ea1d15efba33caa8f48da92d789e18a83253f37d3e9551b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-cookie" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.0", + "bom-ref": "nopt@7.2.0", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nopt/-/nopt-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0950edc02761608be703316827a349e9d5f7a206bdfc7c9c8900e71b5bd00e348b31e28b27803ddd9a98283ae0612af5141639fe13180bed950a2db8a60a6418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nopt" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/abbrev/-/abbrev-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ebf9a1d44daed98804b021dd634631e685beeb581953ed6f5daa221c7ae929eb9134d805bd2fbf8ebc07890841e5aa407f9a01ed407b135f689764762ca1fc85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/abbrev" + } + ] + }, + { + "type": "library", + "name": "babel__core", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__core@7.20.5", + "description": "TypeScript definitions for @babel/core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__core@7.20.5#types/babel__core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa8429ad9bf3e70405270303a9eb1e4575afdeba8cbe18296d715f5725a16f1f57e3b3ce200ea2ffe75779f12664aa0080e69375a22035232a30853ad72472cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__core" + } + ] + }, + { + "type": "library", + "name": "template", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/template@7.24.0", + "author": "The Babel Team", + "description": "Generate an AST from a string template.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/template@7.24.0#packages/babel-template", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20template%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0647f6abc94c074005a57d0d144a926f1d4e9131dfd1ffb48fcda6930f99a73067924edef50974f3dd6f95f822fa41f03a4f2d4238901e9aa1e0b6926b47ca10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/template" + } + ] + }, + { + "type": "library", + "name": "bs-logger", + "version": "0.2.6", + "bom-ref": "bs-logger@0.2.6", + "author": "Huafu Gandon", + "description": "Bare simple logger for NodeJS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bs-logger@0.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/huafu/bs-logger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/huafu/bs-logger#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/huafu/bs-logger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5df030a8c666e073b8723ca3afc6da8d7236283ac0013d075c0948c6a77778d95476097d4e46193603cee8aaabb9475924fbbea7b3166ea649b277e315b42a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bs-logger" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "2.2.3", + "bom-ref": "json5@2.2.3", + "author": "Aseem Kishore", + "description": "JSON for Humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@2.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e63967bb7b21d81f5e1c2dd54fa3283e18e1f7ad85fef8aa73af2949c125bdf2ddcd93e53c5ce97c15628e830b7375bf255c67facd8c035337873167f16acca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json5" + } + ] + }, + { + "type": "library", + "name": "lodash.memoize", + "version": "4.1.2", + "bom-ref": "lodash.memoize@4.1.2", + "author": "John-David Dalton", + "description": "The lodash method `_.memoize` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.memoize@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b8fe3739a09d0cd30185dcb0760b8229a5b4e5753171ed94e59fe868cbf4a8fc18ae45227c39268b71bdb3acf88bd5d7f0f3a34e3f7c219f2d5b3b6976f802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.memoize" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "3.26.9", + "bom-ref": "@oclif/core@3.26.9", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@3.26.9", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-3.26.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81e58c5deb60ec1eaa822bfeb42fc2221a94d1214e09f9fcc2a9f6cf462218139f9a81f37ade4a6968cf936eac8c05db27b7f3d03a7603f0186cd6ab94afa7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "group": "@types", + "version": "3.11.5", + "bom-ref": "@types/cli-progress@3.11.5", + "description": "TypeScript definitions for cli-progress", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/cli-progress@3.11.5#types/cli-progress", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/cli-progress", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/cli-progress/-/cli-progress-3.11.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f83db3516ef88aca9a52e62bc11b214edbd3ce97248b980d87c94144e29e5019acc030cdc2c2429672f4e5f20bc4952bb1461e853ca2fc5e689d5fcef7a2ee2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/cli-progress" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.21.3", + "bom-ref": "type-fest@0.21.3", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.21.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b74af306af3b9b77d571db870d41612a6cb25fef5ea3a5908d9bdfe7511afccd10efe4f7ef8269d5a522c9497418ac69f0cfce113547483be69323e0bd7f97db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-fest" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4511023ec8fb8aeff16f9a0a61cb051d2a6914d9ec8ffe763954d129be333f9a275f0545df3566993a0d70e7c60be0910e97cafd4e7ce1f320dfc64709a12529" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "cardinal", + "version": "2.1.1", + "bom-ref": "cardinal@2.1.1", + "author": "Thorsten Lorenz", + "description": "Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cardinal@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/cardinal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/cardinal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/cardinal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cardinal/-/cardinal-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "252af978e8281329ad607063356ca3acca9eb7d026da68898657ca35da8ba7ace878087428de5d44073195e723e66009ae64289a088e063df9c472eb163a81a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cardinal" + } + ] + }, + { + "type": "library", + "name": "ansicolors", + "version": "0.3.2", + "bom-ref": "ansicolors@0.3.2", + "author": "Thorsten Lorenz", + "description": "Functions that surround a string with ansicolor codes so it prints in color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansicolors@0.3.2", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/ansicolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansicolors/-/ansicolors-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "417bbb04facfdbd565951c47f06c01ef1e625f9a9628000c2ea2901964de2d656534734ea55309f7576cc50008597a63b96e70aafc6edc977f9d18eb27ed29aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansicolors" + } + ] + }, + { + "type": "library", + "name": "redeyed", + "version": "2.1.1", + "bom-ref": "redeyed@2.1.1", + "author": "Thorsten Lorenz", + "description": "Takes JavaScript code, along with a config and returns the original code with tokens wrapped as configured.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/redeyed@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/redeyed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/redeyed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/redeyed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/redeyed/-/redeyed-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14da461a8d43c9c600767aca17108c98a620a3f9882c0aad4586e47500fc129fc79363d0e7e684004c7e214ef5dd14c39ae05a1f473c3f9668ceeacdbb939b45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/redeyed" + } + ] + }, + { + "type": "library", + "name": "esprima", + "version": "4.0.1", + "bom-ref": "esprima@4.0.1", + "author": "Ariya Hidayat", + "description": "ECMAScript parsing infrastructure for multipurpose analysis", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esprima@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jquery/esprima.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://esprima.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jquery/esprima/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "786b85170ed4a5d6be838a7e407be75b44724d7fd255e2410ccfe00ad30044ed1c2ee4f61dc10a9d33ef86357a6867aaac207fb1b368a742acce6d23b1a594e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esprima" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "4.0.0", + "bom-ref": "has-flag@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1329094ff4352a34d672da698080207d23b4b4a56e6548e180caf5ee4a93ba6325e807efdc421295e53ba99533a170c54c01d30c2e0d3a81bf67153712f94c3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "3.0.1", + "bom-ref": "clean-stack@3.0.1", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-stack/-/clean-stack-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "951f70362311715423481ddaef15c62eecf872be3026eb9795a0046d1bad1a8c104e6969ed1ef6fc33a0376d5ef237706e531697d50e24c2576ab5fde29cca76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-stack" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "4.0.0", + "bom-ref": "escape-string-regexp@4.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4eda5c349dd7033c771aaf2c591cc96956a346cd2e57103660091d6f58e6d9890fcf81ba7a05050320379f9bed10865e7cf93959ae145db2ae4b97ca90959d80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "version": "3.12.0", + "bom-ref": "cli-progress@3.12.0", + "author": "Andi Dittrich", + "description": "easy to use progress-bar for command-line/terminal applications", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-progress@3.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/npkgz/cli-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npkgz/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npkgz/cli-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-progress/-/cli-progress-3.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b51915dc7275012c26d7d4c78a22c85cb3bb226ef0953b8a9ef918693932a003de7ea8cd83b5bb0c7294946471cbdbf10ef6f2098424428cefa6db8c9060a0f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-progress" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "4.2.3", + "bom-ref": "color@4.2.3", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6b5deb94522186af2921f8278176ee487bb389c229c28106346dcec6091c72e71547cbe9a86aa9292ff8ea42ad0cb5039e61caea133e1a6dce5fd0ab54ed6e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-string", + "version": "1.9.1", + "bom-ref": "color-string@1.9.1", + "author": "Heather Arthur", + "description": "Parser and generator for CSS color strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-string@1.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-string/-/color-string-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21ad56b0405a239d9bfac4ce346a7c780a4a033fe7d9b30fd97ab10cb16fe9cb3b116c4969b0bfc30555bbab7131c70bac74d5c8de55e9ba1119933b3ca7912" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-string" + } + ] + }, + { + "type": "library", + "name": "simple-swizzle", + "version": "0.2.2", + "bom-ref": "simple-swizzle@0.2.2", + "author": "Qix", + "description": "Simply swizzle your arguments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/simple-swizzle@0.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-simple-swizzle.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "240fff910819b5bb98f379bec53fad5c9926267706313153f82fa0da1d91f6ec64608ac4db2cbdb2099c2e10a7c39eff5920fe121dc9f7b14f1031676d79c352" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle" + } + ] + }, + { + "type": "library", + "name": "ejs", + "version": "3.1.10", + "bom-ref": "ejs@3.1.10", + "author": "Matthew Eernisse", + "description": "Embedded JavaScript templates", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ejs@3.1.10", + "externalReferences": [ + { + "url": "git://github.com/mde/ejs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/ejs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/ejs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51e26615f3ab0104bc38958f678aad807c961316b4f3cfccb4ae54132a091851faedc0c45e4652be23a2291099e178a3d33c48dc9102818b37a0ac7e022cd004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ejs" + } + ] + }, + { + "type": "library", + "name": "jake", + "version": "10.8.7", + "bom-ref": "jake@10.8.7", + "author": "Matthew Eernisse", + "description": "JavaScript build tool, similar to Make or Rake", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/jake@10.8.7", + "externalReferences": [ + { + "url": "git://github.com/jakejs/jake.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jakejs/jake#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jakejs/jake/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6438b768ff9f1bf2dc87207350cf34e158dd767c1f49fb1d798930b7c35c6ca46fa38ac592386ce39ea22c59f79366545af35ee22e3c5800836f36bc7e1ab6fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake" + } + ] + }, + { + "type": "library", + "name": "async", + "version": "3.2.5", + "bom-ref": "async@3.2.5", + "author": "Caolan McMahon", + "description": "Higher-order functions and common patterns for asynchronous code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async@3.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/caolan/async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://caolan.github.io/async/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caolan/async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da359caa69a2e1c8b54a9bf0e5bdd5b4e7531280ee9bf1e55f21ece5f44e4fa96c458332e6ff0427b445b8ccecad55bbab0c4af426500b12974e170bc4acbb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async" + } + ] + }, + { + "type": "library", + "name": "filelist", + "version": "1.0.4", + "bom-ref": "filelist@1.0.4", + "author": "Matthew Eernisse", + "description": "Lazy-evaluating list of files, based on globs or regex patterns", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/filelist@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/mde/filelist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/filelist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/filelist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c35704b9fdd2f83acb0902fb113ea4cfe82694975babd27bc970928cafce6423c0faa10dd56c85e1901fd186096b8fec84726b6b6b7f77fafc495e098bec7ef1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de849e50ed13315ebb84dd4099b5ec2b8c9aa94eed8e21e56f144364ea47d0a5bdf82797e1b440697d009f1b74b71d8cae94695b041a3f02252121098585393f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/balanced-match" + } + ] + }, + { + "type": "library", + "name": "concat-map", + "version": "0.0.1", + "bom-ref": "concat-map@0.0.1", + "author": "James Halliday", + "description": "concatenative mapdashery", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/concat-map@0.0.1", + "externalReferences": [ + { + "url": "git://github.com/substack/node-concat-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-concat-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-concat-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd2aefe1db30c903417e8846a73f68e986f71b3dd2ad40ea047e6b4ee84647b6a1b656d82a7571c366c214c4658da03b1171da5d9f30b07768745bdb9212a6aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/concat-map" + } + ] + }, + { + "type": "library", + "name": "get-package-type", + "version": "0.1.0", + "bom-ref": "get-package-type@0.1.0", + "author": "Corey Farrell", + "description": "Determine the `package.json#type` which applies to a location", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-package-type@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/cfware/get-package-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cfware/get-package-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cfware/get-package-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cee2ad63ae0661f5a2ccd009d1fafd56ab6d6643622b6892e37d0bb481f38c112be9b5fc026db39b8b16e11a39c23596e5c02544bd6a00c4dc5db8cd00ed9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-package-type" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "11.1.0", + "bom-ref": "globby@11.1.0", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e121768ecf2d6c6fc232a1c6abb964a7d538e69c156cf00ca1732f37ae6c4d27cab6b96282023dc29c963e2a91925c2b9e00f7348b4e6456f54ab4fd6df52de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globby" + } + ] + }, + { + "type": "library", + "name": "array-union", + "version": "2.1.0", + "bom-ref": "array-union@2.1.0", + "author": "Sindre Sorhus", + "description": "Create an array of unique values, in order, from the input arrays", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-union@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/array-union.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/array-union#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/array-union/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1c6cb1a0e4d853208ceacb547ba1098277781287b0008ef331d7ea3be9068e79599810f3fdc479a5ff2bfdc4785aaeb4b0bfe9d0891c8d41043f04b7185ac8cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-union" + } + ] + }, + { + "type": "library", + "name": "dir-glob", + "version": "3.0.1", + "bom-ref": "dir-glob@3.0.1", + "author": "Kevin Mårtensson", + "description": "Convert directories to glob compatible strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dir-glob@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/dir-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/dir-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/dir-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a4ad6a7d191e0a5df28663338b993b86562d545857f0b37efb9fd71ce79fed6fa0eeab217aa5c43901b88712c85a0e963dbfaa1a4abd9708389d1a633077320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dir-glob" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "4.0.0", + "bom-ref": "path-type@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80329bf1a64c0de0ffb595acf4febeab427d33091d97ac4c57c4e39c63f7a89549d3a6dd32091b0652d4f0875f3ac22c173d815b5acd553dd7b8d125f333c0bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.3.1", + "bom-ref": "ignore@5.3.1", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45cadcff22b68c8eaa707dddf891edbc3d354c8d98c91b630f9f9b7b384e1e50250d7fc0406bb6f95944bdfd0bebea6c0e412ecc93abddb0c9e8e617be4fc5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + }, + { + "type": "library", + "name": "hyperlinker", + "version": "1.0.0", + "bom-ref": "hyperlinker@1.0.0", + "author": "James Talmage", + "description": "Write hyperlinks in the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hyperlinker@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/hyperlinker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hyperlinker/-/hyperlinker-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f2f146e545614471f4ae21a6a3337e0b74f5c885bb356a3117fc104fbf6e09f9e9d255a11563adf143a9533bd551612e4b028821206d080c9fa9f883f329441" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hyperlinker" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11d0c366ee00d8ec882bb2ebff6cc6fb0e6399bba4d435419c4c11110bc1ceca412640846d16bc1b153596085871a1890a745689b8c35e5abbefd5f5ff2e71c2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/indent-string" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "2.2.0", + "bom-ref": "is-wsl@2.2.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cacc0adad2b18951407018180d90766e4e865c9fe4ed5c7a5e0a09a430930c631d6c40361a092ca32414826b69c7d431a6eecde7d68067a21a154c168decbc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "2.2.1", + "bom-ref": "is-docker@2.2.1", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17e8b604ab05ac7eba89a505734c280fcb0bcbc81eb64c13c2d3818efb39e82c780a024378a41ea9fcfcc0062249bf093a9ad68471f9a7becf6e6602bef52e5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "natural-orderby", + "version": "2.0.3", + "bom-ref": "natural-orderby@2.0.3", + "author": "Olaf Ennen", + "description": "Lightweight and performant natural sorting of arrays and collections by differentiating between unicode characters, numbers, dates, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-orderby@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/yobacca/natural-orderby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yobacca.github.io/natural-orderby", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yobacca/natural-orderby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-orderby/-/natural-orderby-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7b2931f1534094adc3977bad997eb6f9675de72ef3e149647fb28de416e954414d2c814965d99d0bc29b0b377e7578e383fa1446bbf17583eeb10df3de0fef9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-orderby" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "1.1.33", + "bom-ref": "object-treeify@1.1.33", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@1.1.33", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-1.1.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1055630187f35aa5ac04c4473cc0172c20c8267a4c85d580a91ef11ba33a6b672ce8f305a65ffe676d30f730d6e2f9313857dd75e8012aaf517a17746f1584ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "password-prompt", + "version": "1.1.3", + "bom-ref": "password-prompt@1.1.3", + "author": "Jeff Dickey @jdxcode", + "description": "cross-platform masked or hidden prompt", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/password-prompt@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/password-prompt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/password-prompt/-/password-prompt-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e4ae31b668996f174b7604c1f47b62c1fc41dfdcb72addf34ccf2e066077106e502f3a5f904238b52f1ed644132aa552bca7e291edb0a0ee8a80317b5d82acb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/password-prompt" + } + ] + }, + { + "type": "library", + "name": "slice-ansi", + "version": "4.0.0", + "bom-ref": "slice-ansi@4.0.0", + "description": "Slice a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slice-ansi@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/slice-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/slice-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/slice-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8c08c7e1634e347151d3e372bd045ca0a986d43c564a1ce83b2bbde6b5358945bf29c8fddfcdfe08c5de52cdd10943a311520fd606738bc60859b4a2aeac435" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slice-ansi" + } + ] + }, + { + "type": "library", + "name": "astral-regex", + "version": "2.0.0", + "bom-ref": "astral-regex@2.0.0", + "author": "Kevin Mårtensson", + "description": "Regular expression for matching astral symbols", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/astral-regex@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/astral-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/astral-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/astral-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67bb4cc35cad4d7b798ea31c38ff8e42d794d55b8d2bd634daeb89b4a4354afebd8d740a2a0e5c89b2f0189a30f32cd93fe780735f0498b18f6a5d1ba77eabbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/astral-regex" + } + ] + }, + { + "type": "library", + "name": "widest-line", + "version": "3.1.0", + "bom-ref": "widest-line@3.1.0", + "author": "Sindre Sorhus", + "description": "Get the visual width of the widest line in a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/widest-line@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/widest-line.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36c9a85da96c5950cc1aea71679474f246bd7e56638e22ef1d501660e2ad88a33cba3b595abf5c45f7da93eb92138f3e39bf0e6da957a70c9e522c830fa40582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/widest-line" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "plugin-help", + "group": "@oclif", + "version": "6.1.0", + "bom-ref": "@oclif/plugin-help@6.1.0", + "author": "Salesforce", + "description": "Standard help for oclif.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-help@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-help.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-help", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-help/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-help/-/plugin-help-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53e2cd28a69906ba07aa848622961b42691397c696d0d25c3bdb6bd3dd4b24e67be22a840e2ba97c14c232e9255bdb9365d585600a6a4e6b210ee07f238d63c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help" + } + ] + }, + { + "type": "library", + "name": "ansis", + "version": "3.2.0", + "bom-ref": "ansis@3.2.0", + "author": "webdiscus", + "description": "Colorize terminal with ANSI colors & styles", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ansis@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/webdiscus/ansis.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/webdiscus/ansis", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/webdiscus/ansis/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansis/-/ansis-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "624dc19071fd53ba0fc8237780be5373b0a96a11bff9416fffa506d370b7d75572f65cd1980e6ea310d3a54f423b7ac61cbe8acc9cffa5d0de5d9099e4cbbf4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansis" + } + ] + }, + { + "type": "library", + "name": "cli-spinners", + "version": "2.9.2", + "bom-ref": "cli-spinners@2.9.2", + "author": "Sindre Sorhus", + "description": "Spinners for use in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-spinners@2.9.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-spinners.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-spinners/-/cli-spinners-2.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb0a95fb9326c8be04ef26d780acace03ba065b5f4142e8b9f0ae18eeca42239caf64f0e41a710edac462a78c35d63619ecd31a2dddb648e61e791fcca8f5c26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-spinners" + } + ] + }, + { + "type": "library", + "name": "cosmiconfig", + "version": "9.0.0", + "bom-ref": "cosmiconfig@9.0.0", + "author": "Daniel Fischer", + "description": "Find and load configuration from a package.json property, rc file, TypeScript module, and more!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cosmiconfig@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/cosmiconfig/cosmiconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8adbcbe61f1111300298e4c573851f23207645f1078bbd40c7a13f3e2bd5c6af4db1e29b396a5ec8710e21b980c35aecf0093456eaec40dc30ee57fb62d530ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cosmiconfig" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa1d6590b2a164c4d88e8835544a49346ecd64959cb9cd830e4feab2a49345108e5e22e3790d5dd7fb9dad41a1a8cc5480097028d67471fdaea9a9f918bb92d8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/env-paths" + } + ] + }, + { + "type": "library", + "name": "import-fresh", + "version": "3.3.0", + "bom-ref": "import-fresh@3.3.0", + "author": "Sindre Sorhus", + "description": "Import a module while bypassing the cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-fresh@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bde6188506be0f54012b39ef8541f16fc7dac65af0527c6c78301b029e39ec4d302cd8a8d9b3922a78d80e1323f98880abad71acc1a1424f625d593917381033" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-fresh" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "4.1.0", + "bom-ref": "js-yaml@4.1.0", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c29c59b3d368c596891122462194f20c4698a65d0529203e141f5a262c9e98a84cc24c5083ade1e13d4a2605061e94ea3c33517269982ee82b46326506d5af44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.2", + "bom-ref": "error-ex@1.3.2", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd147366a9e15212dd9906c0ab8a8aca9e7dd9da98fe7ddf64988e90a16c38fff0cbfa270405f73453ba890a2b2aad3b0a4e3c387cd172da95bd3aa4ad0fce2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "2.3.1", + "bom-ref": "json-parse-even-better-errors@2.3.1", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c72170ca1ae8fc91287fa1a17b68b3d8d717a23dac96836c5abfd7b044432bfa223c27da36197938d7e9fa341d01945043420958dcc7f7321917b962f75921db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-parse-even-better-errors" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "5.1.6", + "bom-ref": "typescript@5.1.6", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@5.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cda582a33459e832c4580585ad50f3d47e85557cd449f4f2e4550c5ac42553c626e493fd78ee31913211385090be141feb5cfa3bf1baba0c374a0027bef9be1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d15851ee494dde0ed4093ef9cd63b25c91eb758f4b793ae3ac1733cfcec7a40f9d9997ca947c520f122b305ea22f1d61951ce817fbb1bfbc234d85e870c5f91" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "plugin-plugins", + "group": "@oclif", + "version": "5.2.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2", + "author": "Salesforce", + "description": "plugins plugin for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-plugins@5.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-plugins.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-plugins/-/plugin-plugins-5.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "054027977f9f374f1c7fb2ea9cb851bf991cf8758e2f3dd32eadedf407f6e5af100a9c5804a6339f283152ba08e744ccd34dbe8b49af8e4b518e0d9b1fd791ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6e519014293e66f19cefb3bd975b2dc7b6f55b4d6963444eba70feb46f127302a7f60e0202a3b9584d8d881d498b9cda6362fc396ef9a81ef3dcd103b66badb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3a58cbad0f5241d394a93690c6a2f97447d95ab5c4c72c96b28cd89405856b03d536e0fcde2825eee243d914e434c6e7888620b7c97cd5e08918875017b6af2d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-name" + } + ] + }, + { + "type": "library", + "name": "npm", + "version": "10.8.0", + "bom-ref": "npm@10.8.0", + "author": "GitHub Inc.", + "description": "a package manager for JavaScript", + "licenses": [ + { + "license": { + "id": "Artistic-2.0" + } + } + ], + "purl": "pkg:npm/npm@10.8.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://docs.npmjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm/-/npm-10.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c21f77b91733829ec70e73cc88b5dc0a4bf685a81d252d3327d293ff7d5dd05a173f4dbeaa037600ec29696f397f14569229e5dab10b7cfc3e0a30575b8f3f8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm" + } + ] + }, + { + "type": "library", + "name": "plugin-version", + "group": "@oclif", + "version": "2.2.2", + "bom-ref": "@oclif/plugin-version@2.2.2", + "author": "Salesforce", + "description": "A command that shows the CLI version", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-version@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-version.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-version", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-version/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-version/-/plugin-version-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1f8b742bb15567ea42c0b01cd3679965b18c816f58717f0b58c976317ccac5019f3eb98164b4e113621e6d1f4fbd10248c3af30a66d979625c0b1f7bb4767a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version" + } + ] + }, + { + "type": "library", + "name": "plugin-warn-if-update-available", + "group": "@oclif", + "version": "3.1.4", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "author": "Salesforce", + "description": "warns if there is a newer version of CLI released", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-warn-if-update-available@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-warn-if-update-available.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c63eb3830bee105994ac76055c7a2a993a6f394b0482a5e2ca87fd3aa8e0955dd77813cdb109dbb96ff4f391c549606f2885500addb6b954556890b3de8ece0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available" + } + ] + }, + { + "type": "library", + "name": "content-type", + "version": "1.0.5", + "bom-ref": "content-type@1.0.5", + "author": "Douglas Christopher Wilson", + "description": "Create and parse HTTP Content-Type header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-type@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d38ea7dc045122a4a7570afe180d05827e670b64a9bcd65745d29028a53bf2ac51956dc47a3ff54001de46ecdfb4b53afc42a894d2d15a743e852b836d27038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-type" + } + ] + }, + { + "type": "library", + "name": "is-stream", + "version": "2.0.1", + "bom-ref": "is-stream@2.0.1", + "author": "Sindre Sorhus", + "description": "Check if something is a Node.js stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-stream@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "845a222624e5eb79e7fa4b2d1c606d7b05922a740ba726f5e7928785e035977f6ebed3bd9d6228a75a77b9da8f71477fc5b17554b30ee27ece23aa7b45b9e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-stream" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf3d3a4bcb74a33a035cc1beb9b7b6eb37824cd5dc2883c96498bc841ac5e227422e6b38086f50b4aeea065d5ba22e4e0f31698ecc1be493e61c26cca63698ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.2.1", + "bom-ref": "safe-buffer@5.2.1", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.2.1", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae9dd2a34eca71d9a629b1af81a37141226bedb1954959394bd12ad45fa9a5b468ef4f9879a0f1930e4377c34f37e183e9b8e7626d95b8fb825e6a6e62f9825d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "test", + "group": "@oclif", + "version": "3.2.15", + "bom-ref": "@oclif/test@3.2.15", + "author": "Salesforce", + "description": "test helpers for oclif components", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/test@3.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/test/-/test-3.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea1b7468b28ccdab24a4c525c89d4d765de736b0f48e92a6072437dd1598961b76bc0b1bb87673e2010be6b3e049b0e94b4267c4425487aa2c9550a38c1e15c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "version": "4.4.1", + "bom-ref": "chai@4.4.1", + "author": "Jake Luer", + "description": "BDD/TDD assertion library for node.js and the browser. Test framework agnostic.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chai@4.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/chai.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://chaijs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/chai/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chai/-/chai-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d77b0e7ccbf6f8359db8453eff16ee9f72d270ba2a375ee705e4cb52c9837ca768882d5faf49fd3d4e20baee0085170e54593fb16f0bc99587ba15ad419885fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chai" + } + ] + }, + { + "type": "library", + "name": "fancy-test", + "version": "3.0.15", + "bom-ref": "fancy-test@3.0.15", + "author": "Salesforce", + "description": "extendable utilities for testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fancy-test@3.0.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/fancy-test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/fancy-test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/fancy-test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fancy-test/-/fancy-test-3.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91964574fcd55ad2b106498b2d47f1862cec78697565946e0a69ae0a4a35a2202cfd7fccbc4e000a6fef973bf17eee0e79bffb309f2154ff2b522566dd1ef6f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fancy-test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "group": "@types", + "version": "4.3.14", + "bom-ref": "@types/chai@4.3.14", + "description": "TypeScript definitions for chai", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/chai@4.3.14#types/chai", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/chai", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/chai", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/chai/-/chai-4.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a3ef5b1713843802419d1bd4efab5bbf7eab8dcfd11d1b82c824cc1554823b6ac8630fff1c7fc7f221f2408d1afa61cb179d213c70e1903ead60a9e47ccfedf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/chai" + } + ] + }, + { + "type": "library", + "name": "sinon", + "group": "@types", + "version": "17.0.3", + "bom-ref": "@types/sinon@17.0.3", + "description": "TypeScript definitions for sinon", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinon@17.0.3#types/sinon", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinon", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinon/-/sinon-17.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f7ba8bdd9fc7b0932f644411b5f5b3b06996dec49bbf5e3b641f28ef520b78c5f3c5cf5f1d70e44832a9d887ae85c773e8c2172bf39353e7e7abdfea1589aa7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinonjs__fake-timers", + "group": "@types", + "version": "8.1.5", + "bom-ref": "@types/sinonjs__fake-timers@8.1.5", + "description": "TypeScript definitions for @sinonjs/fake-timers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinonjs__fake-timers@8.1.5#types/sinonjs__fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinonjs__fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinonjs__fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinonjs__fake-timers/-/sinonjs__fake-timers-8.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "990914da363c8c9105ed81e31efb103bcfb7ba08532f599c9e7f7a8a07e138d991f9f50f48a22479f418a527bc6ec972d84a7ba106e7ffa546e7ff7fd2a700ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinonjs__fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-stdin", + "version": "1.0.0", + "bom-ref": "mock-stdin@1.0.0", + "author": "Caitlin Potter", + "description": "Mock STDIN file descriptor in Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-stdin@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/caitp/node-mock-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-stdin/-/mock-stdin-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6e91175bf417aedbbb7a74df97ced4911eaf49d01fc2a003b2486cc77e7f144df9aa8a9039c8d4ffb03504c987405771e991ae96c7a90e331b8e6dd39ec7ad1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nock", + "version": "13.5.4", + "bom-ref": "nock@13.5.4", + "author": "Pedro Teixeira", + "description": "HTTP server mocking and expectations library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nock@13.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/nock/nock.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nock/nock#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nock/nock/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nock/-/nock-13.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c80c937dd78d24618117159dcd2282058c6ce45c4b6c28395f94387adb3def885c4331b5faa0b1bc8c8ea388f6472e8c52585654c5f83a860379f008230ba98f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nock" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-safe", + "version": "5.0.1", + "bom-ref": "json-stringify-safe@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSON.stringify, but doesn't blow up on circular refs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-safe@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/json-stringify-safe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642960e80698bda9af60413cd9ddc8c9ddef49222343ea1d823693cd1b8edeceeda0274529cce86f68b4cc287b244f245a7d7bcaf016854571bea1b051a96c44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stringify-safe" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "propagate", + "version": "2.0.1", + "bom-ref": "propagate@2.0.1", + "author": "Pedro Teixeira", + "description": "Propagate events from one event emitter into another", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/propagate@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nock/propagate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/nock/propagate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/nock/propagate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/propagate/-/propagate-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bc6ae139abcf493cf841536e04d75c35778f35d34c68ed718fdc81787d527103e393fae183db129425cf84c905b9a34d5bfb324ef62ab276c82713017d16db6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/propagate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinon", + "version": "16.1.3", + "bom-ref": "sinon@16.1.3", + "author": "Christian Johansen", + "description": "JavaScript test spies, stubs and mocks.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sinon@16.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/sinon.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sinonjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/sinonjs/sinon/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sinon/-/sinon-16.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a39d659ecb17007fd9c2d1b5dc3e6883badfa813c1d8ae275337305b17df006152e65b0191a76212129ca161f946d627c82d3f9e367dc198a5093f18d750f94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "3.0.1", + "bom-ref": "@sinonjs/commons@3.0.1", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b79821ca43db1587ca350bd731930c5a3a65e800c943c42d666321eb8ea39611c06362befab7deb32f6ce58f9754199dc74b0db8d17d6a807dcc8dfd72256a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "10.3.0", + "bom-ref": "@sinonjs/fake-timers@10.3.0", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@10.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578046d3b92e6125244c24811c6f06f1336133e175f635c55a742dce3fb07bc0eb92948109e7bd67732cf328867abfdd96685edf9fd7760ca8dffd2b40a83b60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "samsam", + "group": "@sinonjs", + "version": "8.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0", + "author": "Christian Johansen", + "description": "Value identification and comparison functions", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/samsam@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/samsam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sinonjs.github.io/samsam/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/samsam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "069f0a51594ba7c89b259ae7bead9fa1584fd08557d82229acc24f2b4bea1aa82b0dad0e1d529e67207292ab2492b77157ac8a04f9866ac3bc2d58c0291dc67b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.get", + "version": "4.4.2", + "bom-ref": "lodash.get@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.get` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.get@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfe530fef2eecba8107bc71f685583ee9d3056ff1f265de66f35e1df7452fb4a16db0bd4aa2457890ebd80b5922e9801e7feac53eafa065411d0c0482da76a4d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.get" + } + ] + }, + { + "type": "library", + "name": "nise", + "version": "5.1.9", + "bom-ref": "nise@5.1.9", + "description": "Fake XHR and server", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/nise@5.1.9", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/nise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/nise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/nise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nise/-/nise-5.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e9e8ba35b8495e9ee34758c4939bdeebeea0f1ed98bcc89384c5a3e8f48cf2680bee59f718dae6a1f9259a1b10fb1af3e618a6132b392c27aec844846daac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-encoding", + "group": "@sinonjs", + "version": "0.7.2", + "bom-ref": "@sinonjs/text-encoding@0.7.2", + "author": "Joshua Bell", + "description": "Polyfill for the Encoding Living Standard's API.", + "licenses": [ + { + "expression": "(Unlicense OR Apache-2.0)" + } + ], + "purl": "pkg:npm/%40sinonjs/text-encoding@0.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/text-encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/text-encoding/-/text-encoding-0.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b175ca1beb8bf48acaa95893b5aa365ace9dcb4ce7bbdb0e68fd5d8bf8ca196d4ce95b2c3bcbe5a5709072967e8e2b10d6d4c5002e49a3f10ecc56e08016a015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/text-encoding" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-extend", + "version": "6.2.0", + "bom-ref": "just-extend@6.2.0", + "author": "Angus Croll", + "description": "extend an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-extend@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/just-extend/-/just-extend-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "718a1f42ed97a689bcd92eaa0fbefc8c10e9c2fbf2dfdb3597f86b6228f6bbd00c750706469681bba918e26561ba7a39909562d43033e1a8a9840d96235fce03" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/just-extend" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "stdout-stderr", + "version": "0.1.13", + "bom-ref": "stdout-stderr@0.1.13", + "author": "Jeff Dickey @jdxcode", + "description": "mock stdout and stderr", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stdout-stderr@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/stdout-stderr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stdout-stderr/-/stdout-stderr-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7b7dfc71c761f8d9ecd7902efb900f22f52e76ec6dd760305282b9a40ac0609d266f0b9ecb59217a29fae398dfa511d545d7a075df31b0b52a555d55dd892c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stdout-stderr" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abort-controller", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/abort-controller@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A simple abort controller library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/abort-controller@3.0.0#packages/abort-controller", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/abort-controller", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/abort-controller", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7a1a514606df4ae0c60bbbbd98b89e76dcd551e00f281e50b933624ee8e990a8df2401cfee87526a2c4f858b34e892b4891a0d024af0be06bb261b32adb1928" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/abort-controller" + } + ] + }, + { + "type": "library", + "name": "express", + "group": "@types", + "version": "4.17.21", + "bom-ref": "@types/express@4.17.21", + "description": "TypeScript definitions for express", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express@4.17.21#types/express", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a394f337d79ab02e96909500d38cf76c50549ce99b0fe0037a0255a7a203e343b0958bb3d8177615cfe098de3136a7061fec4ffb1e50c0374ad5d86c531b41d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "group": "@types", + "version": "1.19.5", + "bom-ref": "@types/body-parser@1.19.5", + "description": "TypeScript definitions for body-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/body-parser@1.19.5#types/body-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/body-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/body-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c1dd9bbddae71abb4890d0930215013b6ff76ff0eb74ecd23729a64890850d5eaf3693878102a51a9de5df95e198f495ac91e4bdcbebb49d7332b2972e42b0a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/body-parser" + } + ] + }, + { + "type": "library", + "name": "connect", + "group": "@types", + "version": "3.4.38", + "bom-ref": "@types/connect@3.4.38", + "description": "TypeScript definitions for connect", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/connect@3.4.38#types/connect", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/connect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/connect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bab9139fd4b0fcf2e0d0a890a4b40e32ccbd586002ba3607ec234bff9938323ca5ac5f50a72745cf48385589e8ebbb519c4642d66fc465cc560946a1946daba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/connect" + } + ] + }, + { + "type": "library", + "name": "express-serve-static-core", + "group": "@types", + "version": "4.19.0", + "bom-ref": "@types/express-serve-static-core@4.19.0", + "description": "TypeScript definitions for express-serve-static-core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express-serve-static-core@4.19.0#types/express-serve-static-core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express-serve-static-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express-serve-static-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.19.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c6c9ea7726a3c246bcb5c2af8ee67ee88818065a67882573e35d70a8f042b4bbc76e6464986abedc1aa77730bd8952c2c6781edf99cd3a298a3d7cb196a8fbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express-serve-static-core" + } + ] + }, + { + "type": "library", + "name": "qs", + "group": "@types", + "version": "6.9.15", + "bom-ref": "@types/qs@6.9.15", + "description": "TypeScript definitions for qs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/qs@6.9.15#types/qs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/qs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/qs/-/qs-6.9.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b971d02844ba0d028a08b878e355effddc313aad53552dc93d432512aa04825be5851e8cc6795ec3f5eafcb4551e92f293b88adf33837b5a981c8325b4eed71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/qs" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "group": "@types", + "version": "1.2.7", + "bom-ref": "@types/range-parser@1.2.7", + "description": "TypeScript definitions for range-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/range-parser@1.2.7#types/range-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/range-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/range-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84aa2b9896e426acd01a1ce26b1e4f22d0d44cc00cf6e1365d7426337eddc9de2154cfb969597ba15c4c554895427da809014dfcb28265dbd2334a4546a6d299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "group": "@types", + "version": "0.17.4", + "bom-ref": "@types/send@0.17.4", + "description": "TypeScript definitions for send", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/send@0.17.4#types/send", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/send", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c7610ce9324ec9b79cedce76057d19b293e874cb1051de4be8f4703ae9d5c955215e205229fdc07b30cbf0382f82de68d147ca35fb80d1e30baf6c0b4f802204" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/mime@1.3.5", + "description": "TypeScript definitions for mime", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mime@1.3.5#types/mime", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mime", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe9c8165648b0f69f475c1c4de1abcb3c66f7044c7b44b85fb713b5d5b74220da7bec5505dd8211d57049085a3cbd034c0a7d39fdedafcf48362884a2259cfff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "group": "@types", + "version": "1.15.7", + "bom-ref": "@types/serve-static@1.15.7", + "description": "TypeScript definitions for serve-static", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/serve-static@1.15.7#types/serve-static", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/serve-static", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/serve-static", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5bc626fa1f2786e47068a3da0f0df8414930b068ba45ce3262abca168e6b9b61541210856f3556af15d4c6e28af130128d6b32b096349ec98d086842388b2b3b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/serve-static" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/http-errors@2.0.4", + "description": "TypeScript definitions for http-errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-errors@2.0.4#types/http-errors", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-errors", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-errors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f408530cb7275b2407a0ccec878ed88a3cb96f9e6de24d9c994526682eada64610dd98b7c858e0983df409e1cbb67ab2a0854fbe42f8dc523a7fe61ee1112a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-errors" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "group": "@types", + "version": "11.0.4", + "bom-ref": "@types/fs-extra@11.0.4", + "description": "TypeScript definitions for fs-extra", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/fs-extra@11.0.4#types/fs-extra", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/fs-extra", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-11.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c936c8b4236b791a28103df7aa3ba73ed8517128c444fd6be0ca8265cef0bf4bb6b149334c5a78e6d8147d2e7eafb16b64f76608235f94b85548ffe8f927a6b1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "group": "@types", + "version": "6.1.4", + "bom-ref": "@types/jsonfile@6.1.4", + "description": "TypeScript definitions for jsonfile", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jsonfile@6.1.4#types/jsonfile", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jsonfile", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jsonfile", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jsonfile/-/jsonfile-6.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f9a86518c23be734d7b1b5d539f7ff9f23eb299f0b53166c903f487e3df20e4a435fa54e803880943a49b88b43a74a4f8dca374f26bc420eba34b09b16951a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jsonfile" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "group": "@types", + "version": "4.0.3", + "bom-ref": "@types/get-installed-path@4.0.3", + "description": "TypeScript definitions for get-installed-path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/get-installed-path@4.0.3#types/get-installed-path", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/get-installed-path", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/get-installed-path/-/get-installed-path-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5deea74eebca3b776e98cb29b267f57b092b7bce5f866426335c88bf67e4c99458a9753538d6001fd6f61cc0e2ca43ef76315485eb9de298b3044a48eede8e53" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "jest", + "group": "@types", + "version": "29.5.12", + "bom-ref": "@types/jest@29.5.12", + "description": "TypeScript definitions for jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jest@29.5.12#types/jest", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jest/-/jest-29.5.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7830bc6d3bd3fd0858771240ba542292e7a2818e40b1d0511f6c83296df2bde5bbb2f637f83ccdf38ff6354824c35d114e225b5aa66b4eda0655d625bc525d2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jest" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "29.7.0", + "bom-ref": "expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@29.7.0#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9992cd217f554b15823591b8742398cfdca1c7c821e991fc87073b125d116097f060f665987cc5bca03f8f74c3e5130cb91cdb11f49bad632ea931e3a1eb59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect-utils@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@29.7.0#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5b0d0568854050958bd4154b1edfe4080c78bc5ef58082b393ee3f63b62dd8c3000f0987d797ee503526aff1757c3759bde1caf94535f6487dc45eb52cd870" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "29.6.3", + "bom-ref": "jest-get-type@29.6.3", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@29.6.3#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cebb5e5e7a98c5f421ee5e451f22f7f232f7f5d8bc1fcac7a1e70b1f724dc47dc1c0eac1b0d79a6dd6a9e5ed08db7943e071c8f16e5514166a1b811aab92cd73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "29.7.0", + "bom-ref": "jest-matcher-utils@29.7.0", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@29.7.0#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b01903f978bd0ed70286c2372f7bb4f8dd28a603d89c244fb4671062b817991fa19adfdf61f5802f4c515d853c79639d7ee2e005ed18096dc016d9d12da82afe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "29.7.0", + "bom-ref": "jest-diff@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@29.7.0#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cc220888ae18a098faecd37247a71521db22122b7bcb14f900a1d3dea34f81b85ef003616841b904835bbc8016014e19dcbbb7b5a040d47c85d5b93a8b4548f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "29.6.3", + "bom-ref": "diff-sequences@29.6.3", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@29.6.3#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12378f2b5b2b0f73f4f28da3e1fd04c67ca5a91b3907db498dca7db7592b1f6a918bc08276c61fc1ef498122eeac5056c2ae2e3a58a9cdf9397c736fc052abf1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "29.7.0", + "bom-ref": "pretty-format@29.7.0", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@29.7.0#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3dd970fe83f137e69776633d474d09542f56545a022d3289bc354b82627ea807df04cc6c57ce65fcbbbbb0dc78cd2ccfca82f67ae226b84c0784e5dd12034565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "29.7.0", + "bom-ref": "jest-message-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@29.7.0#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "181115e064400de3feaad076fbabbad6cb5e6bc98670e4f8982b6b608499c1fbbdfc8487149ff9cce31761ba4113d46c4b9f866fadc35b81609a7289efd29feb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/types@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@29.6.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb750fb088a558a38cdc5f425edac6f0b10998dc70a02402fd7563e082985efbe9c7b4088bf2a0d4b239b83983a4a95a73ad8d52d5fb78b8d187e8d565c2cecf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "29.7.0", + "bom-ref": "jest-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@29.7.0#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfa11b29a8c8a6a18a539eb2e4a054832d5db758a18502605b352564702b03ff97d9a77b09be6217e00ad445952ff068ed1cfdbaeae9ab0e9288109e7d46c218" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/schemas@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@29.6.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a8e63e57fa321998942f78129e4bf72502e7a2a55eca8225f5bcc802c5a9b544d622a84d70eb69f4fed2499c7b635bc647710728e6063ce630379a2d0bfa748" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.27.8", + "bom-ref": "@sinclair/typebox@0.27.8", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.27.8", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f858f8de948cc09b38291ac7ffddfc51ffae0042c881506643383fab5606d74763c9f0374e7ad4f0df17cea0a1fe891976ccea0504d97fdea274c7c4e659f04c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "group": "@types", + "version": "4.0.9", + "bom-ref": "@types/js-yaml@4.0.9", + "description": "TypeScript definitions for js-yaml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/js-yaml@4.0.9#types/js-yaml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/js-yaml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9383066909794c6a3f8a2a6a6f65031b65308d7ce2496921d2ecac41e953949a57d6a1a5a546589bc3e73b80f11b5a81a26b4951d609eaa47ac5d21a875d092e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mocha", + "group": "@types", + "version": "10.0.6", + "bom-ref": "@types/mocha@10.0.6", + "description": "TypeScript definitions for mocha", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mocha@10.0.6#types/mocha", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mocha", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "749beb616c4ffd47179b7e909f7e9fc6150abbc03fc4c457553d9c962145d59ed403d9621b93ec8f77b3352670fb9a6e1f67330d744b7174317fc25b26dd1e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mocha" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "group": "@types", + "version": "4.13.4", + "bom-ref": "@types/mock-fs@4.13.4", + "description": "TypeScript definitions for mock-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mock-fs@4.13.4#types/mock-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mock-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "99798cd28ea550b3c8f33dd7367402a4bd011b13f0c75525d705d810f04697879f4a1cb15b64659f424e3c4586c9969864c33a3955ccff5e7352e14c639da58e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "group": "@types", + "version": "1.3.3", + "bom-ref": "@types/objects-to-csv@1.3.3", + "description": "TypeScript definitions for objects-to-csv", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/objects-to-csv@1.3.3#types/objects-to-csv", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/objects-to-csv", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/objects-to-csv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/objects-to-csv/-/objects-to-csv-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0be7cc752da02beacd51ce620231ff778cfea0d6b272d06ba45e46f433b84a9a81efcc06fd3929d917c8f3fe9a29ffd1f8b39a0117106b14371bfe9498083c19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "group": "@types", + "version": "4.2.3", + "bom-ref": "@types/prompt-sync@4.2.3", + "description": "TypeScript definitions for prompt-sync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prompt-sync@4.2.3#types/prompt-sync", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prompt-sync", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prompt-sync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prompt-sync/-/prompt-sync-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b1efb8024b1d18c9e6a41adfea7ce6544853524a2fac877001a063a20b088ed8a383c78f760499d49bda085d2f801c9b6aa75da233845db98eaf89327d6d8c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "tmp", + "group": "@types", + "version": "0.2.6", + "bom-ref": "@types/tmp@0.2.6", + "description": "TypeScript definitions for tmp", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/tmp@0.2.6#types/tmp", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/tmp", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/tmp/-/tmp-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72185a35fda82879519031adfad88a136679689eaa6a59bb67dae52dd07098e88001fd3d610befa0b5e358ae0758f175c54fdfaaf3207cd7e956806c700fed28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/tmp" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "9.0.8", + "bom-ref": "@types/uuid@9.0.8", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@9.0.8#types/uuid", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0fbdec4188718f4018724945a68f5607ad283b2b4e06d18d0e4cb208e1fc340a1059740edc91aff5423b20f54f647530d7963cafeeec9a068650d99ca0407c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@7.12.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/eslint-plugin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5f757dc6ee0dffdddd2f28db5fabdd99dc18891effe7969341293b6d4b5e10df2da86b89917d0868f87db01eb448e56817637529bd6ba55e5dba5b4fa678d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "group": "@eslint-community", + "version": "4.10.0", + "bom-ref": "@eslint-community/regexpp@4.10.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/regexpp@4.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aef7a49dd81cbd982353c768b228e9aad74bf6da351542fd25427946372d7aa04f79f3dc84f900033dbacc182900e7570a6528373eefda4c955319f2ffaa350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/parser@7.7.1", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@7.7.1#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be63f304e3adcf8f05e89006552fe46589381245daa3a886ac3f37f2ca75c37350402d16f2bcbfabae35294e0fac6ec028d01fe7a34e711f063a91fc97d14f0b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/scope-manager@7.7.1", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.7.1#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f2b4189fd9217ef52a4450aca7627e60d511c575d254732ca71a9ced5f797f8a4eca99912fd7d5823215019075cf53d7acfd55860f7ff3837c20f74f83876ac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/types@7.7.1", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.7.1#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0263e69c65b564b4e959afbfda898facf7d1ec171b514e2885ae5521b49b4b56b54eff7ae9b925bcb357c69de6adb73e3f68f830d3937c37df36c938a3473aff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/visitor-keys@7.7.1", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.7.1#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8012f712adb9b800f0d4b43d915a5fde144cf835b3b34b999271d82b786ae237133ea5420a51c60e707a514515d9215e05e0382961d66db2ea99b19c6781586f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/typescript-estree@7.7.1", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.7.1#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977b4247097aeef056b7e9db5e5ea987d98c6780a2639102e3c73a23e8b630cd9eea66f82c2d273e7aa22d0aba88a29f1597650aa008b44ad556bbdec541921" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-api-utils", + "version": "1.3.0", + "bom-ref": "ts-api-utils@1.3.0", + "author": "JoshuaKGoldberg", + "description": "Utility functions for working with TypeScript's API. Successor to the wonderful tsutils. 🛠️️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-api-utils@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/JoshuaKGoldberg/ts-api-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "510308a3ba5bf1646898a475ffe30554b4eba08bc356d317dcae8e522afcca72f2cc1f097ab8a89edd9b4c0b6634f6b57a402037b60f0f27fa57eca0add53e79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-api-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "3.4.3", + "bom-ref": "eslint-visitor-keys@3.4.3", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2973e2d77a2ca28acc4f944914cd4eacbf24b57eb20edcc8318f57ddcbb3e6f1883382e6b1d8ddc56bf0ff6a0d56a9b3a9add23eb98eb031497cfdad86fa26a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "8.57.0", + "bom-ref": "eslint@8.57.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@8.57.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "759ebe99ec6769321b481656828bb9d54e8e9b322160cd9570d76d893b48eea3cd666df9024a6bd1feafb70df0d4a9a7e4f628fad6557e1d775ab8694baa0ba9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0", + "description": "Type utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/type-utils@7.12.0#packages/type-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/type-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9626fdeadc91b4c84bc706ae0d6529fee5b714c84b03a0f4ac9f13ec7987ef1db71a4d46c30bbc519f7834c5c1bce10b9fa7e548f881ac22a57a19225f26aac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0", + "description": "Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/utils@7.12.0#packages/utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63a861c31c03c78d473698ee62cc18a7a8036e4899f078a7f417f9689427d5ba53b3769f618e065fe30f63199af23b68215d864704ccfd4266ff6b86095bfe0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "group": "@eslint-community", + "version": "4.4.0", + "bom-ref": "@eslint-community/eslint-utils@4.4.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/eslint-utils@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d7fb00e1dc2bcc1032794a10ea8c5a8472a6ad9bec9cb0a0e117f15b76451869909123503c534b57d09410540fd71f446171d3a39a7ac5d85933535ef69fc07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graphemer", + "version": "1.4.0", + "bom-ref": "graphemer@1.4.0", + "author": "Matt Davies", + "description": "A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/graphemer@1.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/flmnt/graphemer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flmnt/graphemer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flmnt/graphemer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12d2b0a0eea4c422fd58ee718a98874d9952cc19bb58b4fadbb4ea0bfb9545dd072a6abc357c9e6e7358c43a018bbc2df1e4d6ad4aca5c2395685abdc759206a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graphemer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accurate-search", + "version": "1.2.15", + "bom-ref": "accurate-search@1.2.15", + "author": "Florin Mirel Dumitrescu", + "description": "The fastest and most accurate javascript full-text search library. Accurate search uses match distance algorithm to return the accurate order of the matching items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/accurate-search@1.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/florind9/accurate-search.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://accuratesearch.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/florind9/accurate-search/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accurate-search/-/accurate-search-1.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2356977547875158d69468d26c177c35a304fc2414f78d87dad1cc12e6797adff16f9da60e18a421e6c08bdb9f12801ef25c331eb6c29784797ae099f0aff07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accurate-search" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "8.16.0", + "bom-ref": "ajv@8.16.0", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@8.16.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ajv.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-8.16.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "174b7047c535654ebb24812d7a451c2e45e4a0ee6630c9a0183f2c2bfc5417327cd398f11d097dda1226140aaa5ccc8c62348f3b250f0301d8841ef6839b135f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ajv" + } + ] + }, + { + "type": "library", + "name": "fast-deep-equal", + "version": "3.1.3", + "bom-ref": "fast-deep-equal@3.1.3", + "author": "Evgeny Poberezkin", + "description": "Fast deep equal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-deep-equal@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/fast-deep-equal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f7a90f68432f63d808417bf1fd542f75c0b98a042094fe00ce9ca340606e61b303bb04b2a3d3d1dce4760dcfd70623efb19690c22200da8ad56cd3701347ce1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-deep-equal" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "1.0.0", + "bom-ref": "json-schema-traverse@1.0.0", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34cf3f3fd9f75e35e12199f594b86415a0024ce5114178d6855e0103f4673aff31be0aadaa9017f483b89914314b1d51968e2dab37aa6f4b0e96bb9a3b2dddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-schema-traverse" + } + ] + }, + { + "type": "library", + "name": "require-from-string", + "version": "2.0.2", + "bom-ref": "require-from-string@2.0.2", + "author": "Vsevolod Strukchinsky", + "description": "Require module from string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-from-string@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/require-from-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dfd2759ee91b1ece214cbbe029f5b8a251b9a996ae92f7fa7eef0ed85cffc904786b5030d48706bebc0372b9bbaa7d9593bde53ffc36151ac0c6ed128bfef13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-from-string" + } + ] + }, + { + "type": "library", + "name": "uri-js", + "version": "4.4.1", + "bom-ref": "uri-js@4.4.1", + "author": "Gary Court", + "description": "An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/uri-js@4.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/garycourt/uri-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/garycourt/uri-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/garycourt/uri-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eeb294cb2df7435c9cf7ca50d430262edc17d74f45ed321f5a55b561da3c5a5d628b549e1e279e8741c77cf78bd9f3172bacf4b3c79c2acf5fac2b8b26f9dd06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uri-js" + } + ] + }, + { + "type": "library", + "name": "punycode", + "version": "2.3.1", + "bom-ref": "punycode@2.3.1", + "author": "Mathias Bynens", + "description": "A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/punycode@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/punycode.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/punycode", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/punycode.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8b7b503d54f5683ad77f2c84bb4b3af740bbef03b02fe2945b44547707fb0c9d712a4d136d007d239db9fe8c91115a84be4563b5f5a14ee7295645b5fabc16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/punycode" + } + ] + }, + { + "type": "library", + "name": "form-data", + "version": "4.0.0", + "bom-ref": "form-data@4.0.0", + "author": "Felix Geisendörfer", + "description": "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data@4.0.0", + "externalReferences": [ + { + "url": "git://github.com/form-data/form-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/form-data/form-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/form-data/form-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1131249521a2e6dd10319ba25e803f43abdc9f170b40fe6f76e812a6e0328ba4951a2d9c94f3e9fb180486e31a1c2fb31a09f7d4a776df95b7e5fec7ca491ac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data" + } + ] + }, + { + "type": "library", + "name": "proxy-from-env", + "version": "1.1.0", + "bom-ref": "proxy-from-env@1.1.0", + "author": "Rob Wu", + "description": "Offers getProxyForUrl to get the proxy URL for a URL, respecting the *_PROXY (e.g. HTTP_PROXY) and NO_PROXY environment variables.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-from-env@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/Rob--W/proxy-from-env.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fece439109b03d7f5b5d5912b445a091dc63efe7470cc5caf3e17f24e4b4d2503d43930e3b98a24465036e9c8b514e45b082d6944a8d515454481bd65788562" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-from-env" + } + ] + }, + { + "type": "library", + "name": "assertion-error", + "version": "1.1.0", + "bom-ref": "assertion-error@1.1.0", + "author": "Jake Luer", + "description": "Error constructor for test and validation frameworks that implements standardized AssertionError specification.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/assertion-error@1.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/assertion-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/assertion-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/assertion-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0b1a35dbb3fa776f1b216ddee4ae5aabf2e250a72098a8beda2e40de4964738a092d90ba111d6dc407161564b33d8dd94f615c9a3ca1d1bb113c969447ae0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/assertion-error" + } + ] + }, + { + "type": "library", + "name": "check-error", + "version": "1.0.3", + "bom-ref": "check-error@1.0.3", + "author": "Jake Luer", + "description": "Error comparison and information related utility for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/check-error@1.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/check-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/check-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/check-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88a1280d869199dd66c4cf746b63847d6863b233e960fb90fa5318b28c41d76ebeb7c7f0ef24843b8f2798383908e4e3c4323ae7f636396a5e10793764e7bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/check-error" + } + ] + }, + { + "type": "library", + "name": "get-func-name", + "version": "2.0.2", + "bom-ref": "get-func-name@2.0.2", + "author": "Jake Luer", + "description": "Utility for getting a function's name for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-func-name@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/get-func-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/get-func-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/get-func-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2f5cebee135ebb0ad21cdcec88b5ca3b37f76946d05b60eb0fb170b3ed7fcf3279468d88d21ae64980cd58ee699ec3b04a7fd06abcb5f6b67395cb504152cc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-func-name" + } + ] + }, + { + "type": "library", + "name": "deep-eql", + "version": "4.1.3", + "bom-ref": "deep-eql@4.1.3", + "author": "Jake Luer", + "description": "Improved deep equality testing for Node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-eql@4.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/deep-eql.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/deep-eql#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/deep-eql/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "59a12d00ea51035310d1ea21a998e9183f33748d0ebec9bc9a616168337c76f0d9cf2a1431c6039dfe58ea2bbb1d35f17fc2434b6dea59ae1afa12820f238fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-eql" + } + ] + }, + { + "type": "library", + "name": "loupe", + "version": "2.3.7", + "bom-ref": "loupe@2.3.7", + "author": "Veselin Todorov", + "description": "Inspect utility for Node.js and browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/loupe@2.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/loupe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/loupe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/loupe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/loupe/-/loupe-2.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd230834655891da5848e0662e2d03d54a3b254f6755d40aac7c42f1e62557ef5828af5678fa8094bee54a5a2b1bf536170d70d214c199a6bf8eb43751b3c7b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/loupe" + } + ] + }, + { + "type": "library", + "name": "pathval", + "version": "1.1.1", + "bom-ref": "pathval@1.1.1", + "author": "Veselin Todorov", + "description": "Object value retrieval given a string path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pathval@1.1.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/pathval.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/pathval", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/pathval/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e9eb31aaa537444dd47ade57a12583de20eaa988d04db5cec1a5648bace8deed4688b04e5a63ddabfc0ba7400eebb17bdeb7796b277267657dbd50f4ca5f229" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pathval" + } + ] + }, + { + "type": "library", + "name": "colors", + "version": "1.4.0", + "bom-ref": "colors@1.4.0", + "author": "Marak Squires", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colors@1.4.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/Marak/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Marak/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Marak/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6be52a4e1e2481983f4a51af7dbcc31e9811bbb00040e9a6a911c99f185164808a1544fdd5bad584d36de7c08c594f4fb016efdcf0c26541db571b83887da6b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colors" + } + ] + }, + { + "type": "library", + "name": "csv-parse", + "version": "4.16.3", + "bom-ref": "csv-parse@4.16.3", + "author": "David Worms", + "description": "CSV parsing implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parse@4.16.3", + "externalReferences": [ + { + "url": "git+https://github.com/wdavidw/node-csv-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/parse/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wdavidw/node-csv-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70ed48ff39b3e30d9d70a1d5be90abec9551bbcfc5ca61b9384a66bec65895c718a253c12e85462941e03687386469057859561840e633204cf934ea45d5bfc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parse" + } + ] + }, + { + "type": "library", + "name": "dotenv", + "version": "16.4.5", + "bom-ref": "dotenv@16.4.5", + "description": "Loads environment variables from .env file", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/dotenv@16.4.5", + "externalReferences": [ + { + "url": "git://github.com/motdotla/dotenv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/motdotla/dotenv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/motdotla/dotenv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66674bdabba2f9e07663086c5b38c89d1f0b95db591c60e8435ba01fce69a472b0a541cbee3eeb3744e2f4d0a71a241b85a675d45a51fbb6a8d5d36c99db8d52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dotenv" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif-typescript", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3", + "author": "oclif", + "description": "eslint config for Typscript'd oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif-typescript@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif-typescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif-typescript/-/eslint-config-oclif-typescript-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4de24a5d6050dee28cb73833fbe505356a5ed560b1f267ea46ecd9cb52e2ad112046556feb9e929151b880d65ab79ad13484207c39934be61e6f12b4da47f294" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "experimental-utils", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0", + "description": "(Experimental) Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/experimental-utils@4.33.0#packages/experimental-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/experimental-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cde4233a8112e491634e7021239418ed9be27333330e9b65b35e4616c23a8f250eab490e7fdf96a27921b652218744601d19ea8f981d3715b98f512f032620e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema", + "group": "@types", + "version": "7.0.15", + "bom-ref": "@types/json-schema@7.0.15", + "description": "TypeScript definitions for json-schema", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-schema@7.0.15#types/json-schema", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-schema", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-schema", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7e7cff0ff0c14d0be0326420f1ac1da991914f1b3a90594ce949ebae54bbe6f1531ca2b3586af06aa057312bc6d0cf842c6e7e2850411e9b8c032df732b061c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tsutils", + "version": "3.21.0", + "bom-ref": "tsutils@3.21.0", + "author": "Klaus Meinhardt", + "description": "utilities for working with typescript's AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsutils@3.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajafff/tsutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajafff/tsutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajafff/tsutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsutils/-/tsutils-3.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "98728ade25172fedd417ac4be64d0f12129150128f042bfff919043a98d15b1c71dbb28a4419a603ad00f6980e52f322f062a144c3c49a30513f3b365bb3b538" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esrecurse", + "version": "4.3.0", + "bom-ref": "esrecurse@4.3.0", + "description": "ECMAScript AST recursive visitor", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esrecurse@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esrecurse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esrecurse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esrecurse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a67ca2f76fa1be457bcff0dd6faf74ead642ffa021609f63585c4b6a3fcfcbde929aa540381bc70555aa05dd2537db7083e17ca947f7df8a81e692d8bafd36a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esrecurse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "3.0.0", + "bom-ref": "eslint-utils@3.0.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae402e3720672dc3af29240d5181b412f3f34feeb721e82c1de23dd906d828e3ff05963e1e184ed96126513778aae69554bfa18f756e59d511657a8f38b8b0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "highlight", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/highlight@7.24.2", + "author": "The Babel Team", + "description": "Syntax highlight JavaScript strings for output in terminals.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/highlight@7.24.2#packages/babel-highlight", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-highlight", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-highlight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61a7356a8e1f9644f14ed7820d92c4bddc60d9f65fcf5bfc338429686ca9abf58f0ea8378a31d86c37ecf8b1b986fcd2a2a69267dfd9f652923f70a3663bfea4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight" + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "13.24.0", + "bom-ref": "globals@13.24.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@13.24.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0213b9414723f2596b6c6d3d89684f536076d38275c673de2fc910995a2b4accbe4a38f5b24f2023287a714a1c1a61f82f452e840272fa124c440e26800e2615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "doctrine", + "version": "3.0.0", + "bom-ref": "doctrine@3.0.0", + "description": "JSDoc parser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/doctrine@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/doctrine.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/doctrine", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/doctrine/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c92f90e62de105fec6064778286f1aede04d3563462d3684c306165228c860cef3ae56033340455c78e33d6956675460ed469d7597880e68bd8c5dc79aa890db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/doctrine" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "enquirer", + "version": "2.4.1", + "bom-ref": "enquirer@2.4.1", + "author": "Jon Schlinkert", + "description": "Stylish, intuitive and user-friendly prompt system. Fast and lightweight enough for small projects, powerful and extensible enough for the most advanced use cases.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enquirer@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/enquirer/enquirer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/enquirer/enquirer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/enquirer/enquirer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad1a8983fea0779dfc547bd1dcf4ab75105bff5572d987f31eacef6e11884290d12886b816057fe786f9435c584b138ec0abe35f0792dba13443e9c0330a76a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enquirer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-colors", + "version": "4.1.1", + "bom-ref": "ansi-colors@4.1.1", + "author": "Brian Woodward", + "description": "Easily add ANSI colors to your text and symbols in the terminal. A faster drop-in replacement for chalk, kleur and turbocolor (without the dependencies and rendering bugs).", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-colors@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/ansi-colors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/ansi-colors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/ansi-colors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2685f46a919b1da50904d97ac85fa9e89005619ebaebf86108628de6df501636c940a514fe0f0c35b1436ef7eb80a5ef23542966994f3a7c08a3df655ff00098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-colors" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn-jsx", + "version": "5.3.2", + "bom-ref": "acorn-jsx@5.3.2", + "description": "Modern, fast React.js JSX parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-jsx@5.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn-jsx.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aeaf6cf893617f4202863b435f196527b838d68664e52957b69d0b1f0c80e5c7a3c27eef2a62a9e293eb8ba60478fbf63d4eb9b00b1e81b5ed2229e60c50d781" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-jsx" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esquery", + "version": "1.5.0", + "bom-ref": "esquery@1.5.0", + "author": "Joel Feenstra", + "description": "A query library for ECMAScript AST using a CSS selector like query language.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/esquery@1.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esquery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esquery/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esquery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6102d7529940c09802c9d43bf08309cb064271ea2a935a07d3538445d48025cffb5360329708e14822c312dab083cd7589d212ffd7c85391a31bbdc882328c56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esquery" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esutils", + "version": "2.0.3", + "bom-ref": "esutils@2.0.3", + "description": "utility box for ECMAScript language tools", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esutils@2.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/esutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esutils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "915b1ca97938382a7af126747648042958baffc8a3df4d0a0564c9ab7d8ffdd61e5934b02b8d56c93c5a94dd5e46603967d514fcb5fd0fb1564a657d480631ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "file-entry-cache", + "version": "6.0.1", + "bom-ref": "file-entry-cache@6.0.1", + "author": "Roy Riojas", + "description": "Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/file-entry-cache@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/royriojas/file-entry-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec6a6cfd75b299b2e4d902d82b8373a4c3ab623321748c57b88bf2d9006c2c4ea58eea1d2af7645acfdca72249dc25485691f43a2d47be0d68bdb3332dd14106" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/file-entry-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "functional-red-black-tree", + "version": "1.0.1", + "bom-ref": "functional-red-black-tree@1.0.1", + "author": "Mikola Lysenko", + "description": "A fully persistent balanced binary search tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/functional-red-black-tree@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/mikolalysenko/functional-red-black-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76c28d40d763eb10374fe4250030c0ee6392957d2a88c20d8e7d1c82bf9e1871ac6d21f34da6dc228833dbea7f8aa3f55ece843ffb12d926ea1fe6eb1936ead2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/functional-red-black-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2665cc67ac2ebc398b88712697dca4cea3ba97015ba1fd061b822470668435d0910c398c5679f2eece47b0880709b6aad30d8cc8f843aa48535204b62d4d8f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/imurmurhash" + } + ] + }, + { + "type": "library", + "name": "json-stable-stringify-without-jsonify", + "version": "1.0.1", + "bom-ref": "json-stable-stringify-without-jsonify@1.0.1", + "author": "James Halliday", + "description": "deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/samn/json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d6e8cbe97bb40dce196e858f21475a43f92ee0728f54e4df72e3caad1ac72cdd93dfff2528b6bb77cfd504a677528dc2ae9538a606940bbcec28ac562afa3f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stable-stringify-without-jsonify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "levn", + "version": "0.4.1", + "bom-ref": "levn@0.4.1", + "author": "George Zahariev", + "description": "Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/levn@0.4.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/levn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/levn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/levn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9b4f6b87e04e4b184ee1fe7ddebdc4bfb109495c2a48a7aca6f0e589e5e57afbaec3b2a97f2da693eea24102ddabcdfa1aff94011818710e2c7574cb7691029" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/levn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.merge", + "version": "4.6.2", + "bom-ref": "lodash.merge@4.6.2", + "author": "John-David Dalton", + "description": "The Lodash method `_.merge` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.merge@4.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0aa63a97455beb6320ac5f5b3047f5d32b4bdae9542440ce8c368ecfa96efb0728c086801103c11facfd4de3e2a52a3f184b46540ad453fd852e872603ba321" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.merge" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "optionator", + "version": "0.9.3", + "bom-ref": "optionator@0.9.3", + "author": "George Zahariev", + "description": "option parsing and help generation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/optionator@0.9.3", + "externalReferences": [ + { + "url": "git://github.com/gkz/optionator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/optionator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/optionator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2630a8ca9a7e8ca9f5b6d105131c617ad08a789b7dce102002f7b91571e2c53bc50d6ff968492d5fd6ee7c128b45131d53b6cdb692df706bbde01ddc7442608e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "progress", + "version": "2.0.3", + "bom-ref": "progress@2.0.3", + "author": "TJ Holowaychuk", + "description": "Flexible ascii progress bar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/progress@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/node-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-progress#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecf887b4b965e4b767288330d74d08fbcc495d1e605b6430598913ea226f6b46d78ad64a6bf5ccad26dd9a0debd979da89dcfd42e99dd153da32b66517d57db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/progress" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "version": "3.2.0", + "bom-ref": "regexpp@3.2.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexpp@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6ad9b5a8f66543e379dbb6cdb01afd7b5cb88d2f26be1a4959f246832d5d99d3c8030ac1a99ca9fd04531ea6f5ae1c26f256f63b279a39f8156fa106e69492e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "table", + "version": "6.8.2", + "bom-ref": "table@6.8.2", + "author": "Gajus Kuizinas", + "description": "Formats data into a string table.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/table@6.8.2", + "externalReferences": [ + { + "url": "git+https://github.com/gajus/table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/table#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gajus/table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/table/-/table-6.8.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c36b1fbfcd27ac08765426ea47900adbbc2cc1786a71c9360217e7356efa6de417b24199d55d761b04bfff26156b77777dcbc08a9d8e5276c30235b6937bfd7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/table" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37ef148ac0170c693c3c55cfe07033551f676df995277cd82c05a24c8a2a0b9bf98ac8a786bfabe6e68ef3eeebdc131fb8d22e7c8b00ed176956069c0b6712a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-table" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache", + "version": "2.4.0", + "bom-ref": "v8-compile-cache@2.4.0", + "author": "Andres Suarez", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache@2.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/zertosh/v8-compile-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1cc967376c01c107f82ecaa250548e68e016643e1ce73d8506d9e6bcd06a2777f060356a5aa7c4ce98b49e7901bb6e787628c212c6c91d0031b9f63ef3aee87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confusing-browser-globals", + "version": "1.0.10", + "bom-ref": "confusing-browser-globals@1.0.10", + "description": "A list of browser globals that are often used by mistake instead of local variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/confusing-browser-globals@1.0.10#packages/confusing-browser-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/create-react-app.git#packages/confusing-browser-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/create-react-app#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/create-react-app/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/confusing-browser-globals/-/confusing-browser-globals-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80d95dff7972487c2e85a565b8950a2de3d88ab33740d08acd5c6a01d849208f7f5972955f93d447331526ca52d634ec952aa37ae1b828c5534a8ba2b7960f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/confusing-browser-globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-mocha", + "version": "9.0.0", + "bom-ref": "eslint-plugin-mocha@9.0.0", + "author": "Mathias Schreck", + "description": "Eslint rules for mocha.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-mocha@9.0.0", + "externalReferences": [ + { + "url": "git://github.com/lo1tuma/eslint-plugin-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-mocha/-/eslint-plugin-mocha-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77b92701c423d633c2cd97f771a781227dc19d6ea291cbdfcf4912a90a703d871518ba09579b33d25d0e241d8b47c23b76f4c36eaab5a15eb29614a0cc0d74ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ramda", + "version": "0.27.2", + "bom-ref": "ramda@0.27.2", + "author": "Scott Sauyet", + "description": "A practical functional library for JavaScript programmers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ramda@0.27.2", + "externalReferences": [ + { + "url": "git://github.com/ramda/ramda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ramdajs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ramda/ramda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ramda/-/ramda-0.27.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b88b3d4e3426e2678877b141202069ddf685fc1df834547701763e556e2394590f4fef6a151ca3b47cbc3f3a27fb5c10a285f6f66b515c20b66182aa508ac8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ramda" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-node", + "version": "11.1.0", + "bom-ref": "eslint-plugin-node@11.1.0", + "author": "Toru Nagashima", + "description": "Additional ESLint's rules for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-node@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-node/-/eslint-plugin-node-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a14c2d3c9d56d12283d13afec2abbdd9ce71b82790a81de14821dab27fd982315d03d88318d90d7f6662f73b58ed7fa136e3226f6dcb346466ebeb8df8a2c4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-es", + "version": "3.0.1", + "bom-ref": "eslint-plugin-es@3.0.1", + "author": "Toru Nagashima", + "description": "ESLint plugin about ECMAScript syntactic features.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-es@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-es.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-es/-/eslint-plugin-es-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "194980b0968de0573b19bb65f2e38195aca8d83aa1c16bc4cf290c1d20991d4dd7749f8d4b3cd97158578775715f989ca90fa841d2046b05d7f31911de620599" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif", + "version": "4.0.0", + "bom-ref": "eslint-config-oclif@4.0.0", + "author": "Jeff Dickey @jdxcode", + "description": "eslint config for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif/-/eslint-config-oclif-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6d91441e0b7deb1c0849c5a19e0466087e50cbba6795daa0ffe172c1757841ffa17ff899f075c7bdc181d2be4c74254a9441286942ff09115901a7fcf30fb86" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.27.0", + "bom-ref": "eslint-config-xo-space@0.27.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.27.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.27.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fc5235be9d0c8e921880355a48a6daa528fc84ed7472438d2e435368061cd57eef798317d91aba658aaf191c1a5a385db008b65a7b14d28e0ed1be6f7dbe3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.35.0", + "bom-ref": "eslint-config-xo@0.35.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f96c994cb594265bc4c45ac153f2ddc3c001fd2d1ddf1fb6e8941d0566dcaa283665a5a1d338a761c1e893e113e08a0f68471145fdc513d92322d3558c1c2702" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "helper-validator-identifier", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-validator-identifier@7.22.20", + "author": "The Babel Team", + "description": "Validate identifier/keywords name", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-identifier@7.22.20#packages/babel-helper-validator-identifier", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-identifier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "638399fb2b656ad47c008fbc2997cab8be6eacaa7ba9ecb4f216b7d4bf1bdc1c1ec0902825a993cf2bf13d1ff90fe2a47490863eaffef13ba41c1958d74157f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-identifier" + } + ] + }, + { + "type": "library", + "name": "clean-regexp", + "version": "1.0.0", + "bom-ref": "clean-regexp@1.0.0", + "author": "Sam Verschueren", + "description": "Clean up regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-regexp@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SamVerschueren/clean-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-regexp/-/clean-regexp-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19f8ac119109bf32ab9865a4bdf860cdccff06594dd5449ea83d95ead835e0e00e81a083d99fcf504bb19c067f9cfbe6687446edaf32efba754ff2114380f51f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-template-visitor", + "version": "2.3.2", + "bom-ref": "eslint-template-visitor@2.3.2", + "licenses": [ + { + "expression": "GPL-3.0-or-later OR MIT" + } + ], + "purl": "pkg:npm/eslint-template-visitor@2.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/futpib/eslint-template-visitor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-template-visitor/-/eslint-template-visitor-2.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df2761a85a6e57bc7533d10ae7604f363e95d0ac2ed0a2a470801fa548701db47ca1c4659ffa141e07f142ea58f0ed61e10bff3ce1c3ba66ff070c0d7f16ed9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/eslint-parser@7.24.1", + "author": "The Babel Team", + "description": "ESLint parser that allows for linting of experimental syntax transformed by Babel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/eslint-parser@7.24.1#eslint/babel-eslint-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#eslint/babel-eslint-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/eslint-parser/-/eslint-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77982ebb33253de0df6486e943cfa0d4d68236e00604118d1028741d5ab3d6c8ce7952e1d8211a89fb8ecac087d7c5115ba47ba6a5c836f7f93da47f742ea32d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope-5-internals", + "group": "@nicolo-ribaudo", + "version": "5.1.1-v1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "description": "Proxy package exposing internals of eslint-scope@5 for @babel/eslint-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@nicolo-ribaudo/eslint-scope-5-internals/-/eslint-scope-5-internals-5.1.1-v1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e78fc946f90b233cc35ac84259fba169d7eb7d954f884958f057209a0d47ae8125cbf1034accf384102c6ab0aec7e0ff90eb254d1aae373bb21929944934c71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "multimap", + "version": "1.1.0", + "bom-ref": "multimap@1.1.0", + "author": "villa.gao", + "description": "multi-map which allow multiple values for the same key", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/multimap@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/villadora/multi-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/villadora/multi-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/villadora/multi-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/multimap/-/multimap-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d19211f4f6ac3f1197991b0417c8ec0f39ddcc70e3eed21abfe2549af20507f587b30962167aaec44093fc37bb191e3283df64cbf36544a253f361b5cb6ef56f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/multimap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "3.2.1", + "bom-ref": "is-builtin-module@3.2.1", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0522c4dc79d5dacc99d052b488c03fc941a995478c98dcf8016e5f9d3ba76c222a662e2f1b75a3253f451cccb90faf719806011d742125d00b769c15c55e74d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-builtin-module" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pluralize", + "version": "8.0.0", + "bom-ref": "pluralize@8.0.0", + "author": "Blake Embrey", + "description": "Pluralize and singularize any word", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pluralize@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/blakeembrey/pluralize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35cdc84f9c87cdf9537db8e0a967023e9a3b0da2b2e059e907497fcc2016d1373b8f1022baa4b11dab27b41dc3efcf3b2d2ac0f7790327d217a2fc49631c8b08" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pluralize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "7.0.1", + "bom-ref": "read-pkg-up@7.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccad1307b5dde89a422e694b9ae7eaca4184fbf4e539e3c3eaa28294d5bb8470ca161fc9effee0096191ee3a044045b56caab76b7c9465239b3a858b150e2886" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexp-tree", + "version": "0.1.27", + "bom-ref": "regexp-tree@0.1.27", + "author": "Dmitry Soshnikov", + "description": "Regular Expressions parser in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexp-tree@0.1.27", + "externalReferences": [ + { + "url": "git+https://github.com/DmitrySoshnikov/regexp-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.27.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8844f1a632ba628456246e68ea15cbc2f8d80285be144667f68b343c3fdbe803fac50c2c6bf63b942560222c416d43cc7e1bbe8b62ed75e02a5538069506ab7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexp-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safe-regex", + "version": "2.1.1", + "bom-ref": "safe-regex@2.1.1", + "author": "James C.", + "description": "detect possibly catastrophic, exponential-time regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-regex@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/davisjam/safe-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/davisjam/safe-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davisjam/safe-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af1fb1f0033329be50e6543de59a22e996c9ab008b92a8b75ee257a793f7ad3f0e11ceac642246e40139754de5b2046bfc5e01b37d634a554dfa3e4aaec1aef4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-regex" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "52.0.0", + "bom-ref": "eslint-plugin-unicorn@52.0.0", + "author": "Sindre Sorhus", + "description": "More than 100 powerful ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@52.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-52.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58ce6eff9bed11e1d8c7d2d8c38df55e8bf8eedb0dc0cd41a31baabc267b8d20be71230b1f9720a8a16e6c7c1bd0a76a4c61015259608538db2309ac751079e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "2.1.4", + "bom-ref": "@eslint/eslintrc@2.1.4", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbaf59dfd312eb0549b6ca14975d0beb459d92125574f1b6e10e1e6531f79e717a969bd24a110adf04230d7f494560143ef3e1ec23a8b8fa54f48aea69916fb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "9.6.1", + "bom-ref": "espree@9.6.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@9.6.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/espree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-9.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2bb99685923a2b4e9177da40d2239ffbe558b019e6608a7186cb636839283743d6e7c259e60e6e072e7925d111379fe9e30d7474dfb698d7ec79f19ff315dc1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parent-module", + "version": "1.0.1", + "bom-ref": "parent-module@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the path of the parent module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parent-module@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parent-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190d84591a5057cfe8f80c3c62ab5f6593df3515996246e2744f64e6ba65fe10b7bed1c705f1a6d887e2eaa595f9ca031a4ad42990311372e8b7991cb11961fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parent-module" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "4.0.0", + "bom-ref": "resolve-from@4.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5bfcc6265ecb40932b11171f2988d235b4614d408140def904dc6ab812e035745ea01e9ffebe066ab021896a9bf2f0ddd0fb8a3b170beab8f25c9d9ed1632e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4dd1ea8067fda1d77c49736ec6d501571f0dbfea9939e8c4eaacaa8b2e4db5b61840e7856bace61e4c653f399a2f15961ec53a9c9981ec01137553e2fb634152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core-js-compat", + "version": "3.37.0", + "bom-ref": "core-js-compat@3.37.0", + "author": "Denis Pushkarev", + "description": "core-js compat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-js-compat@3.37.0#packages/core-js-compat", + "externalReferences": [ + { + "url": "git+https://github.com/zloirock/core-js.git#packages/core-js-compat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/zloirock/core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zloirock/core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8ab82fe4fc692e54b858385300e173b60d45655e559c25b5a77d0bf8d5dd1d8b8153a94bd043afb97f58be8137475b5779355de8cf4c7aaa133260b1ad1fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-js-compat" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browserslist", + "version": "4.23.0", + "bom-ref": "browserslist@4.23.0", + "author": "Andrey Sitnik", + "description": "Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/browserslist@4.23.0", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/browserslist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/browserslist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/browserslist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "416f0788cd6c8614f61aece4be495f8dc2838961571ce78508803f86e24fc07b2c97073276093b5fecf6cd7a448a33fdf14098ec76ee6d9b79276660bdfd0269" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browserslist" + } + ] + }, + { + "type": "library", + "name": "caniuse-lite", + "version": "1.0.30001612", + "bom-ref": "caniuse-lite@1.0.30001612", + "author": "Ben Briggs", + "description": "A smaller version of caniuse-db, with only the essentials!", + "licenses": [ + { + "license": { + "id": "CC-BY-4.0" + } + } + ], + "purl": "pkg:npm/caniuse-lite@1.0.30001612", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/caniuse-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001612.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "945827674ed485a09cb12660596d0ae63e1eebd74ad6efe5b6b2fd95352214ec0d1ecd764b750c204620055d19e82ea14437afee2467333cd898a69b61d5c5f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/caniuse-lite" + } + ] + }, + { + "type": "library", + "name": "electron-to-chromium", + "version": "1.4.747", + "bom-ref": "electron-to-chromium@1.4.747", + "author": "Kilian Valkhof", + "description": "Provides a list of electron-to-chromium version mappings", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/electron-to-chromium@1.4.747", + "externalReferences": [ + { + "url": "git+https://github.com/kilian/electron-to-chromium.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.747.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f859d2599200bc51dbb0d566531844a9689a3a23cc71fba6d464339560a0ff02e2815b6c84eb235c7c8415f9ade9c14aebe1e44b740e241bfaff738fba66c17f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/electron-to-chromium" + } + ] + }, + { + "type": "library", + "name": "node-releases", + "version": "2.0.14", + "bom-ref": "node-releases@2.0.14", + "author": "Sergey Rubanov", + "description": "Node.js releases data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-releases@2.0.14", + "externalReferences": [ + { + "url": "git+https://github.com/chicoxyzzy/node-releases.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb5d30396b7cc99a6a5e63a0468efb59a1c49a1610606340eb2e36d4f2ac2985842bc696f9ca80a616e8ad90e1a9fc8aadb64437dd823755f629b69f636b3b63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-releases" + } + ] + }, + { + "type": "library", + "name": "update-browserslist-db", + "version": "1.0.13", + "bom-ref": "update-browserslist-db@1.0.13", + "author": "Andrey Sitnik", + "description": "CLI tool to update caniuse-lite to refresh target browsers from Browserslist config", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/update-browserslist-db@1.0.13", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/update-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/update-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/update-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e6cff3548d70fb8da4f3f7bb3796d4d617c48debc72273177a43eac1f88c4ee8fc85fe5ad4a9c27554faa22c0cfca4d1dde198543b9a3a9ce80b55eb4e216e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/update-browserslist-db" + } + ] + }, + { + "type": "library", + "name": "escalade", + "version": "3.1.2", + "bom-ref": "escalade@3.1.2", + "author": "Luke Edwards", + "description": "A tiny (183B to 210B) and fast utility to ascend parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escalade@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/escalade.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/escalade#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/escalade/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b08730269ed7dbd1f2f4067b9d3122c5689b2d7dae0ea016edfeaf78e410ee3ab2e2cc58192cbd5ca81a0415fa339f97ce1948e4a59afe86c5af3d3e64c698" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escalade" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "5.3.0", + "bom-ref": "estraverse@5.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@5.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30c74046e54443388d4de243f0380caa6870475d41450fdc04ffa92ed61d4939dfdcc20ef1f15e8883446d7dfa65d3657d4ffb03d7f7814c38f41de842cbf004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "3.3.0", + "bom-ref": "builtin-modules@3.3.0", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce16820e271d2ee58de546cde4832716a34c84d7e8f75f6c1fce72dbf79afb9620f53b1391e671a4bf892dba7a7206054b8b112e9dd85784bac83baa5561d83b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/builtin-modules" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "3.0.2", + "bom-ref": "jsesc@3.0.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4aab3cd65c3b6d26e39c6b006de0a9ca1c721fe6843f0b16b1fb43d6146f83143807340762f935c40800c8f91622154326c7cefddb1b0c6db8178f80b09cfe2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-try", + "version": "2.2.0", + "bom-ref": "p-try@2.2.0", + "author": "Sindre Sorhus", + "description": "`Start a promise chain", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-try@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-try.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-try#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-try/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4789cf0154c053407d0f7e7f1a4dee25fffb5d86d0732a2148a76f03121148d821165e1eef5855a069c1350cfd716697c4ed88d742930bede331dbefa0ac3a75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-try" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "4.0.0", + "bom-ref": "path-exists@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a4f50cb943b8d86f65b071ecb9169be0d8aa0073f64884b48b392066466ca03ec1b091556dd1f65ad2aaed333fa6ead2530077d943c167981e0c1b82d6cbbff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "5.2.0", + "bom-ref": "read-pkg@5.2.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "520ebd98d3a97ef28301cd90f034693238f376dae7bfd1dc48c5fee15b19c43d5a67a673ac813bae5cd706d593ca150b48c2a0d3be805ba591e626690f42623a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "group": "@types", + "version": "2.4.4", + "bom-ref": "@types/normalize-package-data@2.4.4", + "description": "TypeScript definitions for normalize-package-data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/normalize-package-data@2.4.4#types/normalize-package-data", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/normalize-package-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/normalize-package-data", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfb8be39a59387da9e2b82d21cfb32442ecd6a19c6a2d36e66f8cb4a070fcdb9691c1debac227100e808e6009d2a6edca289ec697d4e7f420b8937276636dfc4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e92a6d948bfc4deff1d0282b69671a11581859f59d24aadca01bc5c280d43c6650e7c6e4265a18f9eba8fc7cde02bb7fc999b86c0e8edf70026ae2cf61dbb13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regjsparser", + "version": "0.10.0", + "bom-ref": "regjsparser@0.10.0", + "author": "'Julian Viereck'", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/regjsparser@0.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jviereck/regjsparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jviereck/regjsparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jviereck/regjsparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab1fb1406655b32e79087d1ad61895c079aa8cbaf27e1ef04321791ced3b5c9f5fedd40c63f80f407865c83908cc9282fb1d9f502a42714383514505ae6ed21c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-indent", + "version": "3.0.0", + "bom-ref": "strip-indent@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip leading whitespace from each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-indent@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-indent/-/strip-indent-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "95a2536b725bf95429682e83b1e1e117b75756a1d37c93c24436846e277f76b3a1822b60624bbf95eb4c52a397168595d3320851b8e9747dadfad623e1b40c45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "min-indent", + "version": "1.0.1", + "bom-ref": "min-indent@1.0.1", + "author": "James Kyle", + "description": "Get the shortest leading whitespace from lines in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/min-indent@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejameskyle/min-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23d8f0327d3b4b2fc8c0e8f7cd59158a4d894ef8296b29036448a02fa471e8df4b6cccb0c1448cb71113fbb955a032cb7773b7217c09c2fbae9ecf1407f1de02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/min-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@eslint", + "version": "8.57.0", + "bom-ref": "@eslint/js@8.57.0", + "description": "ESLint JavaScript language implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/js@8.57.0#packages/js", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git#packages/js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cfb78364da5bb8000ce2733edf37489b420e13239dd703305550fd38fd880d417c9cc5283f660145d3dce7a7a6e3c76c8e8ffe6c840b1449ae87d4b03c7fe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.11.14", + "bom-ref": "@humanwhocodes/config-array@0.11.14", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.11.14", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd3f0b90e9a0e39055e452026f5e5040cb325125ab43c0328157c2ed91b7db339a967aab8a59b4d7c6550b0d1e6a95eec7c16d037deaf0f4914acb6379ede34a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "2.0.3", + "bom-ref": "@humanwhocodes/object-schema@2.0.3", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f77cd874c112fdcd43ebdc9988a0c18f4576e2fa8dcc1fe4a05dba28f69a8007dddcfff8814961dc3cace688002be1318bd432ce50fcc7fd3c66def020a70370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "module-importer", + "group": "@humanwhocodes", + "version": "1.0.1", + "bom-ref": "@humanwhocodes/module-importer@1.0.1", + "author": "Nicholas C. Zaks", + "description": "Universal module importer for Node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/module-importer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f1bde57857cbf961be277054d3deb3d281904ea429237cad32e28555549c08b8354144c0d7acfc9744bf7cf22e5aa7d9bd6e7c8412359f9b95a4066b5f7cb7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/module-importer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs.scandir", + "group": "@nodelib", + "version": "2.1.5", + "bom-ref": "@nodelib/fs.scandir@2.1.5", + "description": "List files and directories inside the specified directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.scandir@2.1.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "beadb806adf29b91c4426d8d282af7c970f08dceef4ec1138510e7929d832bda75baa2d1f831eeae6fcd393a34286ec760753b7a9a4a663dcccaa62e3017fada" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.scandir" + } + ] + }, + { + "type": "library", + "name": "run-parallel", + "version": "1.2.0", + "bom-ref": "run-parallel@1.2.0", + "author": "Feross Aboukhadijeh", + "description": "Run an array of functions in parallel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-parallel@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/feross/run-parallel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/run-parallel", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/run-parallel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65e15c9947ce8b67f943c594d1ea3a8bf00144d92d0814b30fdba01b8ec2d5003c4776107f734194b07fb2dfd51f0a2dddcf3f0e950b8f9a768938ca031d004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-parallel" + } + ] + }, + { + "type": "library", + "name": "queue-microtask", + "version": "1.2.3", + "bom-ref": "queue-microtask@1.2.3", + "author": "Feross Aboukhadijeh", + "description": "fast, tiny `queueMicrotask` shim for modern engines", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/queue-microtask@1.2.3", + "externalReferences": [ + { + "url": "git://github.com/feross/queue-microtask.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/queue-microtask", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/queue-microtask/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36e68d49ae9f94a4f925a498433268934e09cd32f5080e9a1a1bf9adf2d6dcf82a03e3360a1a59427002f21f22e19164052f17e51aa40c11c0eebe217a3dcaf4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/queue-microtask" + } + ] + }, + { + "type": "library", + "name": "fastq", + "version": "1.17.1", + "bom-ref": "fastq@1.17.1", + "author": "Matteo Collina", + "description": "Fast, in memory work queue", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fastq@1.17.1", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/fastq.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/fastq#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/fastq/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b11543de55952175a0e81cbaf1937bbe1a3d6b5a5070dfd604568002c0c31739498efa06c743fccfb575b7bda0ac525f261bb760f641baedb97fb29ac368cdd7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastq" + } + ] + }, + { + "type": "library", + "name": "reusify", + "version": "1.0.4", + "bom-ref": "reusify@1.0.4", + "author": "Matteo Collina", + "description": "Reuse objects and functions with style", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/reusify@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/reusify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/reusify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/reusify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d9c7f3c6b77dcfde902175974fd43f5228b22b888f24e1ee106f5d530762055c7c6bedf3ded782e8f650e2c3788e411b69bbfeec3268b553e9f6ed0b04f2cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/reusify" + } + ] + }, + { + "type": "library", + "name": "structured-clone", + "group": "@ungap", + "version": "1.2.0", + "bom-ref": "@ungap/structured-clone@1.2.0", + "author": "Andrea Giammarchi", + "description": "A structuredClone polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40ungap/structured-clone@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/ungap/structured-clone.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ungap/structured-clone#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ungap/structured-clone/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cee55d16b3098ae083414302cd0683e8a2f6f0c8e7aaa37c5e702a884abd3cd9bf8423d34867eb5c239fc23d68c382c56ffb4dca624fc2c35b55e3dcd7116aad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ungap/structured-clone" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2399e374a9dfb2d23b3312da18e3caf43deab97703049089423aee90e5fe3595f92cc17b8ab58ae18284e92e7c887079b6e1486ac7ee53aa6d889d2c0b844e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "907c6bdb366962d766acdd6a0e3aeb5ff675ad1d641bc0f1fa09292b51b87979af5ecc26704d614d6056614ce5ada630d7fc99a7a62e0d8efb62dbdb3747660c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-command" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efef9d161b5cc77df9dee05aabc0c347836ec417ad0730bb6503a19934089c711de9b4ab5dd884cb30af1b4ed9e3851874b4a1594c97b7933fca1cfc7a471bd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-regex" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04b2374e5d535b73ef97bd25df2ab763ae22f9ac29c17aac181616924a8cb676d782b303fb28fbae15b492e103c7325a6171a3116e6881aa4a34c10a34c8e26c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "447c4c2e9f659ca1c61d19e0f5016144231b600715a67ebdb2648672addfdfac638155564e18f8aaa2db4cb96aed2b23f01f9f210d44b8210623694ab3241e23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "7.2.2", + "bom-ref": "eslint-scope@7.2.2", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@7.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74eb76d4eee54cc84333e5fd981e065fe0d9ad9b425093cbff095c4eac72af1e48bced0862d20b76dad0190a7ef27e52d20c1256639ff4d42b8cc3a07d066522" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "8.11.3", + "bom-ref": "acorn@8.11.3", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@8.11.3", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63dad17c91b98dc28e13408b8ac61ba2352322b20413b00633303f4a6e01b2500d85b4be70332980175c3d3f75a09eceb89f61609071e7d4636e1c559eb17c5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn" + } + ] + }, + { + "type": "library", + "name": "flat-cache", + "version": "3.2.0", + "bom-ref": "flat-cache@3.2.0", + "author": "Jared Wray", + "description": "A stupidly simple key/value storage using files to persist some data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/flat-cache@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/flat-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09870435af85b5c50a2e6861ab272da5c96cabb405dfca4a8d91ec18d892405e6be05b6828359a6c50e5de1cda11032f4f52c7132b30e6dc202efa5861be2f6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "flatted", + "version": "3.3.1", + "bom-ref": "flatted@3.3.1", + "author": "Andrea Giammarchi", + "description": "A super light and fast circular JSON parser.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/flatted@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/flatted.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/flatted#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/flatted/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5fc72a30b2e27bb2ac3540d277378df0560af6b12de03b7aeceb06fc33469d84d20c11b8b850091419d47a257ecc2540bf0172e7a22333db07e758d568484dc7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flatted" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "keyv", + "version": "4.5.4", + "bom-ref": "keyv@4.5.4", + "author": "Jared Wray", + "description": "Simple key-value storage with support for multiple backends", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/keyv@4.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/keyv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/keyv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/keyv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3154790747f1097f608d5e75b144b5ba9a0ec9c82094706d03b441a62f672d528d4f3538a7d4f52297eafffb8af93295600bf7e7d648ecc7b9a34ae8caa88a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/keyv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-buffer", + "version": "3.0.1", + "bom-ref": "json-buffer@3.0.1", + "author": "Dominic Tarr", + "description": "JSON parse & stringify that supports binary via bops & base64", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-buffer@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/dominictarr/json-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1b57905f4769aa7d04c99be579b4f3dd7fe669ba1888bd3b8007983c91cad7399a534ff430c15456072c17d68cebea512e3dd6c7c70689966f46ea6236b1f49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-buffer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "5.0.0", + "bom-ref": "find-up@5.0.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efcfcf5d3d7094b2c3813cc3b3bb23abd873cf4bd70fece7fbbc32a447b87d74310a6766a9f1ac10f4319a2092408dda8c557dd5b552b2f36dac94625ba9c69e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "6.0.0", + "bom-ref": "locate-path@6.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88f64ae9e6236f146edee078fd667712c10830914ca80a28a65dd1fb3baad148dc026fcc3ba282c1e0e03df3f77a54f3b6828fdcab67547c539f63470520d553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "5.0.0", + "bom-ref": "p-locate@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2da363b51594058fbecc1e6713f37071aa0cca548f93e4be647341d53cdd6cc24c9f2e9dca7a401aded7fed97f418ab74c8784ea7c47a696e8d8b1b29ab1b93f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-extglob", + "version": "2.1.1", + "bom-ref": "is-extglob@2.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a string has an extglob.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extglob@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extglob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b29b00d90deb4dd58b88c466fe3d2de549327e321b0b1bcd9c28ac4a32122badb0dde725875b3b7eb37e1189e90103a4e6481640ed9eae494719af9778eca1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extglob" + } + ] + }, + { + "type": "library", + "name": "is-path-inside", + "version": "3.0.3", + "bom-ref": "is-path-inside@3.0.3", + "author": "Sindre Sorhus", + "description": "Check if a path is inside another path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-path-inside@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-path-inside.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15de200016fec9c18098aa2ef1e31fb42ba94a2af9951c6a7f8683fef774703daa7381cbd3b3a309eb8732bf11a380a831a782283074fc40813955a34f052f3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-path-inside" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "prelude-ls", + "version": "1.2.1", + "bom-ref": "prelude-ls@1.2.1", + "author": "George Zahariev", + "description": "prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prelude-ls@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/prelude-ls.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://preludels.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/prelude-ls/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be47033eb459a354192db9f944b18fa60fd698843ae6aa165a170629ffdbe5ea659246ab5f49bdcfca6909ab789a53aa52c5a9c8db9880edd5472ad81d2cd7e6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prelude-ls" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-check", + "version": "0.4.0", + "bom-ref": "type-check@0.4.0", + "author": "George Zahariev", + "description": "type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-check@0.4.0", + "externalReferences": [ + { + "url": "git://github.com/gkz/type-check.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/type-check", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/type-check/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5794a1cf6ec065ea8d6c176944d9026ccc705679f39f10036befc7552be7121c8b15c83fef0b9c50e0469954df4bacead7aa765b2415fbbe69ee0aefd3a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-check" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "word-wrap", + "group": "@aashutoshrathi", + "version": "1.2.6", + "bom-ref": "@aashutoshrathi/word-wrap@1.2.6", + "author": "Jon Schlinkert", + "description": "Wrap words to a specified length.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40aashutoshrathi/word-wrap@1.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/aashutoshrathi/word-wrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d588ecd92bccf137e5111fce0f770e8e15963996f9f00dadef0a44d92f577c161388897e5c58501b66e3cb83eed48f8402508d533443603745c056142af5dc20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aashutoshrathi/word-wrap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "deep-is", + "version": "0.1.4", + "bom-ref": "deep-is@0.1.4", + "author": "Thorsten Lorenz", + "description": "node's assert.deepEqual algorithm except for NaN being equal to NaN", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-is@0.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/thlorenz/deep-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/deep-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/deep-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a083f392c993838fccae289a6063bea245c34fbced9ffc37129b6fffe81221d31d2ac268d2ee027d834524fcbee1228cb82a86c36c319c0f9444c837b7c6bf6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accepts", + "version": "1.3.8", + "bom-ref": "accepts@1.3.8", + "description": "Higher-level content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/accepts@1.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/accepts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/accepts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/accepts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d802d8536b69b654ac6ebd20f70cf0bf1b2f94fac380d4b02e4fc9a4991bafc3e34009269e5c443e34771517bace365eaa71ac55dd4b9e9b06b093eefe4892f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accepts" + } + ] + }, + { + "type": "library", + "name": "mime-types", + "version": "2.1.35", + "bom-ref": "mime-types@2.1.35", + "description": "The ultimate javascript content-type utility.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-types@2.1.35", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-types.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-types#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-types/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64363e6cf9b9cd34c5f98a42ac053d9cad148080983d3d10b53d4d65616fe2cfbe4cd91c815693d20ebee11dae238323423cf2b07075cf1b962f9d21cda7978b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-types" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8452ca863cbb0cfa3ff37428598ec9d7e758385eb1c53885f07e70953c695093f9398226a470ab2ec4239b051bba0d29bda29c3f3bab2559b25d82140ce1b06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/negotiator" + } + ] + }, + { + "type": "library", + "name": "array-flatten", + "version": "1.1.1", + "bom-ref": "array-flatten@1.1.1", + "author": "Blake Embrey", + "description": "Flatten an array of nested arrays into a single flat array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-flatten@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/array-flatten.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c254042cc167a6bba51dc6c0c5157ffe815798a8a0287770f75159bdd631f0ca782e3b002f60f871f2736533ef8da9170ae82c71a5469f8e684874a88789baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-flatten" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "version": "1.20.2", + "bom-ref": "body-parser@1.20.2", + "description": "Node.js body parsing middleware", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/body-parser@1.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/body-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/body-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/body-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a5f6945e0aedcceb590696aa139b6ba64974e5453b864f1d1b7d88feb8850a298c9c1b936d49b79eb55ddf69253a47b6a338fc3483f2753ef2b8a8dcbbb396c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser" + } + ] + }, + { + "type": "library", + "name": "bytes", + "version": "3.1.2", + "bom-ref": "bytes@3.1.2", + "author": "TJ Holowaychuk", + "description": "Utility to parse a string bytes to bytes and vice-versa", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bytes@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/bytes.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcd7fb4f2cd3c7a4b7c9124e6ce015efde7aafc72bdbe3a3f000b976df3048fdc1400a1e5f9f0da07c8253c3fccc690d5d2b634d28ba7f33ba174a4175c61b12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bytes" + } + ] + }, + { + "type": "library", + "name": "depd", + "version": "2.0.0", + "bom-ref": "depd@2.0.0", + "author": "Douglas Christopher Wilson", + "description": "Deprecate all the things", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/depd@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/dougwilson/nodejs-depd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83b9c7e8fe9dc838a8268800006a6b1a90ad5489898693e4feba02cdd6f77c887ad7fb3f9cfb1f47aa27c8cc2408047f3a50b7c810b49444af52840402cb08af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/depd" + } + ] + }, + { + "type": "library", + "name": "destroy", + "version": "1.2.0", + "bom-ref": "destroy@1.2.0", + "author": "Jonathan Ong", + "description": "destroy a stream if possible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/destroy@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/destroy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/destroy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/destroy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dac246253697208691d70e22252368374867318ec6a5cfe7f03e2a482270f10a855977fb72e0209c41f1069c1e69570f7af0b69772a98d80b1dcdca941081a26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/destroy" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "version": "2.0.0", + "bom-ref": "http-errors@2.0.0", + "author": "Jonathan Ong", + "description": "Create HTTP error objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-errors@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/http-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/http-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/http-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16dc2b1bf7ae0736848d8791a8e825cbb1b4aaf8a25e82569ef107d99d6994175781bca3bf7e291d349bf73a1e1ccc83cb7dfe0d6cb95adf56a3e4d446d39849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-errors" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.4.24", + "bom-ref": "iconv-lite@0.4.24", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.4.24", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf73179d901cbe7cb091350466898801cb657bb4575de79d391df5c3097b565ca85cee108bd6abbd27a73505a77b54dc4708422f51f02c8db56c4a9da63f3fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/iconv-lite" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "619a372bcd920fb462ca2d04d4440fa232f3ee4a5ea6749023d2323db1c78355d75debdbe5d248eeda72376003c467106c71bbbdcc911e4d1c6f0a9c42b894b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safer-buffer" + } + ] + }, + { + "type": "library", + "name": "on-finished", + "version": "2.4.1", + "bom-ref": "on-finished@2.4.1", + "description": "Execute a callback when a request closes, finishes, or errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/on-finished@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/on-finished.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/on-finished#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/on-finished/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a15973920dc4340842936cddbfb209c1dfd0503e33d91c51c2991c198f29b0255c09864dab8c189d55802c733e6ebb6e26378f5a2605fc2966b83afc0a1e7e92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/on-finished" + } + ] + }, + { + "type": "library", + "name": "qs", + "version": "6.11.0", + "bom-ref": "qs@6.11.0", + "description": "A querystring parser that supports nesting and arrays, with a depth limit", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/qs@6.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/qs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/qs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32f8e830227011aad26d4624e4efa79a84b34aeb52b13c05f39cdc1cf43d3ab945a193982236aa040248a885e3a6dc83e6f4e1c46ab9d97bbf31a273464224e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/qs" + } + ] + }, + { + "type": "library", + "name": "raw-body", + "version": "2.5.2", + "bom-ref": "raw-body@2.5.2", + "author": "Jonathan Ong", + "description": "Get and validate the raw body of a readable stream.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/raw-body@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/raw-body.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/raw-body#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/raw-body/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f331aaca97c4363088a868605d3a02f1a076afb62b057f804007c83ecfcc964f81b4f4f3b4ebd34b4d4d456ff7121eb427e6b8f25b7caac0b38ab43a9680957c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/raw-body" + } + ] + }, + { + "type": "library", + "name": "unpipe", + "version": "1.0.0", + "bom-ref": "unpipe@1.0.0", + "author": "Douglas Christopher Wilson", + "description": "Unpipe a stream from all destinations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/unpipe@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/unpipe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/unpipe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/unpipe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cb66d8852b2e7f05a52b03dcfa5ddc37bfb0b8994aeaecf461d2443a54036e5ea3a3f6253e2e266fc6a0524542f0117b57c36ecdec8f36a464b00de1ced29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/unpipe" + } + ] + }, + { + "type": "library", + "name": "type-is", + "version": "1.6.18", + "bom-ref": "type-is@1.6.18", + "description": "Infer the content-type of a request.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-is@1.6.18", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/type-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/type-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/type-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e444aafdb144f1107f0c75fb8248fed58b3272cd134c8e3d89d9da3626bdcaca6e7df0955d124b2eccf4029e514f5b8932f50fa203e99af411a6d3a5d0072f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-is" + } + ] + }, + { + "type": "library", + "name": "content-disposition", + "version": "0.5.4", + "bom-ref": "content-disposition@0.5.4", + "author": "Douglas Christopher Wilson", + "description": "Create and parse Content-Disposition header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-disposition@0.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-disposition.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-disposition#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-disposition/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16f7994cdb86c34e1cc6502259bce2eb34c02ff9617a16966d3b6096e261e3f13de43a8cc139a16b7299375680580f1c148847ccc654bcb7af930e51aa4fad49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-disposition" + } + ] + }, + { + "type": "library", + "name": "cookie-signature", + "version": "1.0.6", + "bom-ref": "cookie-signature@1.0.6", + "author": "TJ Holowaychuk", + "description": "Sign and unsign cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie-signature@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/node-cookie-signature.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4000f395a1dcf22715f08eef6da257270a1df47598a7cb82a9fd716b839f36ed53ec9571408ad480e5ad1dd343b4f8b2c2615b892d76563a2d2172eb28cde8ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie-signature" + } + ] + }, + { + "type": "library", + "name": "cookie", + "version": "0.6.0", + "bom-ref": "cookie@0.6.0", + "author": "Roman Shtylman", + "description": "HTTP server cookie parsing and serialization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bd5cc936a6ba1d4244d09fa4663ab68dbc971bcdc0f1b81aecff1158e07f7266cefd2f943a756ad4fd792e5d0e33181ee7291db5a7b3a2f07f704acfab2f77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie" + } + ] + }, + { + "type": "library", + "name": "encodeurl", + "version": "1.0.2", + "bom-ref": "encodeurl@1.0.2", + "description": "Encode a URL to a percent-encoded form, excluding already-encoded sequences", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encodeurl@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/encodeurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cf257abc26a15a5589b609698fbe73f6232a3865233bfd029c4a6b8c2c339b7e91f97e2ed150699dfeb4c37feaeeb7fb1a88389011e5533600262447403b1d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/encodeurl" + } + ] + }, + { + "type": "library", + "name": "escape-html", + "version": "1.0.3", + "bom-ref": "escape-html@1.0.3", + "description": "Escape string for use in HTML", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-html@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/component/escape-html.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/escape-html#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/escape-html/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3624aea59e0e7ae1b0afaf251887b29bf92c219309a1d506392099fc54a74f172b7a46efaab81d53194938ca628da299563009ad6ac6b3fe89cbc38cbb28fda3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-html" + } + ] + }, + { + "type": "library", + "name": "etag", + "version": "1.8.1", + "bom-ref": "etag@1.8.1", + "description": "Create simple HTTP ETags", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/etag@1.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/etag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/etag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/etag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6882f9171ee66b055adf4d1a976067104e2236fa35a844f12eb3c8fe8d392fbcfa828edf0b0d49e844266cae05989d804bb920545fca1195ae7c17dd0a531c3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/etag" + } + ] + }, + { + "type": "library", + "name": "finalhandler", + "version": "1.2.0", + "bom-ref": "finalhandler@1.2.0", + "author": "Douglas Christopher Wilson", + "description": "Node.js final http responder", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/finalhandler@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/finalhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e5dc5157ed9503059d60bdaaefecbe45afdc64ddd8f7d484aff73cb9183407bb15ba8932ddf9d791dac44e9e44bef819db2b8a2c2e8e26b075a0750691084a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler" + } + ] + }, + { + "type": "library", + "name": "parseurl", + "version": "1.3.3", + "bom-ref": "parseurl@1.3.3", + "description": "parse a url with memoization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parseurl@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/parseurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/parseurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/parseurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0a2c9e3b1153fc96723799b4cfd3df5f0e1208127a4b2833d43a65d30aa39610c418604fd469ec51510bd29eb78681b57dc8f77c7ca75e2f4d60ee2758e2fea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parseurl" + } + ] + }, + { + "type": "library", + "name": "statuses", + "version": "2.0.1", + "bom-ref": "statuses@2.0.1", + "description": "HTTP status utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/statuses@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/statuses.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/statuses#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/statuses/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "470340f59ffb3eb2b4eab60b23314c95a17e97bde2c29ceca9120581b30b6d370b0fa70e6a8f364da59e7cf5d0bc1d9f382e008ee612127752ecdfe64c26e475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/statuses" + } + ] + }, + { + "type": "library", + "name": "fresh", + "version": "0.5.2", + "bom-ref": "fresh@0.5.2", + "author": "TJ Holowaychuk", + "description": "HTTP response freshness testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fresh@0.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc9da6418335f2b1053ae75e57819285318843b45bcc0ee8cdb53d23f5c1a66ee4aa0332c209b294cc171f16499a45686249daf5dda95575573dd6133fd7a3f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fresh" + } + ] + }, + { + "type": "library", + "name": "setprototypeof", + "version": "1.2.0", + "bom-ref": "setprototypeof@1.2.0", + "author": "Wes Todd", + "description": "A small polyfill for Object.setprototypeof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/setprototypeof@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/wesleytodd/setprototypeof.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1392c35fb5aba7ce4a8a5e5b859bf8ea3f2339e6e82aae4932660cde05467461fcc45a4f59750cb0dae53830ab928c4c11e362fd7648c2e46f6385cdc18309a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setprototypeof" + } + ] + }, + { + "type": "library", + "name": "toidentifier", + "version": "1.0.1", + "bom-ref": "toidentifier@1.0.1", + "author": "Douglas Christopher Wilson", + "description": "Convert a string of words to a JavaScript identifier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/toidentifier@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/toidentifier.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/toidentifier#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/toidentifier/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39b123ca12483f0c840d987e37574fee7ab2eba7355e764521f2d18dbda797a5fa6ec2329e9e54a8c7fd8efc14e5654b447be246eece58844cfad3c3e500744" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/toidentifier" + } + ] + }, + { + "type": "library", + "name": "merge-descriptors", + "version": "1.0.1", + "bom-ref": "merge-descriptors@1.0.1", + "author": "Jonathan Ong", + "description": "Merge objects using descriptors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-descriptors@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/merge-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/merge-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/merge-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7028ba837fd9af58aa422eb249bb1e3355efa286bdf0dd30df58f3518ad73d7db1a8e6e61461c9d2d439bbbe07de6561ef02e8b93b1e672608ab7f60f1c369d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-descriptors" + } + ] + }, + { + "type": "library", + "name": "methods", + "version": "1.1.2", + "bom-ref": "methods@1.1.2", + "description": "HTTP methods that node supports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/methods@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/methods.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/methods#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/methods/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "89c9401de36a366ebccc5b676747bed4bdb250876fccda1ab8a53858103756f1ffbcf162785eea7d197051953e0c0f4ff5b3d7212f74ba5c68528087db7b15db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/methods" + } + ] + }, + { + "type": "library", + "name": "ee-first", + "version": "1.1.1", + "bom-ref": "ee-first@1.1.1", + "author": "Jonathan Ong", + "description": "return the first event in a set of ee/event pairs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ee-first@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonathanong/ee-first.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonathanong/ee-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonathanong/ee-first/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58cc26f4b851528f9651a44dfaf46e113a86f3d22066985548d91d16079beac4bf1383ab0c837bb78f0201ec121d773a0bc95e7c3f0a29faf9bd8eb56eb425a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ee-first" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "0.1.7", + "bom-ref": "path-to-regexp@0.1.7", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@0.1.7", + "externalReferences": [ + { + "url": "git+https://github.com/component/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e43164ba8aa5bf5b9840ac72f2898505e24f41c768134ecabf6b1f7ab0c2ac0ab5a21394f8c483b300c86e7c7760033ad2a20e9d86b9df00615d6d046cca27ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-to-regexp" + } + ] + }, + { + "type": "library", + "name": "proxy-addr", + "version": "2.0.7", + "bom-ref": "proxy-addr@2.0.7", + "author": "Douglas Christopher Wilson", + "description": "Determine address of proxied request", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-addr@2.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/proxy-addr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96542c30b4940d43d3e388ddad4fcedfbaa59e27e2b433fe670ae699972848ac8b2afb59c69c95d27dbf6c3fcde2d040019fe024475953b28cadaa0ad7e5d802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-addr" + } + ] + }, + { + "type": "library", + "name": "forwarded", + "version": "0.2.0", + "bom-ref": "forwarded@0.2.0", + "description": "Parse HTTP X-Forwarded-For header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/forwarded@0.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/forwarded.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/forwarded#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/forwarded/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ee446d1fa41b511d24c238049eea10f6e7cb44b9b16844b6f864d03a3713151cdc3680e7301e8f70c9a6e5ccccce039cfdc40f4bd4a36393f36de8c4fd698a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/forwarded" + } + ] + }, + { + "type": "library", + "name": "ipaddr.js", + "version": "1.9.1", + "bom-ref": "ipaddr.js@1.9.1", + "author": "whitequark", + "description": "A library for manipulating IPv4 and IPv6 addresses in JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ipaddr.js@1.9.1", + "externalReferences": [ + { + "url": "git://github.com/whitequark/ipaddr.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0a23feb4ef1a31493a07ec68cdd457d26cba14d3e6ed4e2723b1049642587f859ca437c2a998c7fbb98c0f5b747e6a467a47fc35f199574870585e26143cede" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ipaddr.js" + } + ] + }, + { + "type": "library", + "name": "side-channel", + "version": "1.0.6", + "bom-ref": "side-channel@1.0.6", + "author": "Jordan Harband", + "description": "Store information about any JS value in a side channel. Uses WeakMap if available.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/side-channel@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/side-channel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/side-channel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/side-channel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c35bf119e90f5188ef1e146f078feeeefe85be5eb3d320287008e336fad87603a39b943b58608a6f7bd9be2af23d6780bda9211795a191e9b4c460745eba094" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/side-channel" + } + ] + }, + { + "type": "library", + "name": "call-bind", + "version": "1.0.7", + "bom-ref": "call-bind@1.0.7", + "author": "Jordan Harband", + "description": "Robustly `.call.bind()` a function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/call-bind@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/call-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/call-bind#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/call-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1874d2352608090eec707eec67e336ac5a294682e1f2dd9b2d25ba05b82bb4bb1a84e201e62c805497fd1a358addc6130da323e17741a4cd5c03aa484b42afdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/call-bind" + } + ] + }, + { + "type": "library", + "name": "es-define-property", + "version": "1.0.0", + "bom-ref": "es-define-property@1.0.0", + "author": "Jordan Harband", + "description": "`Object.defineProperty`, but not IE 8's broken one.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-define-property@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-define-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-define-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-define-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f16b22ca4a1ac4aaacc9d1eba641b5614d840cdbb09f4f54f7e7e8028031682fcd892ec5ea4c9efacefe80d182ce8049cb50cbcbcec0ec188ae5f0d1694f681" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-define-property" + } + ] + }, + { + "type": "library", + "name": "get-intrinsic", + "version": "1.2.4", + "bom-ref": "get-intrinsic@1.2.4", + "author": "Jordan Harband", + "description": "Get and robustly cache all JS language-level intrinsics at first require time", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-intrinsic@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/get-intrinsic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e621b091fc549053bfba2c960e01ce7258843a1123ac1a602c4c9827674eb702ac703f7c214aa13173d8928a1341dd0c5505effa10ba1cee99724aee968145" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-intrinsic" + } + ] + }, + { + "type": "library", + "name": "es-errors", + "version": "1.3.0", + "bom-ref": "es-errors@1.3.0", + "author": "Jordan Harband", + "description": "A simple cache for a few of the JS Error constructors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-errors@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65fe47d8ac6ddb18d3bdb26f3f66562c4202c40ea3fa1026333225ca9cb8c5c060d6f2959f1f3d5b2d066d2fa47f9730095145cdd0858765d20853542d2e9cb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-errors" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed71cdc47eea5fdc46e66230c6486e993a31fcc21135c3a00ebc56b0cb76a40af6dd61e9e8cad194dec50521690a9afea153b417be38894811f369c931f1b648" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/function-bind" + } + ] + }, + { + "type": "library", + "name": "set-function-length", + "version": "1.2.2", + "bom-ref": "set-function-length@1.2.2", + "author": "Jordan Harband", + "description": "Set a function's length property", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/set-function-length@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/set-function-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/set-function-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/set-function-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6045ce21278fec363582492f409a74b8d31ddb34c0d39271e02f951a3014ccc899d4f741205a1d51cfe302f5e16ee01b8dfd4c198ca42e63fd6fdeb33b1cc7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/set-function-length" + } + ] + }, + { + "type": "library", + "name": "define-data-property", + "version": "1.1.4", + "bom-ref": "define-data-property@1.1.4", + "author": "Jordan Harband", + "description": "Define a data property on an object. Will fall back to assignment in an engine without descriptors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-data-property@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/define-data-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/define-data-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/define-data-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac132f23396903cbfa13e489668a3ef87018aac2eb920ecc49f2229cc3c5866928af0ed7f9d39754942cf904faf731a4cccc9f0e720c3765a2775f8d6cbdd3f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-data-property" + } + ] + }, + { + "type": "library", + "name": "gopd", + "version": "1.0.1", + "bom-ref": "gopd@1.0.1", + "author": "Jordan Harband", + "description": "`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gopd@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/gopd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/gopd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/gopd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77ae5b36521a771be96ff03669b55d96a2aa579eb78ee4676755ad93ab35b0847cb8db1747bd31a88cd5ab155fd5e4ea0ee9f04f632473311e69ecc2293661c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gopd" + } + ] + }, + { + "type": "library", + "name": "has-property-descriptors", + "version": "1.0.2", + "bom-ref": "has-property-descriptors@1.0.2", + "author": "Jordan Harband", + "description": "Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-property-descriptors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-property-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7924d2ae216fafab829ed418ce4e333661cb5022f093ec61731f099f64f1a8e709eb82489dd1842d9c095e152aae9999b86b3de7d814be7ab6f2e62a49760ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-property-descriptors" + } + ] + }, + { + "type": "library", + "name": "has-proto", + "version": "1.0.3", + "bom-ref": "has-proto@1.0.3", + "author": "Jordan Harband", + "description": "Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-proto@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-proto.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-proto#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-proto/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "489d5a999009522652f8f86c54b7f9b46c9d95a541f04745a5a48ee209a250a50ec64f2ace7e40232e19789526876db39c8764fee300513da9977171cd5507f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-proto" + } + ] + }, + { + "type": "library", + "name": "has-symbols", + "version": "1.0.3", + "bom-ref": "has-symbols@1.0.3", + "author": "Jordan Harband", + "description": "Determine if the JS environment has Symbol support. Supports spec, or shams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-symbols@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/has-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/has-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/has-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9772c2b85e8c8033704c32a47581848a1623b79a513db120e3aaed9669d23e551b82607c2ce22b2896d86050526e73da25ec4c2ad88f3bc8667918d1cf64ddf8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-symbols" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21254f5208fbe633320175916a34f5d66ba76a87b59d1f470823dcbe0b24bcac6de72f8f01725adaf4798a8555541f23d6347e58ef10f0001edb7e04a391431" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hasown" + } + ] + }, + { + "type": "library", + "name": "object-inspect", + "version": "1.13.1", + "bom-ref": "object-inspect@1.13.1", + "author": "James Halliday", + "description": "string representations of objects in node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-inspect@1.13.1", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/object-inspect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6aa23d5152228e32c08234b57508188f604d74b33893b2798dc64008feb661883eb7085ec8a9d1460bf5f38d68e94a02dfd0bc575f76c3148874135f1fe9485" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-inspect" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "version": "1.2.1", + "bom-ref": "range-parser@1.2.1", + "author": "TJ Holowaychuk", + "description": "Range header field string parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/range-parser@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/range-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/range-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/range-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1eb82cc7ea2baa8ca09e68456ca68713a736f7a27e1d30105e8c4417a80dba944e9a6189468cb37c6ddc700bdea8206bc2bff6cb143905577f1939796a03b04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "version": "0.18.0", + "bom-ref": "send@0.18.0", + "author": "TJ Holowaychuk", + "description": "Better streaming static file server with Range and conditional-GET support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/send@0.18.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/send.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/send#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/send/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aaa5b3b8e8d214ebaa3e315ee0d3ac30b69f4e8410c0148e1294be17012ddc0d95def2ae6d3aae4f7be62d3429160317a7c02515616e3f5a8a68964eb4fa555e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "version": "1.6.0", + "bom-ref": "mime@1.6.0", + "author": "Robert Kieffer", + "description": "A comprehensive library for mime-type mapping", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-mime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-mime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-mime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c74567f2ca48fb0b89d4ee92ee09db69083c3f187834d1dbeca4883661162a23c4e1128ea65be28e7f8d92662699180febc99cef48f611b793151b2bb306907a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "version": "1.15.0", + "bom-ref": "serve-static@1.15.0", + "author": "Douglas Christopher Wilson", + "description": "Serve static files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/serve-static@1.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/serve-static.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/serve-static#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/serve-static/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c6b910cd8d75228ec50bd2f97a9d20fb730511bb31208256ce685b9933d8379300d7396553724d232f38cfcc60fe4dacd66dba1962ee76ffdfd73dd5209def6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serve-static" + } + ] + }, + { + "type": "library", + "name": "media-typer", + "version": "0.3.0", + "bom-ref": "media-typer@0.3.0", + "author": "Douglas Christopher Wilson", + "description": "Simple RFC 6838 media type parser and formatter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/media-typer@0.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/media-typer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/media-typer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/media-typer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76afaa7a543d6a41e970e97f8145514f15483a4009d70477400bdbe11b158d2f285681630c64dcebbf702589949a49d41791f030b3a06f93be6b72b17d66a93d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/media-typer" + } + ] + }, + { + "type": "library", + "name": "utils-merge", + "version": "1.0.1", + "bom-ref": "utils-merge@1.0.1", + "author": "Jared Hanson", + "description": "merge() utility function", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "http://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:npm/utils-merge@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/jaredhanson/utils-merge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredhanson/utils-merge#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/jaredhanson/utils-merge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a4c653bc8913d5df93146bc33aaa1d39c971d105a49208ba4dda1af200bc7df18002acfda733d36560326dbb071e8103ff3b4cb64bff5686136324a1527f3584" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/utils-merge" + } + ] + }, + { + "type": "library", + "name": "vary", + "version": "1.1.2", + "bom-ref": "vary@1.1.2", + "author": "Douglas Christopher Wilson", + "description": "Manipulate the HTTP Vary header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/vary@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/vary.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/vary#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/vary/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04d19b58b7ddd1e50f69b8645d4566d23f2ebaf444c93879a2f45afddca8c3f06a01b649c82fb97d4f88cd03b39802b362a6110084a8461750af778867f3d7aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/vary" + } + ] + }, + { + "type": "library", + "name": "asynckit", + "version": "0.4.0", + "bom-ref": "asynckit@0.4.0", + "author": "Alex Indigo", + "description": "Minimal async jobs utility library, with streams support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/asynckit@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexindigo/asynckit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexindigo/asynckit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexindigo/asynckit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39e8bd387e2d461d18a94dc6c615fbf5d33f9b0560bdb64969235a464f9bb21923d12e5c7c772061a92b7818eb1f06ad5ca6f3f88a087582f1aca8a6d8c8d6d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/asynckit" + } + ] + }, + { + "type": "library", + "name": "combined-stream", + "version": "1.0.8", + "bom-ref": "combined-stream@1.0.8", + "author": "Felix Geisendörfer", + "description": "A stream that emits multiple other streams one after another.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/combined-stream@1.0.8", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-combined-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1503783117ee25e1dfedc05b04c2455e12920eafb690002b06599106f72f144e410751d9297b5214048385d973f73398c3187c943767be630e7bffb971da0476" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/combined-stream" + } + ] + }, + { + "type": "library", + "name": "delayed-stream", + "version": "1.0.0", + "bom-ref": "delayed-stream@1.0.0", + "author": "Felix Geisendörfer", + "description": "Buffers events from a stream until you are ready to handle them.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/delayed-stream@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-delayed-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "672483ecd7fdd5a2c1d11c4be0a1ab28705797b11db350c098475ca156b05e72c3ed20e1a4d82db88236680920edaed04b8d63c4f499d7ba7855d1a730793731" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/delayed-stream" + } + ] + }, + { + "type": "library", + "name": "mime-db", + "version": "1.52.0", + "bom-ref": "mime-db@1.52.0", + "description": "Media Type Database", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-db@1.52.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0f538b95edd625bed589c70c311c3d0fba285536213b4f201b439496c43081f66518bce82ba103b061040e28f27c0886c4fb51135653a82b5502da7537818be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-db" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "11.2.0", + "bom-ref": "fs-extra@11.2.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as recursive mkdir, copy, and remove.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@11.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e60e2deec0ae6716e5e1ed70d39559d2d7bc494bbbd6dfa8acdbec37c5cbfc495c620783720137f872d9156396e44a35f46389dbbd90aad7f123b44cabf64b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "6.1.0", + "bom-ref": "jsonfile@6.1.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@6.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5d8277563ab8984a6e5c9d86893616a52cd0ca3aa170c8307faebd44f59b067221af28fb3c476c5818269cb9fdf3e8ad58283cf5f367ddf9f637727de932a5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsonfile" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "2.0.1", + "bom-ref": "universalify@2.0.1", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "829b4735082120d9dcfef4c6224d12385185357c3b255ae5454b42a2725196f6b0e83b97d303b925e928f6c5ab301861f8fb18019ee85c088e9dffd42a88328b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/universalify" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "version": "4.0.8", + "bom-ref": "get-installed-path@4.0.8", + "author": "Charlike Mike Reagent", + "description": "Get installation path where the given package is installed. Works for globally and locally installed packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-installed-path@4.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/tunnckoCore/get-installed-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-installed-path/-/get-installed-path-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e600d2b5c449481e51c7dad5df3a84e74835235f55f71af28ae99c8b6d49d20829f5a400f0bbaede556b6db8fcc95ab5c30d3d8c7ceeae01a2882ce15f8ad98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "global-modules", + "version": "1.0.0", + "bom-ref": "global-modules@1.0.0", + "author": "Jon Schlinkert", + "description": "The directory used by npm for globally installed npm modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-modules@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0ace91247f5d46a4e16ec346738f39ade01e146708ce706ef9ecf3efadf87170b15bab4c29b20a4eab1a71b71162086e03b46f7733a5d155b176a0675ebfb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-modules" + } + ] + }, + { + "type": "library", + "name": "global-prefix", + "version": "1.0.2", + "bom-ref": "global-prefix@1.0.2", + "author": "Jon Schlinkert", + "description": "Get the npm global path prefix.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-prefix@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-prefix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65b31d4d5031ed4a37e0d1e1e5998bd92aff3f9d5a97e1c9056ccf85ac6710fb4e0a59c585a3d3f93313d9612cd4bf2ce67536c8ec48b1f10e086c42c3ab32a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix" + } + ] + }, + { + "type": "library", + "name": "expand-tilde", + "version": "2.0.2", + "bom-ref": "expand-tilde@2.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like tilde expansion for node.js. Expands a leading tilde in a file path to the user home directory, or `~+` to the cwd.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expand-tilde@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/expand-tilde.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0391267ac1d6eab7e767dcac1d08cf7494678b44916abd2d8ed1b930db66f67e5352fb1853ca28ce9aed443e00a87c5c6565a556e026428da758a7cdf68ca34f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expand-tilde" + } + ] + }, + { + "type": "library", + "name": "homedir-polyfill", + "version": "1.0.3", + "bom-ref": "homedir-polyfill@1.0.3", + "author": "Brian Woodward", + "description": "Node.js os.homedir polyfill for older versions of node.js.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/homedir-polyfill@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/homedir-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7929a6584e5b6532b6368bb8834008df367daecc29ec644aa0a5d2d412d492f3ef88eaace184cdd5d8d022aad7cbd939804b5d2cfcbce898d1c2c34cf6d9c370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/homedir-polyfill" + } + ] + }, + { + "type": "library", + "name": "parse-passwd", + "version": "1.0.0", + "bom-ref": "parse-passwd@1.0.0", + "author": "Brian Woodward", + "description": "Parse a passwd file into a list of users.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-passwd@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/parse-passwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/parse-passwd", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/parse-passwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58d40fff4145c464aed82b3fab0fd5b275c135f84b8fafa64180a79c001f2d9a85ba505bf435111525ed69fa3471b5386471b6ca91fc086d625efc8784ea6d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-passwd" + } + ] + }, + { + "type": "library", + "name": "is-windows", + "version": "1.0.2", + "bom-ref": "is-windows@1.0.2", + "author": "Jon Schlinkert", + "description": "Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-windows@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-windows.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7972b55089ead9b3e68f25fa7b754723330ba1b73827de22e005a7f87a6adce5392a4ad10bde8e01c4773d127fa46bba9bc4d19c11cff5d917415b13fc239520" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-windows" + } + ] + }, + { + "type": "library", + "name": "resolve-dir", + "version": "1.0.1", + "bom-ref": "resolve-dir@1.0.1", + "author": "Jon Schlinkert", + "description": "Resolve a directory that is either local, global or in the user's home directory.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-dir@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/resolve-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bba24e3102cef3ac5927dd33440a14d05515c2b6eda1ce53076f2b9dc1716f33aa719d629d056e3f36732e78fb60383f6b45336d89e6445f7b547e94cff5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-dir" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "5.0.3", + "bom-ref": "domhandler@5.0.3", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@5.0.3", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "720c25bffd621508859d4f7a5d78113a1f314de7adb272620ec4dced36022c577dfbf58d908a8f4f188cffca5277c548ae15c64dfd4dcb5ab586ab95a83241e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "3.1.0", + "bom-ref": "domutils@3.1.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@3.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fbf2e32642d23602180326359e4261f0249d9b2cf0f718c98eed98dafd9661f38c249bee2eb7e2149d47516bcb82197f3c0e2571d63e8545ed577f11208c464" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "2.0.0", + "bom-ref": "dom-serializer@2.0.0", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-serializer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c08900af28aab7f9d5e4440aa90a68dd24e848e57d2740e76c9ab02bb5affd3adcf76cc801867816532ef893c55b50df185b7cd594c21a00c469b7df5de2f226" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "4.5.0", + "bom-ref": "entities@4.5.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease & speed", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@4.5.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5748631f87463e1f40a39a74328458e8156ab700a3873eaf2392d3f00279e47fb883dff8bdb1f1d48e787d2d17b9c94b8431c0acf40288c8c3c6368bf1f3f187" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "https", + "version": "1.0.0", + "bom-ref": "https@1.0.0", + "author": "hardus van der berg", + "description": "https mediation", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/https@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/https/-/https-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e040b9edd757ae4685d31f373a3f2c33a48b4070165f0f744a4aaed8ce0011610d677174d9d14913f180440f2280eefdb5c818a86ac3eda7b87f92f7ba6da582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/https" + } + ] + }, + { + "type": "library", + "name": "inquirer-file-tree-selection-prompt", + "version": "2.0.2", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2", + "author": "anc95", + "description": "inquerer file tree selection prompt", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inquirer-file-tree-selection-prompt@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/anc95/inquirer-file-tree-selection.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer-file-tree-selection-prompt/-/inquirer-file-tree-selection-prompt-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae56d0ec1ca4819fdf9aded259cdac681072b8cb10ad487e8aa9f2e1a32868bab6e426354ed643a7171a3bea0407335e5410fbe7d7789936884877e74a75414b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt" + } + ] + }, + { + "type": "library", + "name": "cli-cursor", + "version": "3.1.0", + "bom-ref": "cli-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Toggle the CLI cursor", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23fcc7030b0a7fd16a1a85cce16591002a1bf7e48dba465377de03585e7b138b68a2e46e95b0b171487a44a5043909584c7267ce43ccc92bcf35a6922cd7cb67" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-cursor" + } + ] + }, + { + "type": "library", + "name": "restore-cursor", + "version": "3.1.0", + "bom-ref": "restore-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Gracefully restore the CLI cursor on exit", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/restore-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/restore-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97eb1279fcc7a63e6a8a6845484e5af27b9f65800cdec05254c00fb589260bee041f66a7486684317483d22cd141bbbd9dfc90f72e49ad59a9ec4f2866b523bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/restore-cursor" + } + ] + }, + { + "type": "library", + "name": "onetime", + "version": "5.1.2", + "bom-ref": "onetime@5.1.2", + "author": "Sindre Sorhus", + "description": "Ensure a function is only called once", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/onetime@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/onetime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/onetime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/onetime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91ba5a4921894d674063928f55e30e2974ab3edafc0bc0bbc287496dcb1de758d19e60fe199bbc63456853a0e6e59e2f5abd0883fd4d2ae59129fee3e5a6984a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/onetime" + } + ] + }, + { + "type": "library", + "name": "mimic-fn", + "version": "2.1.0", + "bom-ref": "mimic-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Make a function mimic another one", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3aa6ce939a0441e019f165d6c9d96ef47263cfd59574422f6a63027179aea946234e49c7fecaac5af850def830285451d47a63bcd04a437ee76c9818cc6a8672" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-fn" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "3.0.7", + "bom-ref": "signal-exit@3.0.7", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@3.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c270f6644fa5f923c2feea12d2f5de13d2f5fb4c2e68ca8a95fcfd00c528dfc26cc8b48159215c1d1d51ae2eb62d9735daf2ebd606f78e5ee2c10860c2901b19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "figures", + "version": "3.2.0", + "bom-ref": "figures@3.2.0", + "author": "Sindre Sorhus", + "description": "Unicode symbols with Windows CMD fallbacks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/figures@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/figures.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/figures#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/figures/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c9a76e40544a2d760e1a0127e8065abbdd23de08123b28aa5d4d05f4965f79762135af899385feb38e40db38398e7b3cec60056b7e01066da45f0e17a4d71b76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures" + } + ] + }, + { + "type": "library", + "name": "inquirer", + "version": "8.0.0", + "bom-ref": "inquirer@8.0.0", + "author": "Simon Boudrias", + "description": "A collection of common interactive command line user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/inquirer@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer/-/inquirer-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38df291093cf09dca3c63f9cc6c6117ba5df0897a94f100d74d9d379bb13b90817a51c994514fdb78749c2346e6e09af9f6d022d2127a334546b25f233d5535c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "3.0.0", + "bom-ref": "cli-width@3.0.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "171aa990f3f0bb51e3b8df773a67e6e21f2e21a9d7a1f5b44715445b793944ac7e9892584ad873361a77d8acf1c72dd800467f0dcfc458dd6f651634fa43a16f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-width" + } + ] + }, + { + "type": "library", + "name": "external-editor", + "version": "3.1.0", + "bom-ref": "external-editor@3.1.0", + "author": "Kevin Gravier", + "description": "Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/external-editor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mrkmg/node-external-editor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84c438097d69d62ce6b8b63266a2cc3bfa86370d74c12bfd40308f7f35dfc85ace682492a117ea13529fd6ce5a9fae89e49642eb635ec06fa62b8f63382b507b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor" + } + ] + }, + { + "type": "library", + "name": "chardet", + "version": "0.7.0", + "bom-ref": "chardet@0.7.0", + "author": "Dmitry Shirokov", + "description": "Character detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chardet@0.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/runk/node-chardet.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/runk/node-chardet", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/runk/node-chardet/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "993f220dcae1d37a83191466a00da1981267c69965311fb4ff4aa5ce3a99112e8d762583719902340938acf159f50f39af6eee9e488d360f193a2c195c11f070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chardet" + } + ] + }, + { + "type": "library", + "name": "os-tmpdir", + "version": "1.0.2", + "bom-ref": "os-tmpdir@1.0.2", + "author": "Sindre Sorhus", + "description": "Node.js os.tmpdir() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-tmpdir@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/os-tmpdir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f6151d37562afb148bb8e57058db49936fefd9496074d2c8d4f637505edf37803ac8e19b73e45b3bff2cbbe20d8de52550638c58d6a0ebe2b35d770611557d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/os-tmpdir" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "0.0.8", + "bom-ref": "mute-stream@0.0.8", + "author": "Isaac Z. Schlueter", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@0.0.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e76d658e9285b252c4e32ab8600f475ccf6da67644a7a58a9b123226da787086ec654a4a72c09981a3c87466a25d929ef799bf744acb0790de2bb1168101f00" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mute-stream" + } + ] + }, + { + "type": "library", + "name": "run-async", + "version": "2.4.1", + "bom-ref": "run-async@2.4.1", + "author": "Simon Boudrias", + "description": "Utility method to run function either synchronously or asynchronously using the common `this.async()` style.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-async@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/run-async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/run-async#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/run-async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-async/-/run-async-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6f56756fd356fc73546b03a129ec9912b63f391aebff62b31cc2a6109f08ec012d9c4e698f181063023a425bb46b4a874d4a8136fea83d3b86dc78dbd4b8381" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-async" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "6.6.7", + "bom-ref": "rxjs@6.6.7", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@6.6.7", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "853770afeef260d213e67e00318a7ce4a03acb0d956b414b6b7460baf6e96b85b7239c729da059a38d5c3375ccfb843a7d1323dec058211d5502664c5d826f45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs" + } + ] + }, + { + "type": "library", + "name": "through", + "version": "2.3.8", + "bom-ref": "through@2.3.8", + "author": "Dominic Tarr", + "description": "simplified stream construction", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through@2.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/through.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/through", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/through/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3cf6a83b3c8f3001dbd7eb46cc0cff9b1680f90ef866f682e1785a793b86b6405d1c4811ac057e2a66669d3ccbd5aa52c9041722f96a8618e00fbdc0de35256" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "29.7.0", + "bom-ref": "jest-mock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@29.7.0#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21338c667f949184b864587cdf16003b3592b65a0dcc914edacf035ab138961b460fe028ae09db92228445ee3041507274818fc74e7d83aae25b906da7a2e59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "group": "@types", + "version": "3.0.3", + "bom-ref": "@types/istanbul-lib-report@3.0.3", + "description": "TypeScript definitions for istanbul-lib-report", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-report@3.0.3#types/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-report", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3509fb00742793f4522cec6b05b1b224cfda550fa98e3e470a06ac1717342bf2a1a004df43fe3b032525d79236c815298a18e66acf9af952413aa79cac51feb8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "group": "@types", + "version": "21.0.3", + "bom-ref": "@types/yargs-parser@21.0.3", + "description": "TypeScript definitions for yargs-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs-parser@21.0.3#types/yargs-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "238abd414f4c42fe2810ecf8b401c9b4dcf5730b8bc67d85df171cda257959da8b3e95278f7d1a52ec6dd660316131bea1ef0264c57ffbaad4e12e20443ceab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "29.7.0", + "bom-ref": "jest@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@29.7.0#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348cb7a00169f6c85d6b5f61cb81cad0745358ab4f26619d9efcb0bb4d673aa342daf660f99f9fbc90f1a4c400f3c79bd88f4471a7dc763620b03b619d84ef1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/core@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@29.7.0#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fb69e5d628c9c6b43038f32f132d624f2662e6999eb8d827a8efc718584a620fb1730e098d0d5fc6095468acf0017572c967ff70cf38190251e35e3c431c6b2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/console@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@29.7.0#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e4d8b8094ed71d08b7d88277f7c1043f846b07c795d3db173f644ea83e1b92c1eb9d3ade7b9d8fb31bd7f2da4bf0bbd3677a45cd7c8f6cd411792378d420213a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/reporters@29.7.0", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@29.7.0#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c0a6ad0a25b24e1330056231c00cd371004dca6e1c50075cb92a995be566aac3acd56ee59ab529cc8c4e60b3c1548043e636c9d90373425a5f4d1b489ad383e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-result@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@29.7.0#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15dc7eb6feb1d7396424f7165e6303006d87067691f573d277968359056c7eb6662d54f7954d5cc32c4b81199747dcabab8341a049bd04cb1f805cd34006c960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/transform@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@29.7.0#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24fc14cf17314a54cc0ee5e38746bbe70551dd472f48aecad6d46a4c690f4c0a78a534b5d02a6017f2cd585c315a6a2f7126969cdb24b357461e451102af657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "fs.realpath", + "version": "1.0.0", + "bom-ref": "fs.realpath@1.0.0", + "author": "Isaac Z. Schlueter", + "description": "Use node's fs.realpath, but fall back to the JS implementation if the native one fails", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs.realpath@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/fs.realpath.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38ed291f694ae9ad2166701d6aee48b731cf23aa5496f23b8cc567c54411b70e28c05db093c94e49a6ed1830933f81a0ae0d8c6c69d63bd5fc2b5b78f9f18c0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs.realpath" + } + ] + }, + { + "type": "library", + "name": "inflight", + "version": "1.0.6", + "bom-ref": "inflight@1.0.6", + "author": "Isaac Z. Schlueter", + "description": "Add callbacks to requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inflight@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/npm/inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inflight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93dd88fdbd3cab8c2f16c71708bbea7ec1c2ae3ac5ef2897b10b8856f544ecdf365b7f9aaa9cee51d05b7e159ccbf159477ff82207e532028b3acbcf0eb18224" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inflight" + } + ] + }, + { + "type": "library", + "name": "path-is-absolute", + "version": "1.0.1", + "bom-ref": "path-is-absolute@1.0.1", + "author": "Sindre Sorhus", + "description": "Node.js 0.12 path.isAbsolute() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-is-absolute@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-is-absolute.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0156f0dd42767bd6eaeb8bd2692f409b47e37b53daf296c6a934ec9977da2223299ebe4394385f24eb8b8fd49ff7964f5430147ab0df124f3c30f98f7bb50242" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-is-absolute" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "6.0.2", + "bom-ref": "istanbul-lib-instrument@6.0.2", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@6.0.2#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5652c67d475940d07b414a8853926dfd5933e534a489e62164ed4c2a5e404ba07413fa17ea3ec7ec4c356e65d286681c27edd8a7f5b4bb4ac9e802bf78de1bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "make-dir", + "version": "4.0.0", + "bom-ref": "make-dir@4.0.0", + "author": "Sindre Sorhus", + "description": "Make a directory and its parents if needed - Think `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/make-dir@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/make-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8577544d960854eb75131fff8c0422fb04d9669529c018ffd10b0ecea7a06f7ac630c78989212ee712c79d87c1ad1578447dbe38248e3bde48b3fef1d562786f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-dir" + } + ] + }, + { + "type": "library", + "name": "source-map", + "version": "0.6.1", + "bom-ref": "source-map@0.6.1", + "author": "Nick Fitzgerald", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map@0.6.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mozilla/source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mozilla/source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mozilla/source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52381aa6e99695b3219018334fb624739617513e3a17488abbc4865ead1b7303f9773fe1d0f963e9e9c9aa3cf565bab697959aa989eb55bc16396332177178ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map" + } + ] + }, + { + "type": "library", + "name": "html-escaper", + "version": "2.0.2", + "bom-ref": "html-escaper@2.0.2", + "author": "Andrea Giammarchi", + "description": "fast and safe way to escape and unescape &<>'\" chars", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-escaper@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/html-escaper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f688cb5dd08e0cb7979889aa517480e3a7e5f37a55d0d2d144e094bb605c057af5d73263a9f66c8dad4bc28340fac2cf22aa444f05f28781bc228354a694b7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-escaper" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "29.7.0", + "bom-ref": "jest-worker@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@29.7.0#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "788cf69ac2ff1332fd5054c5171ee305391e65f92ed32500c99659989f771f64d8122ae8231d8f42311773062d625f335c2c5bf8f02603684b22dffa64490f1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "char-regex", + "version": "1.0.2", + "bom-ref": "char-regex@1.0.2", + "author": "Richie Bendall", + "description": "A regex to match any full character, considering weird character ranges.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/char-regex@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/Richienb/char-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Richienb/char-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Richienb/char-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "916597cedbd9e5205057e79180a15e87cab9b0bb99636fbc5942339715954e0fa81b0635e2aca5c7529b2b31ddf0fe99624020d31c880d4f4930787224c6758f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/char-regex" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "2.0.0", + "bom-ref": "convert-source-map@2.0.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afa78e7d1eb576144275080b22d4abbe318de46ac1f5f53172913cf6c5698c7aae9b936354dd75ef7c9f90eb59b4c64b56c2dfb51d261fdc966c4e6b3769126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "29.7.0", + "bom-ref": "jest-changed-files@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@29.7.0#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c402b162c1fd41a50fb86d74a9adc0dcdffc781d2ccbe1a976b68cf05690c5a6cc402e32d87728882b87b9573eba1902486d727cdbedf93edcaca1fa6d357db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "get-stream", + "version": "6.0.1", + "bom-ref": "get-stream@6.0.1", + "author": "Sindre Sorhus", + "description": "Get a stream as a string, buffer, or array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stream@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6ce968beda3de3423aa2ef4c3902537c0c59e44b00be32a9b113374400b076a976585775ff6f50937e03cb18934c7805b174f7d4f053b59acdcd51f68708f62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stream" + } + ] + }, + { + "type": "library", + "name": "human-signals", + "version": "2.1.0", + "bom-ref": "human-signals@2.1.0", + "author": "ehmicky", + "description": "Human-friendly process signals", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/human-signals@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/ehmicky/human-signals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://git.io/JeluP", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ehmicky/human-signals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07814567aabf4f68e1864b2091b116dc706f5887c35bce6c9e44206b0b74ed2ec9e505d393a064355fb4c80799acce50a4c01d625a1c1a89639f4b09fd642417" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/human-signals" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "4.0.1", + "bom-ref": "npm-run-path@4.0.1", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b8f16cd95bbefbce1348ae7ee0c4e94848d02a8bd642fee4059d175b7881e1661080e94aa990e4fc4f51bb06f7dd80fe04afc805e2c51b692d22ed0bc87c25b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "strip-final-newline", + "version": "2.0.0", + "bom-ref": "strip-final-newline@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip the final newline character from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-final-newline@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-final-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06ba6f7cd004ddd72fabb965df156e9b38ca8d9439b48d6c11420aaf752892cd17525e394addc595ab55a9e7fda6b9388d10f3856e96660fb76e4f77cbaa4b8c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-final-newline" + } + ] + }, + { + "type": "library", + "name": "yocto-queue", + "version": "0.1.0", + "bom-ref": "yocto-queue@0.1.0", + "author": "Sindre Sorhus", + "description": "Tiny queue data structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yocto-queue@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yocto-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad592cbec9cd09d27fa2119ceb180fc3237c7a1782c6c88b33c9b1b84fedfe6395a897b03ee3b59a22e94c74224604ca08b7b12f831e00555a82db3b1e6359d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yocto-queue" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "29.7.0", + "bom-ref": "jest-config@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@29.7.0#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b976e97de43b47a4d906a237fd3c42538ab8b6d937bb43c9782f84d336df4a84a3aba6c9edbb813f1cd03cbd227eb918e0336ee0951d9342269415188bce3479" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-sequencer@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@29.7.0#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190c09e56655aca9ce26e898880179d94354257813671d4d1e3152101d2a10c99264a02474ca08cf0fc28fac7a345e00bd5db7014a83a45cd090dfde602613c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "29.7.0", + "bom-ref": "jest-haste-map@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@29.7.0#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cff2eda9c9fab1d0ad6b1a7d51f69c84d3f2939fe1bb3f192d5a274e053a853cb617d1bf64b1a3059212b9beb4b70d5ba7d3da5c90b765c7dd10b61956ec098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "29.7.0", + "bom-ref": "babel-jest@29.7.0", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@29.7.0#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06bbc6637c594b011c0b32af2ac0a2d86807a83aac62438fe3f6f2e710a023019743120487ef1ec37826ac4d72ed7451e8b1d9223eb22d89d48bf9a6d8a5ca06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "29.7.0", + "bom-ref": "jest-circus@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@29.7.0#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc4d6708c822a5c4e40a8705c0cf745d741a6fd6d2f8632c8dda663eb95e95ac700fddc077c8951235ffbef1cf74b3e715ff8be34bbee7e8aeb51740d4df66cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/environment@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@29.7.0#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69021f1c3ab7dc4c6c3788cfd4d5865e1c6043fc22c6ceb480388a3be5d531df0c9f43563d681cdf86500d36f68ca694590eccbb0a22b5702c3765d55cd32903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@29.7.0#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e31e00cc9cb6da6f6b73f59411c1f157224bd5745c0af71b298fa62a5dc905db05cba190b40e49ef04fe9f7647201d4e84ba643d6d1645fe0a486810213475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "29.7.0", + "bom-ref": "jest-snapshot@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@29.7.0#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "466d01316b7105c8a81ebd7f397e5808ff14a2fe2b887bca3e49ce1acf34e1983d2466609880646ed971242ffb6789ac29855b209b5f53eb4a6fcc6560d7dd93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "1.5.3", + "bom-ref": "dedent@1.5.3", + "author": "Desmond Brand", + "description": "A string tag that strips indentation from multi-line strings. ⬅️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@1.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34742d7ce396ebc583f25832a5b2c0e684fe06dd315c986262fa11e929a635765fa733865f074a5a67301bc37b3f0555595dde17febc9e60fd05a252b13061c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "29.7.0", + "bom-ref": "jest-each@29.7.0", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@29.7.0#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "827b3e12bd78f99ac4a02e5f84e7d8098d4b3871ebd1323ead0507652f13b70da5ee097ef3478773f8057f62ad930d3e4880020d3796be915cbf7074e157a66d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "29.7.0", + "bom-ref": "jest-runtime@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@29.7.0#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8149cb8e0c1d1aa5bb0782ef38891b2acf5619b9fe40ba91410f63b82e879dd78389ecc8c210cffa684cc0758211c7d0e515176ba38f9c517c049879c5e830c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "pure-rand", + "version": "6.1.0", + "bom-ref": "pure-rand@6.1.0", + "author": "Nicolas DUBIEN", + "description": " Pure random number generator written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pure-rand@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/dubzzz/pure-rand.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d559ac2fa19a01629a7ac88a10b505c76639b3df94525479d439379f97c55c8ebf2c9d33d8d709e948f3167a4705c1bc48ea0b664fbad260f16fcfbd6576238" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pure-rand" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "29.7.0", + "bom-ref": "jest-environment-node@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@29.7.0#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ce4b0091a978ab4ceca178cfb87796193ab59c76ed0b359f3b7b0528cb06dc6f65d1e302a0aa21bcbcd798c218c531b1247e3bbbc31d86607d0fda07af1af17" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/fake-timers@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@29.7.0#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab80c7d476b84d314f7712eca835cad5ddfe8a848bef22f9a023096600d89ba8bee82ca05b9139c55aff0f51ddb06c63b7565649f500b3d3b1481fc135e956ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "29.6.3", + "bom-ref": "jest-regex-util@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@29.6.3#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "289241b110b2c8b35608d04ebd9c910e70087d489127cbfe84e0506069fc803c85dd47a0c223f8830451dff4836b8da0d586d5c9c4e2754177aca8f22c50d66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "29.7.0", + "bom-ref": "jest-resolve@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@29.7.0#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20e561652ae0f94bd502c843483b47c8508205497f43700026ff2267a6639d9ef8c73bf0bb32d789df482083e04e763ad922637eeba930a66c65046c0afc4480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "29.7.0", + "bom-ref": "jest-runner@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@29.7.0#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ec73837a70f0806a1c9b1817d345cab9c0547a7e92f39cc838eec639683a6ca1e8ce7156056f4ec01ee4a747496231c3d3801b00dd924bea414e8cf768362a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "29.7.0", + "bom-ref": "jest-validate@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@29.7.0#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "641ef01ea691195c3ff61493fceb85511786eccf2f29eab4fc9d9e80818b76f8c70a662a180461cd79ad822fa055e679b97145db5f5a39cdcbb36c8b836eed93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "bser", + "version": "2.1.1", + "bom-ref": "bser@2.1.1", + "author": "Wez Furlong", + "description": "JavaScript implementation of the BSER Binary Serialization", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/bser@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/docs/bser.html", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "810c53344fc601f208ae61cb504de8272a7914ee874417e18e7c38ff032603add91832675819a063f972401a670d490698085b49edfdb71d9dfe24ce01f825c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bser" + } + ] + }, + { + "type": "library", + "name": "node-int64", + "version": "0.4.0", + "bom-ref": "node-int64@0.4.0", + "author": "Robert Kieffer", + "description": "Support for representing 64-bit integers in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-int64@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-int64.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-int64#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-int64/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b9973f75c5239ea173fa0ee9721df965a6af84834d0c5a2b5921bb4f7e8484bea207765e607dc63a858cc35a78f4a83e6dcf9d8f234f2ef6a52f49579405e1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-int64" + } + ] + }, + { + "type": "library", + "name": "makeerror", + "version": "1.0.12", + "bom-ref": "makeerror@1.0.12", + "author": "Naitik Shah", + "description": "A library to make errors.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/makeerror@1.0.12", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-makeerror.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "266a82bd4866b78de669d9691731b8050cc6d99de6eadbd00cd29d0a56673b755b22e749626c6c4f414d24c7a2076f894d295341349b53c41d7ac566c097262e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/makeerror" + } + ] + }, + { + "type": "library", + "name": "tmpl", + "version": "1.0.5", + "bom-ref": "tmpl@1.0.5", + "author": "Naitik Shah", + "description": "JavaScript micro templates.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/tmpl@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-tmpl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddfd2e384010c08a86b965b6315cd883c7d5fd036773f229b89346f37eeb2ee73301a2d51ec9561d9423e081a2125e47b379246e1c0bf406fb1ebb26ba3f929b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmpl" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "29.7.0", + "bom-ref": "jest-resolve-dependencies@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@29.7.0#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d330ffeaac49f92d1eb7b5b1788dc7e5749ef654c1051edb3870875e4291ea5b86e66c030e5233550d15e5c642ba84e011d71dc334e085891359fb9b8be9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "2.0.2", + "bom-ref": "resolve.exports@2.0.2", + "author": "Luke Edwards", + "description": "A tiny (952b), correct, general-purpose, and configurable \"exports\" and \"imports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f6516e8dc379ff68c803572fb4ad2aa01e5bf7f56640959ad709d9dbc8488a9b5ec34aa1d7e0c99031a493dc56de591e454ee45c530600ce265a8e38b463b9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.13.1", + "bom-ref": "emittery@0.13.1", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0de5b06b093aaf9c91f631609c3298b78b0b4b42e61c9262dd93a76f9fc975b6308f79d6f85c509c72238412b3f182c2ee844d3d533d350e3b237095c77e1ea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "29.7.0", + "bom-ref": "jest-docblock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@29.7.0#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abad7b02ec3703ad7682ec9a160b1b15e62934fe6dd9aa1434bc0151b73fd240f5478b7d8b10dbc854c77759e89387a9a15169afb3e67961eb86fb95dd7689e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "29.7.0", + "bom-ref": "jest-leak-detector@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@29.7.0#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91803c20971262d493d8163d23e48c0b7da70e9053dc9d8dbd6271f3e242b82765fc247523810a50944e88ff17b42731aa04d304624d75b07503c5d129b4deb7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "29.7.0", + "bom-ref": "jest-watcher@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@29.7.0#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e3d160ed65e4537565da1e8b6cbb4c43f1f207aad74885fb4aabc12d09acb1104637d2343cdbcf980982592398e923afae3848fc5eff6c602ff51b67b0f034de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/globals@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@29.7.0#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a98b3dddbad2db916d8c345b9b50650454b9131a2a96eb22d54c0f896cfe9f23a27988bf58d0d960f24f79a5c17c72d2b0092ed6571b5e06cdbd8617c0a2dcd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/source-map@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@29.6.3#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3078d3f7942e8a970fae92ccfbc24c4b3171e9e1e9e419bee177850c9970b2f5418e628d88802f6ac18ad9fc73d966c64659efa9e8456e1d3b30c6bb9f76099f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-jsx", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-jsx@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of jsx", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-jsx@7.24.1#packages/babel-plugin-syntax-jsx", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-jsx", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e0adc595dffa46e4308b174b8a684ef4f862ee6b5e245afbdc46553e7aada8218e605328ca4535cf51e080e20787a66a8f5e3b6d8ec7b0b1b891bb060131a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-jsx" + } + ] + }, + { + "type": "library", + "name": "helper-plugin-utils", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/helper-plugin-utils@7.24.0", + "author": "The Babel Team", + "description": "General utilities for plugins to use", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-plugin-utils@7.24.0#packages/babel-helper-plugin-utils", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-plugin-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-plugin-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c5339d7306d3e17146e25fbcbf364254ea2338555bdb0bd0a8cc3c784038ebe94062fc42d7719c12882e306ac651f2962cf4c826b51bdd3765723f16e1f2db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-plugin-utils" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-async-generators", + "group": "@babel", + "version": "7.8.4", + "bom-ref": "@babel/plugin-syntax-async-generators@7.8.4", + "description": "Allow parsing of async generator functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-async-generators@7.8.4#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b727266719067d96b184c45b5e53d7b95169756957a62af65b800c85226044ace4fde0e52173a16f62c75a82e90c5ed3107ca5579ccd872917e8a0201c999337" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-async-generators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-bigint", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-bigint@7.8.3", + "description": "Allow parsing of BigInt literals", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-bigint@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c274e71651be631426def0f1a46139ecf8f4b2b454e2c1c4fe60e4b75aafd9824949e50079cda66b858b52750f78a8f2adf9ed5707bf37a7425e953eccbdcda6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-bigint" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-class-properties", + "group": "@babel", + "version": "7.12.13", + "bom-ref": "@babel/plugin-syntax-class-properties@7.12.13", + "description": "Allow parsing of class properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-class-properties@7.12.13#packages/babel-plugin-syntax-class-properties", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-class-properties", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-class-properties", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e6e227632a56b461a85436014d2c2074ab249db283e264fde2404deb932d26054b4c676df20c9f5225d83a7574d20e7ba5395aa21771e0afd9db5ef5d341960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-class-properties" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-import-meta", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-import-meta@7.10.4", + "description": "Allow parsing of import.meta", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-import-meta@7.10.4#packages/babel-plugin-syntax-import-meta", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-import-meta", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62a7e6f970f1d3e3eb8775527844023d4f35c82f89599da90cf1524b865da5f661a7832414c6830b552ab1ea2f10ac125299c82fbfaf2be0a5a7b6df874883ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-import-meta" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-json-strings", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-json-strings@7.8.3", + "description": "Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-json-strings@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ea4746a561ef8e87b6be4e16ac06a912e051ebd10cc5997e46819186b14635854af2638f016f157db4ff660ac56d794336289ac509c0b6054267a8efdf410" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-json-strings" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-logical-assignment-operators", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "description": "Allow parsing of the logical assignment operators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-logical-assignment-operators@7.10.4#packages/babel-plugin-syntax-logical-assignment-operators", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-logical-assignment-operators", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77cc1a4a19691438a743932dbc653dc4300ecca1f8efe145a277b2d9b68522832bf79da128e2e9d4747b56cce866f3ac57fe3e451b33358ec3d7b6dad2d7b48a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-logical-assignment-operators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-nullish-coalescing-operator", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "description": "Allow parsing of the nullish-coalescing operator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-nullish-coalescing-operator@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6927dfe333c8235bb6403ef2f85f280eccf5f5ec3820610983d4955be6eac29c2d7c595e8900cc77303f47e525583cdf9c7142c7195e153d0f308ad1dfa5cb35" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-nullish-coalescing-operator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-numeric-separator", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "description": "Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-numeric-separator@7.10.4#packages/babel-plugin-syntax-numeric-separator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-numeric-separator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f47e9875f91c2bfb8e9d8fcaeff680db1a73680824427dfbcb35943112bb39a3cea8ea464b5fa7d07e61c53f40530f44b128cf5bc495c8c270611b56b375f7ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-numeric-separator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-object-rest-spread", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "description": "Allow parsing of object rest/spread", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-object-rest-spread@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e8a8c8a31996fdcb7cb65ec90df8fd70506895c16679266a03470c79fb71a612994dc95336b360e0f082c5426f2b58ce3ca2b1b2e58a48e4197c535cbbc9d94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-object-rest-spread" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-catch-binding", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "description": "Allow parsing of optional catch bindings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-catch-binding@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e953c3d0f7359694eac3468aa1e45332207e916840a13db83c0fa4b16481ac5b65e52211569665c0ddcd34f4237a103613ff75155dd18cb5a855382559c495dd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-catch-binding" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-chaining", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "description": "Allow parsing of optional properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-chaining@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a82bd12b1f53019423f15745403645d6dbf770e2f95b183ac5833f1b994b0119890545c6d1c0c87a70826e6dd3eb931470b8676d0a4d2fff03d329b42006392" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-chaining" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-top-level-await", + "group": "@babel", + "version": "7.14.5", + "bom-ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "author": "The Babel Team", + "description": "Allow parsing of top-level await in modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-top-level-await@7.14.5#packages/babel-plugin-syntax-top-level-await", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-top-level-await", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-top-level-await", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "871fbeba92efe54d6b8187f07b5c41414851994e35344be952fae9f2392b48276f1929cce7fa9d44cb72949e8f1b938590168791b4c02939dddff63211244717" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-top-level-await" + } + ] + }, + { + "type": "library", + "name": "pkg-dir", + "version": "4.2.0", + "bom-ref": "pkg-dir@4.2.0", + "author": "Sindre Sorhus", + "description": "Find the root directory of a Node.js project or npm package", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-dir@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pkg-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1d10f36da2a30be00e5955f1014ff1e7808e19e22ff5e6fee82903490a0d4ede17c96a0826fb8fb178b3c6efc5af6dc489e91bb59c2687521c206fe5fdad7419" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir" + } + ] + }, + { + "type": "library", + "name": "resolve-cwd", + "version": "3.0.0", + "bom-ref": "resolve-cwd@3.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from the current working directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-cwd@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-cwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3ab65a5f631bfab242a47ffa0a94aab7dc4556937efb1d355e737689ef60e8fe7fdf17a52c0917595003a5dcf52070ff2857c45f213a574534d4e43750edab12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "29.7.0", + "bom-ref": "jest-cli@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@29.7.0#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3955686f0d88b9b37f19262cc444e2fa039eeca6b9f4414c47fb70394dc96f61a728a78c189079486514ac4cf7485566240494759533cbcdec2cd350da066c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "create-jest", + "version": "29.7.0", + "bom-ref": "create-jest@29.7.0", + "description": "Create a new Jest project", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-jest@29.7.0#packages/create-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/create-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "01dcf66dd1f456adc5e772843093a87ed405bad582ba49ba276e306cf5913b893590c63b812eddb3fba826436e57cc030ad5969eec06709c2959c8a1fb3116d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-jest" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "8.0.1", + "bom-ref": "cliui@8.0.1", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05278d9f2bacef90b8fff350f6042dd7f72c4d7ca8ffc49bf9a7cb024cc0a6d16e32ca1df4716890636e759a62fe8415ef786754afac47ee4f55131df83afb61" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "get-caller-file", + "version": "2.0.5", + "bom-ref": "get-caller-file@2.0.5", + "author": "Stefan Penner", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/get-caller-file@2.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/stefanpenner/get-caller-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f214fdc133fdd81d340e0942ffc343991d1d25a4a786af1a2d70759ca8d11d9e5b6a1705d57e110143de1e228df801f429a34ac6922e1cc8889fb58d3a87616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-caller-file" + } + ] + }, + { + "type": "library", + "name": "require-directory", + "version": "2.1.1", + "bom-ref": "require-directory@2.1.1", + "author": "Troy Goode", + "description": "Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-directory@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/troygoode/node-require-directory.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/troygoode/node-require-directory/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/troygoode/node-require-directory/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c6c4423bfb0b06f71aef763b2b9662f6d8e3134e21d1c0032ba2211e320abc833a0b0bf3d0afb46c4434932d483f6d9019b45f9354890773aff84482abba2f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-directory" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "5.0.8", + "bom-ref": "y18n@5.0.8", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@5.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d297c5cde81e0d62472480264cb44fd83c078dd179b3b8e8f6dbb3b5d43102120d09dbd2fb79c620da8f774d00a61a8947fd0b8403544baffeed209bf7c60e7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "2.0.1", + "bom-ref": "argparse@2.0.1", + "description": "CLI arguments parser. Native port of python's argparse.", + "licenses": [ + { + "license": { + "id": "Python-2.0" + } + } + ], + "purl": "pkg:npm/argparse@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f3ef56a9e6db173a57f4e47e59ae8edbd6ac22881e44ccdc1ad00835da4c1c7c80835d1fd3969215505b704a867ff3d7c35123019faadbf6c4060dc3beeacadd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "json-colorizer", + "version": "2.2.2", + "bom-ref": "json-colorizer@2.2.2", + "author": "Joe Attardi", + "description": "A library to format JSON with colors for display in the console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-colorizer@2.2.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/joeattardi/json-colorizer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-colorizer/-/json-colorizer-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7aa19b70575a625eb42744d4ed25ea91bfe07d63f7570182ea04169897f08e71476867180b04b00ef3cf829e46d3e8cc4db3473913d98f0486f6b0570dcf7bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer" + } + ] + }, + { + "type": "library", + "name": "markdown-diff", + "version": "2.0.0", + "bom-ref": "markdown-diff@2.0.0", + "author": "Martijn van Duijneveldt", + "description": "Generate a diff between two markdown files in markdown format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-diff@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/martijnvanduijneveldt/markdown-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-diff/-/markdown-diff-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "625ac74890b6ac0b1e707082ddce556a178aec6a6dd749040552aa2b9012ead91b4e2fa1bfe9393d73e517e8aa010ff7e9720d36aaab2baf13f6811a66a49174" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff" + } + ] + }, + { + "type": "library", + "name": "marked", + "version": "12.0.2", + "bom-ref": "marked@12.0.2", + "author": "Christopher Jeffrey", + "description": "A markdown parser built for speed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/marked@12.0.2", + "externalReferences": [ + { + "url": "git://github.com/markedjs/marked.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://marked.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/markedjs/marked/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a97526edefd8285a2a14f60f6b752483dc6523973202d1a6c8423331f5bffe6ea45f00b2d8fb3d0d87f98a88a314a43cab2bac72b1e8634e2224672dbb62a0d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/marked" + } + ] + }, + { + "type": "library", + "name": "markdown-table-ts", + "version": "1.0.3", + "bom-ref": "markdown-table-ts@1.0.3", + "author": "Jiri Hajek", + "description": "A zero-dependency library for generating Markdown tables written in TypeScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-table-ts@1.0.3", + "externalReferences": [ + { + "url": "git+https://gitlab.com/jiri.hajek/markdown-table-ts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts/-/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-table-ts/-/markdown-table-ts-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ae9ec55e606aa661a6b0417dd969d2ba476062f2e6d7914f20e0d93b1f7ede7a1b9312718c161cb33a997f956a4e306d2123d2342ef38d4f68df3c292fa01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-table-ts" + } + ] + }, + { + "type": "library", + "name": "mocha", + "version": "10.4.0", + "bom-ref": "mocha@10.4.0", + "author": "TJ Holowaychuk", + "description": "simple, flexible, fun test framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mocha@10.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/mochajs/mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mochajs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mochajs/mocha/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mocha/-/mocha-10.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7aa84607c24a6a9118702e32b57ff1af329fa2b8047378f5a469405d5cb7791c2bb40cb9fe721f4f54af806cdf3745d967178bab46905a4394026a88262bfe6c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browser-stdout", + "version": "1.3.1", + "bom-ref": "browser-stdout@1.3.1", + "author": "kumavis", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/browser-stdout@1.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumavis/browser-stdout.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa1015235f80bf65fba9e94e7c0218c1738da2877a5e5644fdf5da052996fd3e52ccb0260a0ce2f9e89613b7d4bdb1da78d0501f5dd47ed8e95f1b1f2e432983" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browser-stdout" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fill-range", + "version": "7.0.1", + "bom-ref": "fill-range@7.0.1", + "author": "Jon Schlinkert", + "description": "Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fill-range@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/fill-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ea3d17e74c5260b62dc6f805b56f9ca2714cf8c29be451a5ee200ee1abce42fb984565fdd8d84aed8e750d8f6b7d36378a2a91283d8abea368b589d94495a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fill-range" + } + ] + }, + { + "type": "library", + "name": "to-regex-range", + "version": "5.0.1", + "bom-ref": "to-regex-range@5.0.1", + "author": "Jon Schlinkert", + "description": "Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-regex-range@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/to-regex-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb93fb8b3e97e7212bd5cc1c82f4316db230ed493780ecb974876d678ac3bde2ea86b7493fe2e2fc7c7ab722b43446fed860b29de08c2621aaac00c248d93cb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-regex-range" + } + ] + }, + { + "type": "library", + "name": "is-number", + "version": "7.0.0", + "bom-ref": "is-number@7.0.0", + "author": "Jon Schlinkert", + "description": "Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-number@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-number.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e350a27e483a7bc4f2952a5db53a5e2d532abd20445734edb47bc4443ef8d7ea6767c00dbf4d34e0c44be3740a3c394af5c1af369e8d6566540656c65d8c719e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-number" + } + ] + }, + { + "type": "library", + "name": "is-binary-path", + "version": "2.1.0", + "bom-ref": "is-binary-path@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a file path is a binary file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-binary-path@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-binary-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64c11161eb3aa43c9dcae1a276c7bb3ac1f1b5b23b595794128ce047f83baddd31522998365bd9444fcad8c8194e35b2ef6e487de94b79570433dee69ad4465f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-binary-path" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09e87eee8c79a9eecb26e2c7a18d1f7a1de91ee5031c071151ec8bd95620859c1fa64348cbffbc39c8346b752e4a86336af9b2970b8b59039fde19748e330c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/binary-extensions" + } + ] + }, + { + "type": "library", + "name": "readdirp", + "version": "3.6.0", + "bom-ref": "readdirp@3.6.0", + "author": "Thorsten Lorenz", + "description": "Recursive version of fs.readdir with streaming API.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readdirp@3.6.0", + "externalReferences": [ + { + "url": "git://github.com/paulmillr/readdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/readdirp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/readdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e4b4f3da27f1176ea9d6e1bd0e59dfb0341128ecab3eaa9d171f7ec314df8f7916e4dda929beedb849dbd26f20eb010c41276a7e433eef6ddd3a3d55194ccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readdirp" + } + ] + }, + { + "type": "library", + "name": "wrappy", + "version": "1.0.2", + "bom-ref": "wrappy@1.0.2", + "author": "Isaac Z. Schlueter", + "description": "Callback wrapping utility", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/wrappy@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/wrappy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/wrappy", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/wrappy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9784a9fc346c7a8afdc0be84bd5dbe4ee427eb774c90f8d9feca7d5e48214c46d5f4a94f4b5c54b19deeeff2103b8c31b5c141e1b82940f45c477402bdeccf71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrappy" + } + ] + }, + { + "type": "library", + "name": "is-unicode-supported", + "version": "0.1.0", + "bom-ref": "is-unicode-supported@0.1.0", + "author": "Sindre Sorhus", + "description": "Detect whether the terminal supports Unicode", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-unicode-supported@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-unicode-supported.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "927c46daae140b7bbcb2d446c8054908e771166bf90d989171d94868041701b49f2726be3a1a29368b4b42bb2d061aaeaaee19a6e29b0dcffc4ba9a05e03c53f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-unicode-supported" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "serialize-javascript", + "version": "6.0.0", + "bom-ref": "serialize-javascript@6.0.0", + "author": "Eric Ferraiuolo", + "description": "Serialize JavaScript to a superset of JSON that includes regular expressions and functions.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/serialize-javascript@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yahoo/serialize-javascript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "42bdd3a2cbe0b85b7c78f5aab2f45facac905c8896fa719b629cbc5cadb83501c4f3771ac56b7e988ca64d3d7d0c615b35634b7c4c2cae44a637ae2555607d6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serialize-javascript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "randombytes", + "version": "2.1.0", + "bom-ref": "randombytes@2.1.0", + "description": "random bytes from browserify stand alone", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/randombytes@2.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/crypto-browserify/randombytes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd897788e5fee022945aec468bd5248627ba7eca97a92f4513665a89ce2d3450f637641069738c15bb8a2b84260c70b424ee81d59a78d49d0ba53d2847af1a99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/randombytes" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "workerpool", + "version": "6.2.1", + "bom-ref": "workerpool@6.2.1", + "author": "Jos de Jong", + "description": "Offload tasks to a pool of workers on node.js and in the browser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/workerpool@6.2.1", + "externalReferences": [ + { + "url": "git://github.com/josdejong/workerpool.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/josdejong/workerpool", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/josdejong/workerpool/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/workerpool/-/workerpool-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b10813dee40d9bc5f566fd7fa8796972b8b304a528651c3841a22186f638ebbf22b0d4f62c23d1f0fffd2b00e84e626f0271a44be1ba59496384a5e0672903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/workerpool" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "20.2.4", + "bom-ref": "yargs-parser@20.2.4", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@20.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e92980d84f4e513bde1e1514016c3a7a262556a8bcef15a8b0f3cb9b1a0a1441150141a0c622ae8c325be43d1c1e07145e19ed5653886de24b3249036f7244" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-unparser", + "version": "2.0.0", + "bom-ref": "yargs-unparser@2.0.0", + "author": "André Cruz", + "description": "Converts back a yargs argv object to its original array form", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs-unparser@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-unparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ee9453200f5073571a6746d9e9161119b1c9b61256b9a91ff969872b4ad578b90daeb1a17e869b04d76e7ba91d20d23aaf889fee872af5a0ff9fbc7028e77338" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "4.0.0", + "bom-ref": "decamelize@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f621353e04a293d1de208c3624ef78222767137781a10ac5277c3bb05bb3497e03a66677bf9b19a54895e52c1c7fa990105f98d2bbbc35ea3ea7e9f287627e85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decamelize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "2.1.0", + "bom-ref": "is-plain-obj@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6169dfc91c312fff92b2b5987cea54b73e5bdd80fe9f27e41ef8db71a9f393cce0c8ee00483ebbb95311b7c9396cce252cc0e75dfae24613a97a6c3e35f4f578" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "version": "5.2.0", + "bom-ref": "mock-fs@5.2.0", + "author": "Tim Schaub", + "description": "A configurable mock file system. You know, for testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-fs@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/tschaub/mock-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tschaub/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tschaub/mock-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9d17647a60c4996e98a9d55d561ca18b363aff938f2e40296a3156f91f730ebf073daa1622b37fc859b8f4daa220fd8f0c0d7285178739bf4af1c76a3ac5367" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "version": "1.3.6", + "bom-ref": "objects-to-csv@1.3.6", + "author": "Anton Ivanov", + "description": "Converts an array of objects into a CSV file. Saves CSV to disk or returns as string.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/objects-to-csv@1.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/objects-to-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/objects-to-csv/-/objects-to-csv-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfcdde4a94b786680292c5bce4a22a06d71b8125b90c356c0a6ccba0ce82deae32cce5f6ae6b56c45e296cb27be9fcfeb9f03ee3f4b0013e1075a63a2145a602" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "async-csv", + "version": "2.1.3", + "bom-ref": "async-csv@2.1.3", + "author": "Anton Ivanov", + "description": "ES7 async-await wrapper for the csv package.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/async-csv@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/async-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-csv/-/async-csv-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a9b0237e0fb9b365eaab943c3b5133e1bc3403971d62f35f44f5f6ca22df1dae48040f91523a506fdd193ffac5dd7af9cedb0c2546454e43891d4f4032a8fa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-csv" + } + ] + }, + { + "type": "library", + "name": "csv", + "version": "5.5.3", + "bom-ref": "csv@5.5.3", + "author": "David Worms", + "description": "A mature CSV toolset with simple api, full of options and tested against large datasets.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv@5.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv/-/csv-5.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "413698d178e385340e760b80445d2518a9b9fe612af4f0fdfd585965e8070c806adad43080da47737767783e261a8da226cf9f4cabf9069d1f67e051b98dd9d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv" + } + ] + }, + { + "type": "library", + "name": "csv-generate", + "version": "3.4.3", + "bom-ref": "csv-generate@3.4.3", + "author": "David Worms", + "description": "CSV and object generation implementing the Node.js `stream.Readable` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-generate@3.4.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-generate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/generate/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-generate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-generate/-/csv-generate-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3f4feaea474bf0bc7a96b3fd59c8c0d6b471d225a374ea4951a895c11290c968cffe75992ca3438a87555cbae62f2b75cce772b2b1536af0aa3f7a908af303b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-generate" + } + ] + }, + { + "type": "library", + "name": "csv-stringify", + "version": "5.6.5", + "bom-ref": "csv-stringify@5.6.5", + "author": "David Worms", + "description": "CSV stringifier implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-stringify@5.6.5", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/stringify/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e3890eb9f5a43e7d44d0a92addd571039ceaf9da3877d1106eadfce4b1c684dad3da16c0c7e703801c98b0f17007a614649c2c0c504f4a45ac9ce0afcd6cef0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-stringify" + } + ] + }, + { + "type": "library", + "name": "stream-transform", + "version": "2.1.3", + "bom-ref": "stream-transform@2.1.3", + "author": "David Worms", + "description": "Object transformations implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-transform@2.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-stream-transform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/transform/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-stream-transform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-transform/-/stream-transform-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f461d488ce613220a2e98d378c3d80442d5eb6d0579100684007bb9c9b0f9279c8d28c35d1a5e34e77b0f10b584262e3ce7f7be019e658400980263a64fd4379" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-transform" + } + ] + }, + { + "type": "library", + "name": "mixme", + "version": "0.5.10", + "bom-ref": "mixme@0.5.10", + "author": "David Worms", + "description": "A library for recursively merging JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mixme@0.5.10", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-mixme.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/adaltas/node-mixme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-mixme/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mixme/-/mixme-0.5.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e47efa00d5a29c1d47dedc2927a258f2ebc0b69985bc7340ae98a52408d744a5d20c32cf20ca1902bc39487d2af73fa52ecf08accc3b436556a568a614a153d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mixme" + } + ] + }, + { + "type": "library", + "name": "oclif", + "version": "4.13.0", + "bom-ref": "oclif@4.13.0", + "author": "Salesforce", + "description": "oclif: create your own CLI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/oclif@4.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/oclif/-/oclif-4.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c12b4e4be3963c2c513ca2bc87a037648009aeed940377b6f568d791ad2085e0fd64a60375495d8e3b6df2d2930dfac3ac64009d17f06de32f4baea28620726d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-cloudfront", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Cloudfront Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-cloudfront@3.575.0#clients/client-cloudfront", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-cloudfront", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-cloudfront", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-cloudfront/-/client-cloudfront-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a3a39ffdc9954b510287ef7fc531f8267a2b003663279a9c563b7b40ef5cad4106549b9183585e20e327c7a14d6745e453c284854a1c3b32f69d641a6e08693" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "xml-builder", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/xml-builder@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "XML builder for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/xml-builder@3.575.0#packages/xml-builder", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/xml-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/xml-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "716800c266c560d085ccfc312fbd39fa55a9b3417766f39c92e7ddd8a2a8119526b69570f7fb7151736b3f24945d29914d2461a1ab4830004d7d2b56474e376d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/xml-builder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-waiter", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-waiter@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for client waiters for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-waiter@3.0.0#packages/util-waiter", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-waiter", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-waiter", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-waiter/-/util-waiter-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9f1172711832c2a2a44a5529a8d1ab86c5aa9b882a3ef28a61fb86ae79f62368dc6338b2926363315507d1ce8eb93da66fe1fafee655a0f9abbbbd2b8927fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-waiter" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-s3", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript S3 Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-s3@3.583.0#clients/client-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a52ef09dcba04ae210f1182d44813d0f2b2d76677798c9e37e388ed62035521197932020a09cd0e231f4afee57f9e5a660761071fcbd7d44174f682a577b7d18" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sha1-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha1-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha1-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha1-browser/-/sha1-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "349b61e5cf7dec62c7b3a9ce613cc52936d874c340ebfd5794a5609d9a1a65c43bcfb50994e823d8975b1c4f2d8982d2ddfcd734282e72defb48f19ab76ada4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/region-config-resolver@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.577.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e0284214008dc33ab1ff18e0df3805716f00962e91f42f797051022964ffec250cd43d0c1af91c9521f670b6ab9870a626053aa272a426ba05b56a74907860ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.577.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eabed1636d232dc9c653595c037bc0d15a8beea0c6c0e789e1528670554eab5bd3920fa359586479d7605418715a5b35b45a0f3ef838f5d05aca4c6d97b6a7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-env@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.577.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "271bb6e798f4813a0c1848aab9f3fc66d288f075bdd2538b8f02772eb7650ff34bb00634b4e41fd5f59ce77bb6f215a698d18cc660ab2f6a7ae883a030384353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-process@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.577.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a29fa056b4e897c488084eb27737073e6363f5b954fa86e611e0471b03f0c950f5b23b49fdcb95052dec0fbd56cb9119f5e49784a84ac12d4ac772592238ab7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.577.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6461c6351682b49266b336fd5139c2ee2ccd0ad454b6d74f94b74c921e3528f4b7daf7ddac10c7b3526ba5b6628c8b518f5c4ab8e5ec8984972c068719c2e1f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/token-providers@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.577.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d02908669702dc3350250d610e39b66dd4b2fd78ececdcb962f4ac69c6ac18e90d7e4f85764890cba37aedb657dd96dcf4a231f8dcf86eede20de3523699679d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso-oidc@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.577.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e398a48f0d6b9e59661516915c6763f77c8ebfa5d4150dad05802c986613a724b8041d921c04183502c9e455669c06e2e8a69f5756dda6fbb84eeae818d7fd6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sts@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.577.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e74f4a9258a6bdad575658466e94e9797de438fe8e4699b8e2dc09c431e96bd4d445b9a86b18fbbde5a59cb09b0e8af10d3adbb03821bd866c86f70bb288d5a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.576.0", + "bom-ref": "@aws-sdk/core@3.576.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.576.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.576.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "283bc395b7a2a524c87fe7df2ad4e0d66e35f532bbb3d9994960bc6efb99f6ac7afec8d014e5c828e56acae962e839dfc466ef45cc2846e63df4e7021f537fd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.577.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a96751ce32cad704d7337341d0a6fd15323a80129734f43500ed183781425f9fcba684c2fb03b6d79d4caa3c0f92e78ab7f7b51883595e40a7529f6dce8b041" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-user-agent@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.577.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f9e470178309a21c7a45c792443ef3a701b7e137bbfab16bfd3c142cfb3dad0bb42205c3d2d1c74947a3df57b2759f854f2b9dbf3a7acade5f55c5d43b32cd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-endpoints@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.577.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "163b94cf529dcb8665cb6abf739f2da5da8777acfb88e754fdc698ce873c8f08001c10c16c824d40b094f615c99cf57633ca56c500f2219b28570b66bc4acfcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-http@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.577.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fefb2842a7aedbf7e651184758d6385a981e44fcef90b080ce3d2b9199d69218c08e77cda850428f8085445356e4ab10ec071822116bafb5f84aeac3620d2d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-ini@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.577.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abb9473edbfa06346f0a1504de6d2d21a1192b13d3699d41de52b1198b0597754b02ee4df3218250ac2e0358b37f8b9c4fe2f22ac7151aa2ba543671d5ebf79f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.577.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8959b9490bd2ec48194c9b116aa50e9834290503cf3dab78d9209b585bc540e2eb97ca9ec2af0e3fde21152e70da63fadb39e0798cea8499c37a5efd1d76f17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.577.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "070ba3757af276593a504c8f99ec26e46a86e27910e8e5724614bf4b264fffa50a485bf6fec7f7f750a6cf484dd22b544c7d6b4785de2e59fc5c23ad6ab92bce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-bucket-endpoint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-bucket-endpoint@3.577.0#packages/middleware-bucket-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-bucket-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-bucket-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b70964357d95a1f33a9075f30c48893a260273db550017b971bcb1300ad15ac708b02586f666a63e10bbedecc6e17b0df5d144c157711180f90aba66ff91148b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-bucket-endpoint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-arn-parser", + "group": "@aws-sdk", + "version": "3.568.0", + "bom-ref": "@aws-sdk/util-arn-parser@3.568.0", + "author": "AWS SDK for JavaScript Team", + "description": "A parser to Amazon Resource Names", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-arn-parser@3.568.0#packages/util-arn-parser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-arn-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-arn-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-arn-parser/-/util-arn-parser-3.568.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d4289596a3e28e07b7db9cf3f4fa0fe8e54964bbf5f9dedee2fe1fac3c7af9c71613249f426276d3a28f799b3c5eef15af90baec36d27c2fe327367f4836cdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-arn-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-expect-continue", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-expect-continue@3.577.0#packages/middleware-expect-continue", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-expect-continue", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-expect-continue", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9d3e9f13bf8174a1fe2e9f9200c86eaafbe1ab46b3504383f6340301d56d153b826812ed42f0689ebdb6c32e2f3c4c52059ad2a99c70743830b3c27a1ef09b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-expect-continue" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-flexible-checksums", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-flexible-checksums@3.577.0#packages/middleware-flexible-checksums", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-flexible-checksums", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-flexible-checksums", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "207014122a487da823c3dd8b57c48e48188217b667a9f1dcc35e0891c656dbf99fac2cb5161fe4e343284bfb774eba36b50f75ae040fc14a12801fd00a2d8eae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-flexible-checksums" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2334a0b2bc5472cade8d06cf5629482b2d7a9004f9d84c01eb349a23e337c712212a1e7e6a5744caf23ecfa7ab33b4c22c1d8126c16bb478e9ebfe3fb2bfb774" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32c", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32c@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32c@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32c", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32c/-/crc32c-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10d34f3cc6a79a7549e014d794e8c0803ed446275b0339d446a0f42af7d1132738a36d033d874495d5357f9710ec96e3d0224948f68c224ffd66c85d077db5d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-location-constraint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-location-constraint@3.577.0#packages/middleware-location-constraint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-location-constraint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-location-constraint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ca3d30f60f6b3eb76414a3f21762d55affa527f0667ea61493064c81371da47d9cf82b06af865fc92734aa4d5dc67c25e455d16eec2ae3a17ec167aa9679350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-location-constraint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-sdk-s3", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-sdk-s3@3.582.0#packages/middleware-sdk-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-sdk-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-sdk-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c9a90a4ba0b6993d12382ff5d951e1e477d5152bc540afd477f30bf4a2c19e313bf30fd8b0cf39342364ed06a15d6bfe71101d58815619c32aaf992b579adb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-sdk-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-signing", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-signing@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-signing@3.577.0#packages/middleware-signing", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-signing", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-signing", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "412fdd877f8da996d7b58d23fc367cebba203f8d77a46e5c146a81cbd39e3a10ccb2895cc0bad06e2d12d1ceb6d5d73540dabe7abf5f7da32167f68f9325d722" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-signing" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-ssec", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-ssec@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-ssec@3.577.0#packages/middleware-ssec", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-ssec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-ssec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-ssec/-/middleware-ssec-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8b604f251faba7cc6645520673487590344570cd89f469c296aaa973e34b4a399869d95c83898f9258accfd1f3c0555c44f2795dc19fdd4e0162ce46f3e893ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-ssec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signature-v4-multi-region", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/signature-v4-multi-region@3.582.0#packages/signature-v4-multi-region", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/signature-v4-multi-region", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/signature-v4-multi-region", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68508e8e336a117da5f95f108ce5b2e45ec2b47202fd1958741bafdcda3acb19fea4cbd55147bacdd324db21d672e755a475accaf719cc050196200f7852cfb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/signature-v4-multi-region" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-browser@3.0.0#packages/eventstream-serde-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "341ec01623cde0dc4ffd80809ebbd8475f33dbf66c887885ed5b46df482c84ef466c5ac86f5ac2f1ea78346a49496af3e8feb8ba13d77a8e0cd14b022e764aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-universal", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-universal@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-universal@3.0.0#packages/eventstream-serde-universal", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-universal", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-universal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1cd15f4a19a8b5619e0285b8ba33fc99e57d0596af72999eac36cf2239096f129b37c46c51ca5143fd8ec88c563715cd1f6196080c6e481ef29e62062654370f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-universal" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-codec", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-codec@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-codec@3.0.0#packages/eventstream-codec", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-codec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-codec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-codec/-/eventstream-codec-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d4b72100d0e8a4e7449a105099d163d5b45f6dcffb5ecded9f0e9b56e9645797e46b11e9c7f146c48ee74ecfc89a922325de513794256a61fd98fb39cbf1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-codec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-config-resolver", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-config-resolver@3.0.0#packages/eventstream-serde-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "454406def4372d7ee97aaa8701b99aca182b1796938a53e76b38a7692185d4fd3eb60337bef21158f1e694b233daa16a07d2ea148c5d8adc5cf0ed99ea9b2b47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-node@3.0.0#packages/eventstream-serde-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-node/-/eventstream-serde-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da44f74c0433011316572140283c69bf867b62c63b7f545a54ebe5660b2898258cd11d1c68688d4c37ee5713e8484bc009d860872cc14420e2f3abdc71d4481" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-blob-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-blob-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-blob-browser@3.0.0#packages/hash-blob-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-blob-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-blob-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-blob-browser/-/hash-blob-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd66e9760f9bc09bd6ee5c51ff3a5601cd7fc7f62472a82eb85d9b033909aef5eb899bb5be6f2bf8f51d138b32895c1083b3cf476757a62dc22c16fda910da55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-blob-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader-native", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader-native@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader-native@3.0.0#packages/chunked-blob-reader-native", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader-native", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader-native", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5439290985bea5e4ae338cc98a9e560dfaaf836328fdef32c4ebf7545d66d75cbb07c28a30a545b666560dedfa16f93cac6b96acf6471d767bad1eee339c96ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader-native" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader@3.0.0#packages/chunked-blob-reader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader/-/chunked-blob-reader-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1b9d4442c231748124e81a5b0188099dd654429929fbda7bbd6b17c9bb9948c7a4541201eee86c1331ba827614128b43ee99c9b9bc5c6c8bd5d65dbda64daa0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-stream-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-stream-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-stream-node@3.0.0#packages/hash-stream-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-stream-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-stream-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-stream-node/-/hash-stream-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2748bb75ef848170c41884c3e1fc7398c5fc0b208d1134c84579718cc88d52fbeeefa5e7dc6277d70411f39ca794f936c08d65aa892700525a0f57e234395b20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-stream-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "md5-js", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/md5-js@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/md5-js@3.0.0#packages/md5-js", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/md5-js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/md5-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/md5-js/-/md5-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e6d2faeb5738e50fee910904f1ec3dcbb39f12dc5507d590ad53530887fa9099a3a8d47f6530dd9ab3a0a291c13081ab6d9c0f5251149da09276ef131c11f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/md5-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confirm", + "group": "@inquirer", + "version": "3.1.9", + "bom-ref": "@inquirer/confirm@3.1.9", + "author": "Simon Boudrias", + "description": "Inquirer confirm prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/confirm@3.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/confirm/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/confirm/-/confirm-3.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "505d3d69e8f10a2e17aa6e8dfe32408855c0ad77e2f5a979d8015a483fb6b881e78591ad77577a94819344c3e8b95489c5b1848be1e43964986a2118ffeb3353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/confirm" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@inquirer", + "version": "8.2.2", + "bom-ref": "@inquirer/core@8.2.2", + "author": "Simon Boudrias", + "description": "Core Inquirer prompt API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/core@8.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/core/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/core/-/core-8.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bc4ae357e398c41655f7101269bbd07e4b64c84b330f197648b89f4c13ddb84aa6dd5ba3ede9f2242af5e0ee638438a2785b1a50b318f45137dc2ff038df85b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "figures", + "group": "@inquirer", + "version": "1.0.3", + "bom-ref": "@inquirer/figures@1.0.3", + "author": "Simon Boudrias", + "description": "Vendored version of figures, for CJS compatibility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/figures@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b5d7cc434c1f9a49b79fecb175740df59466a972f271b37f451c055f714e73fe2b27df1369aacb120c06b67c8a341c9369d4d13426e34110079dd8adec961f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/figures" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type", + "group": "@inquirer", + "version": "1.3.3", + "bom-ref": "@inquirer/type@1.3.3", + "author": "Simon Boudrias", + "description": "Inquirer core TS types", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/type@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/type/-/type-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5352dd0dba5ca55f6effcccc74e1961aaff92bd6b69a8854d5bd0e5f7a58d0b22020766d163e3e12ef7ff27b47dbb2587ed7942b22e0ef7c25d37a4ee9318e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/type" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "group": "@types", + "version": "0.0.4", + "bom-ref": "@types/mute-stream@0.0.4", + "description": "TypeScript definitions for mute-stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mute-stream@0.0.4#types/mute-stream", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mute-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mute-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mute-stream/-/mute-stream-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "08f33d9f3ac23cf24740d03d91e1fd09591523e591e6431afbb5c4b398dc190d15a001a72efdb8db0f252158300047e6138a2e7c945a4dcf4f34b425d22a00a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "group": "@types", + "version": "3.0.0", + "bom-ref": "@types/wrap-ansi@3.0.0", + "description": "TypeScript definitions for wrap-ansi", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/wrap-ansi@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/wrap-ansi/-/wrap-ansi-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96d229c7e90cee0fcc2d165f91b2fb12c0848dfcc271270ba64837ede5c4b71e649ab00a0644c9c1dd462008c348bf304e933a1f39f960ee2949bf75044c2ed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "input", + "group": "@inquirer", + "version": "2.1.9", + "bom-ref": "@inquirer/input@2.1.9", + "author": "Simon Boudrias", + "description": "Inquirer input text prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/input@2.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/input/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/input/-/input-2.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d714c21e621ee3cc7d086d7ef209401eb555747f907d887380151b832a15a69e4da2f9d78117234a7fd236e95ea717fd3a5f070eade0cf0dd908052bfa1d44ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/input" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "select", + "group": "@inquirer", + "version": "2.3.5", + "bom-ref": "@inquirer/select@2.3.5", + "author": "Simon Boudrias", + "description": "Inquirer select/list prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/select@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/select/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/select/-/select-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "232063f2812d99d1761b1e052533ed1326b7ecc0fab342804cab07aa09a5b3494aec441b8584aaf46425705aba701b187bf720434160d9c0aa6183e2fddfdfc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/select" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "plugin-not-found", + "group": "@oclif", + "version": "3.2.1", + "bom-ref": "@oclif/plugin-not-found@3.2.1", + "author": "Salesforce", + "description": "\"did you mean\" for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-not-found@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-not-found.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-not-found/-/plugin-not-found-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63617258b133893ae0750c1de0bb59718bf754e31e0e15b4a56ea16c4d2eddf25dc6cf1fdc92df38724f77c14fa2b56dda576c6a3e3371751603abcc40a78a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "3.0.0", + "bom-ref": "fast-levenshtein@3.0.0", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84a28d6a39b8eae3664e58474b2664993a00739eae649c18abbcab722663a8ec6795f4301110d02661cf529ee6d66f70c7cbe039ef08682299e4abf69350dd09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7919c2b534ed199169402c2126250ebb13d05915d52980e7d1bd8f7877d72fafd98b9dd22c0cc01df5615562b602bc82fd61f4e6419fc611483ef4c5d125d0ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "async-retry", + "version": "1.3.3", + "bom-ref": "async-retry@1.3.3", + "description": "Retrying made simple, easy and async", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async-retry@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/async-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/async-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/async-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1faff8ecb70f71362ff4b5e307ad15bb76ccf72ede4046160d6767b0a5a76785a229e666c02e13803fe10076c0bbb7867ac2ab0356ff7e5ba826d4393d984cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.13.1", + "bom-ref": "retry@0.13.1", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.13.1", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d0050dc8f16d4281ed127a1fba8238f4dcb6e64455aea2cce02bda280a9c1822b861a0ef34a5fab8714914e439249f07ce7c5b5e470959e7a3d838663215676" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "change-case", + "version": "4.1.2", + "bom-ref": "change-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform a string between `camelCase`, `PascalCase`, `Capital Case`, `snake_case`, `param-case`, `CONSTANT_CASE` and others", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/change-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/change-case/-/change-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2c58db0b3d3adbe220b1b51226392bb34dc64aa0fc99d19c5c4bb4a43de896af8a22318bb76332b49dd04093f400be96db429666302b0e77056a4e31b968ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/change-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camel-case", + "version": "4.1.2", + "bom-ref": "camel-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform into a string with the separator denoted by the next word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camel-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83119606b4d3d49b8cc7a47ea393d35cc9949e19d5ccb43d48dbad0f862a2ad23a6a9f3deedded28409895aea0096124a655e794dc9b124660f46106c4a14283" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camel-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pascal-case", + "version": "3.1.2", + "bom-ref": "pascal-case@3.1.2", + "author": "Blake Embrey", + "description": "Transform into a string of capitalized words without separators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pascal-case@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/pascal-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b969464f76129caf71dc140968e75c670ae757a84fa5df23147d7fb9ca622d13e1ff6cc2549292d7d1381af607bda09c0029f77e85d9d1c2c1f56af1d4a19ee6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pascal-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "capital-case", + "version": "1.0.4", + "bom-ref": "capital-case@1.0.4", + "author": "Blake Embrey", + "description": "Transform into a space separated string with each word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/capital-case@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/capital-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/capital-case/-/capital-case-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76cdfb5bc0b2b478309e11864e2f3ca5c3f2475e6aa0d90ea58c2630c7e75aaa9680449aa4baaf0f1ea1b858d0e6fa964a7d99d3ad7bdd7340ecbb4c39e521d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/capital-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "no-case", + "version": "3.0.4", + "bom-ref": "no-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with spaces between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/no-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/no-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e000dde318087e468c541991d348e2c922a51cdb09a8070191e2d6e93402a69a8bc5a16ab439d4646f456495d45e3b66b68814ff384ba51bd5d251cd74af7ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/no-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case-first", + "version": "2.0.2", + "bom-ref": "upper-case-first@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string with the first character in upper cased", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case-first@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case-first/-/upper-case-first-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e75e29a581c168ac1f2512bfa4d0ba73f3b17c66b4a1b4a7025d74eaef7b11dd08eb6e4d8a7f7a2808edb5917a64bdded572eda61c67aab3a2f625a09bebbe6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case-first" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "constant-case", + "version": "3.0.4", + "bom-ref": "constant-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into upper case string with an underscore between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/constant-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/constant-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/constant-case/-/constant-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "236852062ed5becec112e243af97431dfcdbfd1ba3dc5caf17287b28b8a5023350c3705efb182a5010365bab1c54470bd212f57703d1b48a843d55022a44acc9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/constant-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case", + "version": "2.0.2", + "bom-ref": "upper-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to upper case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case/-/upper-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a07600c626dd93a6ec015088e01ba973c36196151096f5091f922bf40f1a871cb6091e6b6675420a71977cac78054a3a29553970ea08330a6d5bf0c150c2292" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "dot-case", + "version": "3.0.4", + "bom-ref": "dot-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with a period between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dot-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/dot-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afe672a587ac91addac6bf1789d9ee72d9e454a64528b085b8036012dfccf04b3dbbceeeee7c3c103e2e4986cdd702518d7ad9776e69c6850b0cb642899e3df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dot-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "header-case", + "version": "2.0.4", + "bom-ref": "header-case@2.0.4", + "author": "Blake Embrey", + "description": "Transform into a dash separated string of capitalized words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/header-case@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/header-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/header-case/-/header-case-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ffbee9394c4115670ad1d25a76cde77d382a35b8020b325c742443200b6eabcf2249dcdd6fe979301c75c941d4767684a37063cce8e28f6282607f4a65275d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/header-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lower-case", + "version": "2.0.2", + "bom-ref": "lower-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to lower case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lower-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/lower-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edf9b797734017d59f37a5b724e99fe5daf0a55a97efc26da0627703a5b46ba66795d338d70d9f5790f8f74a6c2854e931db3c4c9b1efde1cb145b0d1c78c782" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lower-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "param-case", + "version": "3.0.4", + "bom-ref": "param-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with dashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/param-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/param-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/param-case/-/param-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "457963ef3098a2445ea96a4e3c7f68622bd4ccb619e6f00f21f1260933558a8b02efc17c1741fdcbb4fb806d8cdfdca682eb7117981c144b326504a987d069dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/param-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-case", + "version": "3.0.4", + "bom-ref": "path-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with slashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/path-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-case/-/path-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ee2a0858d7a954eb71b3edfe141f85343e56116ca8d28e3edcad80d2a42b14a8129dd73d443c39b16e78fca5388a24e608e7ebdaf2f178942f10b0a2ddd67e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sentence-case", + "version": "3.0.4", + "bom-ref": "sentence-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case with spaces between words, then capitalize the string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sentence-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/sentence-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sentence-case/-/sentence-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0b4b42489da40c091a10ed8532b40a3fc54bb95b65e74315761c8ffab8ce94ec22134b546a3c496bdf457ab88ab230a33d949191545cb9ff80aecdc8b13584a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sentence-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "snake-case", + "version": "3.0.4", + "bom-ref": "snake-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with underscores between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/snake-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/snake-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c03a1e33f3d6c642f97da457cd17c575e3a8bba3bfc2a853dbab36203fec98cc3203792f4768d16d5c005a9915be010cc454e0dcbc4efd96327ef1af5849d32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/snake-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-yarn-workspace-root", + "version": "2.0.0", + "bom-ref": "find-yarn-workspace-root@2.0.0", + "author": "Square, Inc.", + "description": "Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/find-yarn-workspace-root@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/square/find-yarn-workspace-root.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-yarn-workspace-root/-/find-yarn-workspace-root-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d483276e3b782b3b107e7867ccd77cc141205d9e3823365a6669cb631ec3e45665687b76816db40ab8bc43e13fb79b488f8f9ea5306e6fed99c6efef3482f3a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-yarn-workspace-root" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "github-slugger", + "version": "2.0.0", + "bom-ref": "github-slugger@2.0.0", + "author": "Dan Flettre", + "description": "Generate a slug just like GitHub does for markdown headings.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/github-slugger@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/Flet/github-slugger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Flet/github-slugger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Flet/github-slugger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/github-slugger/-/github-slugger-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21a390f69b98b63ae4abb63462097d283667adffda89425852955ff3dcbc9326b16d11bb6354ab5ff8daba6aeff35bdceb5fa488c7a6a6e8ec337630ef0e6a73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/github-slugger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "got", + "version": "13.0.0", + "bom-ref": "got@13.0.0", + "description": "Human-friendly and powerful HTTP request library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/got@13.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/got.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/got#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/got/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/got/-/got-13.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5df064d42c4e39270370cafd3b5c8a90d690cb2f3ae4d6d8b3e17b76be07d0b64c5600a3d8b7b9f64e8fa9b347a0be53a1e684414621e9ceb231f55c73a489c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/got" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is", + "group": "@sindresorhus", + "version": "5.6.0", + "bom-ref": "@sindresorhus/is@5.6.0", + "author": "Sindre Sorhus", + "description": "Type check values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sindresorhus/is@5.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sindresorhus/is/-/is-5.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d5eedf062986895ac9f4d2d143a81c3cf94aa6afc0347d1535b6f4d08726731afd2c24219140bdc918c237b9cb8aa375c865d50ff8bc7bfe0876b7795ec32ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sindresorhus/is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-timer", + "group": "@szmarczak", + "version": "5.0.1", + "bom-ref": "@szmarczak/http-timer@5.0.1", + "author": "Szymon Marczak", + "description": "Timings for HTTP requests", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40szmarczak/http-timer@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http-timer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http-timer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http-timer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f9905f43e20183cc79561edb7ecb24062f38c616d63dab1f96113b24b76f8093549ba6df81df46f2af033a331c0406d139c735d51f63d9c2794c9102cfff73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@szmarczak/http-timer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "defer-to-connect", + "version": "2.0.1", + "bom-ref": "defer-to-connect@2.0.1", + "author": "Szymon Marczak", + "description": "The safe way to handle the `connect` socket event", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/defer-to-connect@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/defer-to-connect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2dbedb5ea571b555a606ad189b93913025dd6de2e76e9d239531d2d200bea621dd62c78dfca0fc0f64c00b638d450a28ee90ed4bd2dc0d706b1dcd2edd1e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/defer-to-connect" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-lookup", + "version": "7.0.0", + "bom-ref": "cacheable-lookup@7.0.0", + "author": "Szymon Marczak", + "description": "A cacheable dns.lookup(…) that respects TTL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-lookup@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/cacheable-lookup.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faa272c78c622ab6bc999adcc218cc44c5210f9351d51f1eb0f933218c57f7a26279c168c405c5bb3fc6a51dfe7afe0f13559a9878a9efcc15d2f7263d0b69f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-lookup" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-request", + "version": "10.2.14", + "bom-ref": "cacheable-request@10.2.14", + "author": "Jared Wray", + "description": "Wrap native HTTP requests with RFC compliant cache support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-request@10.2.14", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/cacheable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/cacheable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/cacheable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce40d3e56005e21492a148327e0e6d148c73f1740afb6e56fd32d5a2325330a05ac5ebcb041b4bc60aa0b80b95401f0f556efd1558c7714f8627db556c367d99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-request" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "group": "@types", + "version": "4.0.4", + "bom-ref": "@types/http-cache-semantics@4.0.4", + "description": "TypeScript definitions for http-cache-semantics", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-cache-semantics@4.0.4#types/http-cache-semantics", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-cache-semantics", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-cache-semantics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d66d1b20555cede256caf7bd4b4467b9181c42a17f5dde50b1464065e405af5437fe9f495a841012a995cbe0cf4cda465f086021eb40a1817c252737deadbd40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7abdbde4328f56c57cda3e64c351a3b7e00303f5d81ec6a397cd9c18d406d9eca83e4be05215fe9c32327a5ce12166dbb173f7f441dc23a979b58b36158a985d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "4.0.0", + "bom-ref": "mimic-response@4.0.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b92121fdc4c614d03ceb4fe8e5f2adb37bd0fa79606da3e23c08da5ef9523e2b627f17f9373dd91d4ddcf8c2f1951f8353a68f8d4584d522e31010c31cb0baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-url", + "version": "8.0.1", + "bom-ref": "normalize-url@8.0.1", + "author": "Sindre Sorhus", + "description": "Normalize a URL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-url@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/normalize-url.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20ef50be350c5b13d0421b3ad283aed740919160a26734949336d718657da6f8989757d761cbe4cd0e6357dcfc63aba7f0046855197812d0babfa8cda9b689ff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-url" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "responselike", + "version": "3.0.0", + "bom-ref": "responselike@3.0.0", + "author": "Luke Childs", + "description": "A response-like object for mocking a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/responselike@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/responselike.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/responselike#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/responselike/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/responselike/-/responselike-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e34c87c5b35c976fabcd7bd9b9592b62885ab61b122653135caaf21b9cbcb9c887bf5fb10cb1d0a608c6eb82543bd9eb12ada318b1fa219f01719cb0df0af07a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/responselike" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decompress-response", + "version": "6.0.0", + "bom-ref": "decompress-response@6.0.0", + "author": "Sindre Sorhus", + "description": "Decompress a HTTP response if needed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decompress-response@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decompress-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "696df9c9933a05bff8a099599dc307d8b0a866d2574d1c444b5eef137868462a305369161da24a1644810e70d1f9c9bd27ef5085799113221fbf4a638bd7a309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "form-data-encoder", + "version": "2.1.4", + "bom-ref": "form-data-encoder@2.1.4", + "author": "Nick K.", + "description": "Encode FormData content into the multipart/form-data format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data-encoder@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/octet-stream/form-data-encoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c8361280d32b6aabe7c621173b8862f3cf986716870ba40acdbe4df388910930de44eed900ba62aff95599ffee5d4867c14af63b81d4f2cfe7eb1fb23634241f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data-encoder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http2-wrapper", + "version": "2.2.1", + "bom-ref": "http2-wrapper@2.2.1", + "author": "Szymon Marczak", + "description": "HTTP2 client, just with the familiar `https` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http2-wrapper@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http2-wrapper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5799d5c353c03a07c8dcb99e6a3d84c667a0edf7a78e1454833d653d27b3cb50ae84f61b810b5b423e2365f10010c95a2febeea6cbe18ea0b28f3a1bd32c6c99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http2-wrapper" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "resolve-alpn", + "version": "1.2.1", + "bom-ref": "resolve-alpn@1.2.1", + "author": "Szymon Marczak", + "description": "Detects the ALPN protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-alpn@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/resolve-alpn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1ad45e25ef7fd915939a9099d0dc5be4276fa0493416cffaf6284e4e7436344f13e6e61e0692a91659f338ed3ec7b1b9ceb5c255105e1ea42572eaeed0dcafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-alpn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lowercase-keys", + "version": "3.0.0", + "bom-ref": "lowercase-keys@3.0.0", + "author": "Sindre Sorhus", + "description": "Lowercase the keys of an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lowercase-keys@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/lowercase-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a33082ea0750fa0957390b2f78a0f462c0f2f034901630d3cf8cf2cc41cd579f893f90fad8b99f0d9ea8d5cc9c171f68b86f78d0ce5d13c0bc0937b0763d9859" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lowercase-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-cancelable", + "version": "3.0.0", + "bom-ref": "p-cancelable@3.0.0", + "author": "Sindre Sorhus", + "description": "Create a promise that can be canceled", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-cancelable@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-cancelable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a55604773c6bb3968d0c993764e1c5ea5d69704032e738d4c083ab26eb65e430912247137718bdd27df918beac289db90905cac8ed4befe5987dca3be7da253" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-cancelable" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eabbc27de456f8e1196a0001e2530b48db933586562d5b4a71c2bbf554937ffff24d8e5538281ca47f343be6d92bc35ea6cee95277791be425320d7257fda265" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90df5d25bbe7c921d42c896e0c7cb7d961d152edce83b07db1b63bb6c14b72d42422a9cc877844ad881d3234d8baa99c5d7fa52b94f596752ddc6ef336cc2664" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71ba87ba7b105a724d13a2a155232c31e1f91ff2fd129ca66f3a93437b8bc0d08b675438f35a166a87ea1fb9cee95d3bc655f063a3e141d43621e756c7f64ae1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21f0f59cfdfb4ca8001d16206ee85cba2543988ea0c9049bc88697c33321ebaf445ba7996266a7784e3b50fd181f2e328565bf8b331e61a66979a8e5b2d2abe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e2538dabfb13b851b512d5bba8dcb3c992394eef8df45e7e5254085da73cec3c7b236d855f9679c57404e069b9cbb9d7be0aabb6e69e8dfa0da5c3f3c5b1ae3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-package-json", + "version": "2.10.0", + "bom-ref": "sort-package-json@2.10.0", + "author": "Keith Cirkel", + "description": "Sort an Object or package.json based on the well-known package.json keys", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-package-json@2.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-package-json/-/sort-package-json-2.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31879c7ef39b3302638c9b2487161fb8e003917a7564c3270850bcca1a7ef470ec93b1e1477dfa85dede881b3dea54d77e2aa650d23e59009e08c441865db9d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "detect-indent", + "version": "7.0.1", + "bom-ref": "detect-indent@7.0.1", + "author": "Sindre Sorhus", + "description": "Detect the indentation of code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-indent@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-indent/-/detect-indent-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31ced0850f2cf9c2eb9d47d4fc98bde2f1bfafc336ea6f1ffbebf2adeb38668a236910e9675792221fc4a732cdc255aebf3499dd46c316ca6316f4c35dee9efe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "get-stdin", + "version": "9.0.0", + "bom-ref": "get-stdin@9.0.0", + "author": "Sindre Sorhus", + "description": "Get stdin as a string or buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stdin@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stdin/-/get-stdin-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7552818df5a2b0b02271aac8d927fe26e044fc382157853334055ef7284426ecde44477726139313d7146894de49aefb7ec6d050ade970ea497cce7df9529968" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git-hooks-list", + "version": "3.1.0", + "bom-ref": "git-hooks-list@3.1.0", + "author": "fisker Cheung", + "description": "List of Git hooks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/git-hooks-list@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/fisker/git-hooks-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/git-hooks-list/-/git-hooks-list-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c5f15787791eeffb001b5ea7e04654d25ffd41251f50d6f10c47c240cf570483a197d3bfb3ca3dec01d0ef6238ffc679487d5b86823e2a05e8b52b784a1fe3c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/git-hooks-list" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-object-keys", + "version": "1.1.3", + "bom-ref": "sort-object-keys@1.1.3", + "author": "Keith Cirkel", + "description": "Sort an object's keys, including an optional key list", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-object-keys@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-object-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-object-keys/-/sort-object-keys-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39e69bcaf95914ecf68a60f73e2639e6b781337a3407ca1845df7ab7d6a1bcc7b99a0f391e1610004e174261acb5d422123bea803308ce04ff9f3d97b420fca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-object-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-jsonc", + "version": "1.0.1", + "bom-ref": "tiny-jsonc@1.0.1", + "description": "An absurdly small JSONC parser.", + "purl": "pkg:npm/tiny-jsonc@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/fabiospampinato/jsonc-simple-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tiny-jsonc/-/tiny-jsonc-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a4e810b1cef6bd0e88847c35ff962d0bd9c58a3cf10d62f8b1529ac5765dd83e2e1b6595210e7348f5852469caeffae206f74767c51e6636a6a80fa5210fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tiny-jsonc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "open", + "version": "10.1.0", + "bom-ref": "open@10.1.0", + "author": "Sindre Sorhus", + "description": "Open stuff like URLs, files, executables. Cross-platform.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/open@10.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/open.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/open#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/open/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/open/-/open-10.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a791e435a8fe547b6c1df9a8af4c3dcd1ddfe567de8bbb48e07f4a7092d2cfb71e9c4d9887eedc9e191447b34cd7d2b6eb6a15cf9d79549db797c9a041b886b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open" + } + ] + }, + { + "type": "library", + "name": "default-browser", + "version": "5.2.1", + "bom-ref": "default-browser@5.2.1", + "author": "Sindre Sorhus", + "description": "Get the default browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser@5.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser/-/default-browser-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "598ff74d4304d31dca3d875147110926f5d11d5e0fc8fa14b31b596bbf25c08b7045044785dd94f713ac71a4ff6137fcb825c8023789385055121ffb16d0fc5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser" + } + ] + }, + { + "type": "library", + "name": "bundle-name", + "version": "4.1.0", + "bom-ref": "bundle-name@4.1.0", + "author": "Sindre Sorhus", + "description": "Get bundle name from a bundle identifier (macOS): `com.apple.Safari` → `Safari`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bundle-name@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/bundle-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bundle-name/-/bundle-name-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63c0ce5ec4c83a046448fa43664e7b4db2f7594b55fc045612ead9c9da1747d2457133afde559db1cbe16a4ad496bd89ad7c53032c8c6eae8ac7c0329f0f3e5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-name" + } + ] + }, + { + "type": "library", + "name": "run-applescript", + "version": "7.0.0", + "bom-ref": "run-applescript@7.0.0", + "author": "Sindre Sorhus", + "description": "Run AppleScript and get the result", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-applescript@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/run-applescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-applescript/-/run-applescript-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5bcb8223f7d254aff3021415240ca2d62b71bd1d55e669b2b3f54e4c948008bafbb39223a271162cf1724bc57fb16a10fe98b8a20980ea17d74a020b7328fd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-applescript" + } + ] + }, + { + "type": "library", + "name": "default-browser-id", + "version": "5.0.0", + "bom-ref": "default-browser-id@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the bundle identifier of the default browser (macOS). Example: com.apple.Safari", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser-id@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser-id.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser-id/-/default-browser-id-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03aa7fa6effa7f205c0354d1cff1aa5983d58a996b7ed716da0642f6aefd9e0342280791fd7de070475740797828d5d5fb7c20209d423e4250dc81ccea572cc8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser-id" + } + ] + }, + { + "type": "library", + "name": "define-lazy-prop", + "version": "3.0.0", + "bom-ref": "define-lazy-prop@3.0.0", + "author": "Sindre Sorhus", + "description": "Define a lazily evaluated property on an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-lazy-prop@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/define-lazy-prop.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37e31e5d8a2aaf7a4e827f317f244f44437b8076a42d88e1b07856193ddf58088be08900b74883c35e108a2126d9b137d1ce575f9ab416d000dc22b97fdfc152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-lazy-prop" + } + ] + }, + { + "type": "library", + "name": "is-inside-container", + "version": "1.0.0", + "bom-ref": "is-inside-container@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a container (Docker/Podman)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-inside-container@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-inside-container.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-inside-container/-/is-inside-container-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28860b08226085f1d9c6a8d8044eeb132d0e06e4dde710874bbb47560bc22e4c7b4ad2286b1c0d5b784200b80452315f79193e306fd0c66a7fbed113105ded44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "version": "4.2.0", + "bom-ref": "prompt-sync@4.2.0", + "description": "a synchronous prompt for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompt-sync@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/heapwolf/prompt-sync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompt-sync/-/prompt-sync-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06e133cdce73a6d3f92ec815e4c6444e30da29259f72197953d2ee8aef122a9ee26560f9b596a53b1bcd719470bfe776a61345afcc656f198535c44a7c93b327" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "lodash.truncate", + "version": "4.4.2", + "bom-ref": "lodash.truncate@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.truncate` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.truncate@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8edb6645eedb46c7b9d8eb1620c0cb697c56a91026b4851c70043781aaef882a898da7d739f34c3b4c8c7cda5d0facdb19a4d4d0fe4dcfb7bb8004fa70a98947" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.truncate" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.2.3", + "bom-ref": "tmp@0.2.3", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d90fb9bd8823c2e60d2962671ac688182a08127cbb1dc65f287f743fa086ea0aa2cb20ef48005d065a35f5cfd3594473e25eff167b1e320c2699b20130d18f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "29.1.4", + "bom-ref": "ts-jest@29.1.4", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@29.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6221f00e14af0a222da0082c2ada0b142b9a903cc3b09d432c39d2a2e4da4e674e70ec08912cdb2d776e690e8ce4345586e642fcd61a699fe6b476d632ffd2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "remapping", + "group": "@ampproject", + "version": "2.3.0", + "bom-ref": "@ampproject/remapping@2.3.0", + "author": "Justin Ridgewell", + "description": "Remap sequential sourcemaps through transformations to point at the original source code", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40ampproject/remapping@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ampproject/remapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ampproject/remapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ampproject/remapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df4899b403e0cfe2d3218a1e8afa98a3ce777f4da305849de6e1a71a9905574337c4eb7d68def77ab920600999538df1e157ea7272f15bd2a98374792c2e1863" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ampproject/remapping" + } + ] + }, + { + "type": "library", + "name": "js-tokens", + "version": "4.0.0", + "bom-ref": "js-tokens@4.0.0", + "author": "Simon Lydell", + "description": "A regex that tokenizes JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-tokens@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/lydell/js-tokens.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lydell/js-tokens#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lydell/js-tokens/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45d2547e5704ddc5332a232a420b02bb4e853eef5474824ed1b7986cf84737893a6a9809b627dca02b53f5b7313a9601b690f690233a49bce0e026aeb16fcf29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-tokens" + } + ] + }, + { + "type": "library", + "name": "helper-compilation-targets", + "group": "@babel", + "version": "7.23.6", + "bom-ref": "@babel/helper-compilation-targets@7.23.6", + "author": "The Babel Team", + "description": "Helper functions on Babel compilation targets", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-compilation-targets@7.23.6#packages/babel-helper-compilation-targets", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-compilation-targets", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f49079e3c199a10566ceb160a7ca3b2b17609131a6eb1b3d0d6d28fcf8a6ef65038f3af939b510e99cd83ea03e83d3934b66c142872d2c9ae4cb444308059181" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets" + } + ] + }, + { + "type": "library", + "name": "compat-data", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/compat-data@7.24.4", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/compat-data@7.24.4#packages/babel-compat-data", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-compat-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be0f068a1d8c2cafa43a41c9a788011089326888b4d23816a2dd83f503a699f2c2f2320d48ece608bb5ae81bf3fc94810aa9de815d0bf348e1c64a25e4658d7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/compat-data" + } + ] + }, + { + "type": "library", + "name": "helper-validator-option", + "group": "@babel", + "version": "7.23.5", + "bom-ref": "@babel/helper-validator-option@7.23.5", + "author": "The Babel Team", + "description": "Validate plugin/preset options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-option@7.23.5#packages/babel-helper-validator-option", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-option", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39b6d00e30bb2be775605e44db931f2803a6137d3e2aeff1f35d22c46268dc49324f30f42dbead410fbf41c9ea79c4c5186c64731290ec8d47f7772a79e082b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-option" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "5.1.1", + "bom-ref": "lru-cache@5.1.1", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@5.1.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a9340450037230bfe8d3034bad51555bae1f8996baf516fd1ee7a186cc014e5cdedd93f16f89a0d6f0b1e62b9d8395c1f858fda7ea023cbcdd5a7ac045828f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "3.1.1", + "bom-ref": "yallist@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b850641a58f1f9f663975189c01b67b09dc412e22e05e374efdc9a0033eb365430264bd36c2bc1a90cc2eb0873e4b054fb8772ba4cea14367da96fb4685f1e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yallist" + } + ] + }, + { + "type": "library", + "name": "helper-module-transforms", + "group": "@babel", + "version": "7.23.3", + "bom-ref": "@babel/helper-module-transforms@7.23.3", + "author": "The Babel Team", + "description": "Babel helper functions for implementing ES6 module transformations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-transforms@7.23.3#packages/babel-helper-module-transforms", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-transforms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-transforms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edb06ce040fd3a6b3075f0f3a73e0ca56812ad5ec55e5737cc86a0bcb1634b91fe324ed29ebdb5bd0e90c2bb2808631f342e1ee0b40f76850b12de32933d1245" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-transforms" + } + ] + }, + { + "type": "library", + "name": "helper-environment-visitor", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-environment-visitor@7.22.20", + "author": "The Babel Team", + "description": "Helper visitor to only visit nodes in the current 'this' context", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-environment-visitor@7.22.20#packages/babel-helper-environment-visitor", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-environment-visitor", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-environment-visitor", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdf79d488cc585ab7f8058567c7b605af95e7349ea07d604215ae9bb08ebb8b9577d44a703c7090749a21cac2a0e743b777d9a2a8db1b7cf3fc59a6dc316df84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-environment-visitor" + } + ] + }, + { + "type": "library", + "name": "helper-module-imports", + "group": "@babel", + "version": "7.24.3", + "bom-ref": "@babel/helper-module-imports@7.24.3", + "author": "The Babel Team", + "description": "Babel helper functions for inserting module loads", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-imports@7.24.3#packages/babel-helper-module-imports", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-imports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-imports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be229bd05f5fdacd01092db6412177d3ccfffb5616295ffbea6c2deb5341cd2e62ccccc33f076ad694ebcdff8b8b79e90565fd29d41b91e0add6348033b959aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-imports" + } + ] + }, + { + "type": "library", + "name": "helper-simple-access", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-simple-access@7.22.5", + "author": "The Babel Team", + "description": "Babel helper for ensuring that access to a given value is performed through simple accesses", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-simple-access@7.22.5#packages/babel-helper-simple-access", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-simple-access", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-simple-access", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f41fdf44fcaf818a46b7fbe58d2f5ecf3afa38aca599ee5644a7543e7d2b556d48bc9f13d01013a54e608ec56ff426c4b9e9228a43ea2301eda91ca247377e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-simple-access" + } + ] + }, + { + "type": "library", + "name": "helper-split-export-declaration", + "group": "@babel", + "version": "7.22.6", + "bom-ref": "@babel/helper-split-export-declaration@7.22.6", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-split-export-declaration@7.22.6#packages/babel-helper-split-export-declaration", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-split-export-declaration", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-split-export-declaration", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02c527c6e2e1458b22b0589a270be9d5017e2372a30f914ec6eb75e2afc6ce8bd47baa2b1cb7ac5b60bb77be789119b9de1e60aabcfab0597ab31738055b44fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-split-export-declaration" + } + ] + }, + { + "type": "library", + "name": "helpers", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/helpers@7.24.4", + "author": "The Babel Team", + "description": "Collection of helper functions used by Babel transforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helpers@7.24.4#packages/babel-helpers", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helpers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helpers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15ec1d9596d28b06951a5813d433c0343b821da0cc88ea3e0ff2036111588c73aebfaeb131227b7d0c30383c113403e400320eff3d44a05fe5d810969560010f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helpers" + } + ] + }, + { + "type": "library", + "name": "helper-function-name", + "group": "@babel", + "version": "7.23.0", + "bom-ref": "@babel/helper-function-name@7.23.0", + "author": "The Babel Team", + "description": "Helper function to change the property 'name' of every function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-function-name@7.23.0#packages/babel-helper-function-name", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-function-name", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-function-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "384ac4aacaf18d94c97226783a8f9ea19a9e5bd50888e72e60a449038640815f66c80fa93978619a97cd08a8c41ff6ae55f11854527acb54dce2bd1e200a6a8b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-function-name" + } + ] + }, + { + "type": "library", + "name": "helper-hoist-variables", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-hoist-variables@7.22.5", + "author": "The Babel Team", + "description": "Helper function to hoist variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-hoist-variables@7.22.5#packages/babel-helper-hoist-variables", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-hoist-variables", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-hoist-variables", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c068e4f50655cef92703ac8a2145116fccd8de0ad709c399b7effb59ccbc3b6b9cb7186996650f90e76582836199d55e7b673dd895db7f5c6932d54d6dfa3147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-hoist-variables" + } + ] + }, + { + "type": "library", + "name": "helper-string-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/helper-string-parser@7.24.1", + "author": "The Babel Team", + "description": "A utility package to parse strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-string-parser@7.24.1#packages/babel-helper-string-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-string-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-string-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "da87d10a39e703dcbec24f1bf4801112ba1e50fd36287a78df53769a12a78b2db22880caa5bac7bfd797c26f1c05e59061c266cefe6a282bbae4fe3b78217b09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-string-parser" + } + ] + }, + { + "type": "library", + "name": "to-fast-properties", + "version": "2.0.0", + "bom-ref": "to-fast-properties@2.0.0", + "author": "Sindre Sorhus", + "description": "Force V8 to use fast properties for an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-fast-properties@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/to-fast-properties.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fce68a2b4c58aecdc39b1458a8bff20dcf85c455156210e55cc8519afdf3f75e70d87175b67375a26077e788fc55418efe16d1cf20fa637b00eefec64bf71ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-fast-properties" + } + ] + }, + { + "type": "library", + "name": "gensync", + "version": "1.0.0-beta.2", + "bom-ref": "gensync@1.0.0-beta.2", + "author": "Logan Smyth", + "description": "Allows users to use generators in order to write common functions that can be both sync or async.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gensync@1.0.0-beta.2", + "externalReferences": [ + { + "url": "git+https://github.com/loganfsmyth/gensync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de137b35ab2462f3032d0639e609d6dcd43e99eb0401ea53aa583e5446e3ef3cea10c055361cdc19861ea85a3f4e5633e9e42215ca751dcb0264efa71a04bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gensync" + } + ] + }, + { + "type": "library", + "name": "resolve-uri", + "group": "@jridgewell", + "version": "3.1.2", + "bom-ref": "@jridgewell/resolve-uri@3.1.2", + "author": "Justin Ridgewell", + "description": "Resolve a URI relative to an optional base URI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/resolve-uri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d12128022233f6d3fb5b5923d63048b9e1054f45913192e0fd9492fe508c542adc15240f305b54eb6f58ccb354455e8d42053359ff98690bd42f98a59da292b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/resolve-uri" + } + ] + }, + { + "type": "library", + "name": "load-nyc-config", + "group": "@istanbuljs", + "version": "1.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0", + "description": "Utility function to load nyc configuration", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/load-nyc-config@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/load-nyc-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5637874a5233a6ffcdc83dcdd18b877d738f0c88b1700d6ad9957df30b0ca9c6253e6bf69f761bda560ff5730496768555783903b60b4de2eee95f38b900e399" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "5.3.1", + "bom-ref": "camelcase@5.3.1", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@5.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f6f124c1d7bd27c164badd48ed944384ddd95d400a5a257664388d6e3057f37f7ad1b8f7a01da1deb3279ef98c50f96e92bd10d057a52b74e751891d79df026" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "test-exclude", + "version": "6.0.0", + "bom-ref": "test-exclude@6.0.0", + "author": "Ben Coe", + "description": "test for inclusion or exclusion of paths using globs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/test-exclude@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/test-exclude.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/test-exclude/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7001963c8c8e1d4eb396683cf23c26ed54725e730dee257af0e1806d80e4fcc87fc42fe9cd53e542d63a9e0a081ffe7fb5c8ae8467ef11253c1ab1eb7310f9eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude" + } + ] + }, + { + "type": "library", + "name": "babel__generator", + "group": "@types", + "version": "7.6.8", + "bom-ref": "@types/babel__generator@7.6.8", + "description": "TypeScript definitions for @babel/generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__generator@7.6.8#types/babel__generator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012b23fada440ec12216bd5aad6ae537a57799d7e344c66de8bb4afd5a7f92b7852e7af9407e7e0e1bc3e6720d6195f3c09bd7786abed398945dc03356ba96b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__generator" + } + ] + }, + { + "type": "library", + "name": "babel__template", + "group": "@types", + "version": "7.4.4", + "bom-ref": "@types/babel__template@7.4.4", + "description": "TypeScript definitions for @babel/template", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__template@7.4.4#types/babel__template", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "87f354692c86e44cb1048a7c611c68e1131edbfa9082fca8c11c1533385884108e35b5bc3d4b20e2590532b86066151ee73dcbdcc88b0eebf227f09a3dad80f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__template" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "29.6.3", + "bom-ref": "babel-preset-jest@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@29.6.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d01ddb87147ab27597259b51fd19621d30cf4609f5b0d1ce474c95b6afc8890172b8e563152fb0ba2a3f478812364c9898a989078c0666fd8d65a9e62a64e734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "29.6.3", + "bom-ref": "babel-plugin-jest-hoist@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@29.6.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11201cfd126f193144cd1c0e4d3e3e94d0e4fc634732429b373b2f4f4a8a45f0f2c984ec931079ae75369e3203615c570811c7108d5cd18c07a1bdd6698ba33a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "ts-mocha", + "version": "10.0.0", + "bom-ref": "ts-mocha@10.0.0", + "author": "Piotr Witek", + "description": "Mocha thin wrapper that allows running TypeScript tests with TypeScript runtime (ts-node) to get rid of compilation complexity", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-mocha@10.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/piotrwitek/ts-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-mocha/-/ts-mocha-10.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5517e00cefa28ae24594d075f2dcce7f2a49db5c67db16ee6720ef26faa94db5a0900803d7b38d1abf2df9397cadc06d3817635e9e5efd193e777f5fed704747" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "buffer-from", + "version": "1.1.2", + "bom-ref": "buffer-from@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer-from@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/LinusU/buffer-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/LinusU/buffer-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/LinusU/buffer-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "13e5d0091c126da6a20a1b6fea4e83c2073e6f1f81b3abee2891c7979928c7f05a29b8625f3a903b02b870edb6c84946a763829a3c15853dc79b18323c69c97d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-from" + } + ] + }, + { + "type": "library", + "name": "tsconfig-paths", + "version": "3.15.0", + "bom-ref": "tsconfig-paths@3.15.0", + "author": "Jonas Kello", + "description": "Load node modules according to tsconfig paths, in run-time or via API.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsconfig-paths@3.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/dividab/tsconfig-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80736460cc37bf727e3c1af39edccfa8f36a4415ec03dd43dbca85071dd29ab07c092a376ce1f2d759ffd4c799004c128ddb4a1a146bbe8db125a75a68b349a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json5", + "group": "@types", + "version": "0.0.29", + "bom-ref": "@types/json5@0.0.29", + "author": "Jason Swearingen", + "description": "TypeScript definitions for JSON5", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json5@0.0.29", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7512e30961d8838a1a03bedcc4eeb8a0efbb2700b09c8ce464f76bac2ef58d0990b6584ce79ea9c0aa396d4ceabd99dd9156de14b2088bef530b8d09345e6135" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "group": "@cspotcode", + "version": "0.8.1", + "bom-ref": "@cspotcode/source-map-support@0.8.1", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40cspotcode/source-map-support@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21c84d7fa74de2d1e8305227ffb384f0b599d7d63aabfebb0667fabe719112ff1149b0556fd2cf27111c9f0adcc17ea2c52bda886a2898052fbb8612c57ad583" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support" + } + ] + }, + { + "type": "library", + "name": "node10", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node10@1.0.11", + "description": "A base TSConfig for working with Node 10.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node10@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0dc4630c2ba32bf90293f7147bc5f3f194a99bc992de634da6d6be8c6080e944840df92d94dbe6d7e22e67d7937036cd938d411f0a471de5be37594a0b3e333b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node10" + } + ] + }, + { + "type": "library", + "name": "node12", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node12@1.0.11", + "description": "A base TSConfig for working with Node 12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node12@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72a79fb91b21d76a56c86b08a0128903d96e16ede6471080f8e459bc0e24b4b4b322e094b56571188b978a01303b9ff2c1614c67640418a5af9191b5cc33136a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node12" + } + ] + }, + { + "type": "library", + "name": "node14", + "group": "@tsconfig", + "version": "1.0.3", + "bom-ref": "@tsconfig/node14@1.0.3", + "description": "A base TSConfig for working with Node 14.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node14@1.0.3#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cac4fc9a1762c562ba1f0de2d55d80791a99e567d78351b8de6aa86253369dceb7f3c16ae63717cabe6646ca9588bc7f18961da0bd1b7d70fc9e617e667fc8a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node14" + } + ] + }, + { + "type": "library", + "name": "node16", + "group": "@tsconfig", + "version": "1.0.4", + "bom-ref": "@tsconfig/node16@1.0.4", + "description": "A base TSConfig for working with Node 16.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node16@1.0.4#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf1854cb827c9727b28a71fb033975a5d778dc6261647fed3f6c1e37c4e7b506e5398f80d176d3f03264d7fa023ee38eca0fc96bbe7bac6d028077160bc39f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node16" + } + ] + }, + { + "type": "library", + "name": "acorn-walk", + "version": "8.3.2", + "bom-ref": "acorn-walk@8.3.2", + "description": "ECMAScript (ESTree) AST walker", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-walk@8.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "723932bf83ad34221eaa11eb7d2f354165e80813c4c51fc9eb6a3212a7a9570f16690792aa95b6ba1b8b3e1d66f5e5a10ee3a8fe35175539627ef7ac396a7fe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-walk" + } + ] + }, + { + "type": "library", + "name": "create-require", + "version": "1.1.1", + "bom-ref": "create-require@1.1.1", + "description": "Polyfill for Node.js module.createRequire (<= v12.2.0)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-require@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/nuxt-contrib/create-require.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "75c2855f78e7d0ca486978e2b2846f7b12095442b36aaef3dab64ac5ff8c4abf5391d9879ac5389b695c2e88eb8ff14797c9a4e55c4c99803e7ed4643ffde829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-require" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "4.0.2", + "bom-ref": "diff@4.0.2", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@4.0.2", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c966c4a480e013722f3f871cc53394e129834f4557e7afe9931edef262860771ce073067c5681043e600b0991bd2e6a9f56834c30aa6db48613546eae0d8ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache-lib", + "version": "3.0.1", + "bom-ref": "v8-compile-cache-lib@3.0.1", + "author": "Andrew Bradley", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache-lib@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/v8-compile-cache-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1aed88f25067cd667808fefb4ad141c037e9600c2c413c2ca55571a9d33bb9f45cf96a21ad3576aadc3848a2fd3adcca2b07e55fb9f2e1dc9945d8a7532b7c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache-lib" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "3.1.1", + "bom-ref": "yn@3.1.1", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "531e328065acbb673b8ac1567bc62ed5896e266a95871a8ad9c2d735003901c0b741f6c636933b7eed18f1bff3d7aa572e7171658bd685dddf84163d0cb982e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yn" + } + ] + }, + { + "type": "library", + "name": "tsimportlib", + "version": "0.0.5", + "bom-ref": "tsimportlib@0.0.5", + "author": "Andrew Bradley", + "purl": "pkg:npm/tsimportlib@0.0.5", + "externalReferences": [ + { + "url": "https://github.com/cspotcode/tsimportlib", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/tsimportlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsimportlib/-/tsimportlib-0.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9642ffc2dd80783f08fbed9d8794e45fcb912c58771262deba55094c334c5988a5f0b687b54b17e9ce61d7eb6b1d260cd4e9eb2b046b72448971e8ed8e14fad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsimportlib" + } + ] + }, + { + "type": "library", + "name": "colors", + "group": "@colors", + "version": "1.6.0", + "bom-ref": "@colors/colors@1.6.0", + "author": "DABH", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40colors/colors@1.6.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/DABH/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DABH/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DABH/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@colors/colors/-/colors-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "22bf803a26eaceb22c2fa6a3b77473dcbb2407b3a23151ea96d666b296d6fd326e4d5bb238c8ab56a0248df63a2484a22c783236a89c002f00c871c6ccd77f74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@colors/colors" + } + ] + }, + { + "type": "library", + "name": "diagnostics", + "group": "@dabh", + "version": "2.0.3", + "bom-ref": "@dabh/diagnostics@2.0.3", + "author": "Arnout Kazemier", + "description": "Tools for debugging your node.js modules and event loop", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40dabh/diagnostics@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/diagnostics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@dabh/diagnostics/-/diagnostics-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "86b9503888bb8407f3b0caa519217256e72bc77f0efa3eb088639ffff1f679cbc812a60de000c1492da22cc879505c83ba708d9e25083e4feadeb885bf8e7144" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@dabh/diagnostics" + } + ] + }, + { + "type": "library", + "name": "colorspace", + "version": "1.1.4", + "bom-ref": "colorspace@1.1.4", + "author": "Arnout Kazemier", + "description": "Generate HEX colors for a given namespace.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colorspace@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/colorspace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colorspace/-/colorspace-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "060bca262b95bb58a00541769048d10995e897ac228866d8e62a4bfe854fc26d012fdb08a4c23333c20aeefc2ec48233397315dc4cb9c3ebf1866d2b47f4cdf3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace" + } + ] + }, + { + "type": "library", + "name": "text-hex", + "version": "1.0.0", + "bom-ref": "text-hex@1.0.0", + "author": "Arnout Kazemier", + "description": "Generate a hex color from the given text", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-hex@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/text-hex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-hex/-/text-hex-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae546356ce0278ca145a3528ae6cf63b3a3212c38b30e04e54bf4c1b8e9f8ecdc6e6554febb13f2e8e07172619fdca9cec82be6f973a4fa8ff8c04129c1af6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-hex" + } + ] + }, + { + "type": "library", + "name": "enabled", + "version": "2.0.0", + "bom-ref": "enabled@2.0.0", + "author": "Arnout Kazemier", + "description": "Check if a certain debug flag is enabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enabled@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/enabled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enabled/-/enabled-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00aacdf7c92ec0eccc21d022cd7188f3a505068a36e822f6d5433beb7cb587f18c489e3f38753d936625b26069c92705a3fc1b2f35902413025b8f883b7ffe39" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enabled" + } + ] + }, + { + "type": "library", + "name": "kuler", + "version": "2.0.0", + "bom-ref": "kuler@2.0.0", + "author": "Arnout Kazemier", + "description": "Color your terminal using CSS/hex color codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kuler@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/kuler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kuler/-/kuler-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eaf671fb2a559999702da1d5c30d113bbece8353581353ccd80c70e258b4a2a78e44830ab7a652c7ccf9f6ecd82fccbdabd4b30f0b5bddaa1f7cb10c6daa3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kuler" + } + ] + }, + { + "type": "library", + "name": "logform", + "version": "2.6.0", + "bom-ref": "logform@2.6.0", + "author": "Charlie Robbins", + "description": "An mutable object-based log format designed for chaining & objectMode streams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/logform@2.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/logform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/logform#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/logform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/logform/-/logform-2.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6e94778d3e9ea4fcb0fc1fdd68ed56050678398b504313b1e82b155b66218589d4b5463eb9a9ccb02f15fea557c03e840912345dbca72eb0ac0eba91c254e55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/logform" + } + ] + }, + { + "type": "library", + "name": "fecha", + "version": "4.2.3", + "bom-ref": "fecha@4.2.3", + "author": "Taylor Hakes", + "description": "Date formatting and parsing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fecha@4.2.3", + "externalReferences": [ + { + "url": "git+https://taylorhakes@github.com/taylorhakes/fecha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/taylorhakes/fecha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/taylorhakes/fecha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fecha/-/fecha-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38fd88514e877982898b78b4cf8035f641cc4282d5b381dcf833eaab123687f0cf6474e6fef8ec7c2e8fd1be2308ccb5e178b32c1aaf9dd43e522943efbd3b27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fecha" + } + ] + }, + { + "type": "library", + "name": "safe-stable-stringify", + "version": "2.4.3", + "bom-ref": "safe-stable-stringify@2.4.3", + "author": "Ruben Bridgewater", + "description": "Deterministic and safely JSON.stringify to quickly serialize JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-stable-stringify@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/BridgeAR/safe-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b66c30365894f4c31b1e55de25b033f8fb738d5fa1e931741ad5984543b494f868ef3910a64a16c2325b6bb480df9188551eb39c3ed8fe2a198305d3dd643d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "version": "1.4.1", + "bom-ref": "triple-beam@1.4.1", + "author": "Charlie Robbins", + "description": "Definitions of levels for logging purposes & shareable Symbol constants.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/triple-beam@1.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/triple-beam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/triple-beam/-/triple-beam-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6996e056266b83540d706f8b50b6bb9e16692536522e6fe65e71d79db01b8e63796926b4cbb57ec2fbfafb859a06da48489cd384acbe3c83f173536ad4427d9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/triple-beam" + } + ] + }, + { + "type": "library", + "name": "one-time", + "version": "1.0.0", + "bom-ref": "one-time@1.0.0", + "author": "Arnout Kazemier", + "description": "Run the supplied function exactly one time (once)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/one-time@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/one-time.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/one-time/-/one-time-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e435ce8912b0b9211c43f974906085e90de37000c5bf9b52991689724fceaa454570eceeb41d77e0a4527c5d310eb2f7f4c367ab16c705b51472364885381bda" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/one-time" + } + ] + }, + { + "type": "library", + "name": "fn.name", + "version": "1.1.0", + "bom-ref": "fn.name@1.1.0", + "author": "Arnout Kazemier", + "description": "Extract names from functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fn.name@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/fn.name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fn.name/-/fn.name-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1919e607980fc89a4085341d4994d2a7db9a3d2be5d3d2a861c310b6c07dad0a0e9b3b3d747e9f7de71c1fe67e72fe8febc1eee5b0ba263461e0087f98748d47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fn.name" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.3.0", + "bom-ref": "string_decoder@1.3.0", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "864457f14d568c915df0bb03276c90ff0596c5aa2912c0015355df90cf00fa3d3ef392401a9a6dd7a72bd56860e8a21b6f8a2453a32a97a04e8febaea7fc0a78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "stack-trace", + "version": "0.0.10", + "bom-ref": "stack-trace@0.0.10", + "author": "Felix Geisendörfer", + "description": "Get v8 stack traces as an array of CallSite objects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-trace@0.0.10", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-stack-trace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-trace/-/stack-trace-0.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "286cda85cee9b942a4cf232df88a807a9f9354d6ca3fe9362e6c21b9bdfd9b502c4d291a0eeb71e7a6830a8f872c3cdffc3dba0481d32563624c6d4a0098900a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-trace" + } + ] + }, + { + "type": "library", + "name": "winston-transport", + "version": "4.7.0", + "bom-ref": "winston-transport@4.7.0", + "author": "Charlie Robbins", + "description": "Base stream implementations for winston@3 and up.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston-transport@4.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/winstonjs/winston-transport.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston-transport/-/winston-transport-4.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a3063eb92b923b75e9f37abd88616ebed9b34856a2c60c7a83c373b0f0e861faf756fabbf8319e9e883bc7a0a85f2456766aec8df1bc9789e0c327de9588e36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston-transport" + } + ] + }, + { + "type": "library", + "name": "xlsx-populate", + "version": "1.21.0", + "bom-ref": "xlsx-populate@1.21.0", + "author": "Dave T. Johnson", + "description": "Excel XLSX parser/generator written in JavaScript with Node.js and browser support, jQuery/d3-style method chaining, and a focus on keeping existing workbook features and styles in tact.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xlsx-populate@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/dtjohnson/xlsx-populate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xlsx-populate/-/xlsx-populate-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2fd869bc05e857a3a2d4eca4fcd364285d33e4618d522a4e55f20fd4b98667341dc9cd7aae77f3fdf4fc6bdb25de2b2b7eb0a9426ad9a2773ea340d89ed6147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate" + } + ] + }, + { + "type": "library", + "name": "cfb", + "version": "1.2.2", + "bom-ref": "cfb@1.2.2", + "author": "sheetjs", + "description": "Compound File Binary File Format extractor", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/cfb@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-cfb.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-cfb/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "29f75466c48ec35f7f39b1166acbc13ff01ce2b799bc019ab9986ce92fe0a8d857848edc2b0be51fbba58fe74e1189dc6b86e6e121a8f02d5b4c042f9d38e040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cfb" + } + ] + }, + { + "type": "library", + "name": "adler-32", + "version": "1.3.1", + "bom-ref": "adler-32@1.3.1", + "author": "sheetjs", + "description": "Pure-JS ADLER-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/adler-32@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-adler32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/opensource", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-adler32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca7678c3f9d452fe6baec47c5141a87b5542f61663e95e6153d430d4794c0c9184270e52ed37d312b5938cccace8ceefaf461670faacdea02be2cb349c37cff8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/adler-32" + } + ] + }, + { + "type": "library", + "name": "crc-32", + "version": "1.2.2", + "bom-ref": "crc-32@1.2.2", + "author": "sheetjs", + "description": "Pure-JS CRC-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/crc-32@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44e9b308aad39cec326cf709029000e960568a3db71d57c654d2aaaab669bb264e1ea2b60b01d2be91aecadfd434dbda22311df17e48146a78321f887b520725" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/crc-32" + } + ] + }, + { + "type": "library", + "name": "jszip", + "version": "3.10.1", + "bom-ref": "jszip@3.10.1", + "author": "Stuart Knightley", + "description": "Create, read and edit .zip files with JavaScript http://stuartk.com/jszip", + "licenses": [ + { + "expression": "(MIT OR GPL-3.0-or-later)" + } + ], + "purl": "pkg:npm/jszip@3.10.1", + "externalReferences": [ + { + "url": "git+https://github.com/Stuk/jszip.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Stuk/jszip#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Stuk/jszip/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c570ef79cc93a462eba85aef92b512a31c5f248e401fb53ccf1c6d55c969b14b4c0aae09436f742d8f005b973b1a09ebfd8fe82be6d031ba8adaa9ad937a4de2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip" + } + ] + }, + { + "type": "library", + "name": "lie", + "version": "3.3.0", + "bom-ref": "lie@3.3.0", + "description": "A basic but performant promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lie@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/lie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51a88c27379646512e8f302ec392e8918d4be5e70d41864a7e6c99f4bef00c76ffa797ad29ac5786884172bc341186f2f86fcd039daf452378377f5dc47008c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lie" + } + ] + }, + { + "type": "library", + "name": "immediate", + "version": "3.0.6", + "bom-ref": "immediate@3.0.6", + "description": "A cross browser microtask library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/immediate@3.0.6", + "externalReferences": [ + { + "url": "git://github.com/calvinmetcalf/immediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d7385b72a838cd0c043155f631b85ee0f4897f21b5a69a5420d8c60a387f04c484f5aa0eb1738cf24b71da10401382cd5bb5fcf1ab5e5c894898ee08d25d119" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/immediate" + } + ] + }, + { + "type": "library", + "name": "pako", + "version": "1.0.11", + "bom-ref": "pako@1.0.11", + "description": "zlib port to javascript - fast, modularized, with browser support", + "licenses": [ + { + "expression": "(MIT AND Zlib)" + } + ], + "purl": "pkg:npm/pako@1.0.11", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/pako.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/pako", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/pako/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e212c1f0fcb8cd971ee6ce3277d5f3a29ab056fff218d855d4197c353982ab5efadc778adbe130553bfe95e19e2f5dc39e1db07dbaa8c153d70883b4cf8b5a63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pako" + } + ] + }, + { + "type": "library", + "name": "core-util-is", + "version": "1.0.3", + "bom-ref": "core-util-is@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "The `util.is*` functions introduced in Node v0.12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-util-is@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/core-util-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/core-util-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/core-util-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65006f8b50dca49e060ea6a78ee719d878f7c043b9a590d2f3d0566e472bbddc64b09a2bc140c365a997f65745929f5ac369660432e090e6c40380d6349f4561" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-util-is" + } + ] + }, + { + "type": "library", + "name": "isarray", + "version": "1.0.0", + "bom-ref": "isarray@1.0.0", + "author": "Julian Gruber", + "description": "Array#isArray for older browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/isarray@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/isarray.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/isarray", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/isarray/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54b82121634ce842d0ce8ef3c26720d0d99357258a623bc878cf37ca3a74c110d39949eb33aefc7d06dc281a3a9f6089105d2cce81bfff2b60f932a56bcf402d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isarray" + } + ] + }, + { + "type": "library", + "name": "process-nextick-args", + "version": "2.0.1", + "bom-ref": "process-nextick-args@2.0.1", + "description": "process.nextTick but always with args", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/process-nextick-args@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/process-nextick-args.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de8b943a9421b60adb39ad7b27bfaec4e4e92136166863fbfc0868477f80fbfd5ef6c92bcde9468bf757cc4632bdbc6e6c417a5a7db2a6c7132a22891459f56a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/process-nextick-args" + } + ] + }, + { + "type": "library", + "name": "setimmediate", + "version": "1.0.5", + "bom-ref": "setimmediate@1.0.5", + "author": "YuzuJS", + "description": "A shim for the setImmediate efficient script yielding API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/setimmediate@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/YuzuJS/setImmediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3004c9759a7cb0ba8397febc2df4266cff3328f2d0355e81219a0882bb1c14343e46cbcafc1c5e0d03a0cb128aa21d32ffc87706a5459c2a90fe077eade8885c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setimmediate" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.2.1", + "bom-ref": "sax@1.2.1", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d9adcba2f1d33a99bb355e723b23bc207aa056c7cae3e52ec92ad753c617912457ee4ea1095f5bdc7ae4282af79cca608fed1b9a871a2495a9be9d6873b64" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "xmlbuilder", + "version": "11.0.1", + "bom-ref": "xmlbuilder@11.0.1", + "author": "Ozgur Ozcitak", + "description": "An XML builder for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlbuilder@11.0.1", + "externalReferences": [ + { + "url": "git://github.com/oozcitak/xmlbuilder-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c396c23f905131ee02ef6de71cd3fa212c6e747ee810a7caf21f3313b96f6f49ad462745d858a9e1b14c7ba227b71bdf3eaf9e9a4d0214078921b78d91dc9bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlbuilder" + } + ] + }, + { + "type": "library", + "name": "zip-lib", + "version": "1.0.4", + "bom-ref": "zip-lib@1.0.4", + "author": "fpsqdb", + "description": "zip and unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/zip-lib@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/fpsqdb/zip-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/zip-lib/-/zip-lib-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b5cc0c2d4b13fddc60110330c685add0148fdd054af6f57faf0ece46452f1ba4045bc1a06550d3873844f050de44e0f4beb306f500c52eb789f5e4ce61ce7a4f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/zip-lib" + } + ] + }, + { + "type": "library", + "name": "yauzl", + "version": "3.1.3", + "bom-ref": "yauzl@3.1.3", + "author": "Josh Wolfe", + "description": "yet another unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yauzl@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yauzl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yauzl/-/yauzl-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "24209d9a52495afecbd2afcaca539e93245a52b744a14c5691655c828ae8b1344e0855a24bda7634d3c4f586fdd5a93b6f53794b1019125896a6ca5b65c722bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yauzl" + } + ] + }, + { + "type": "library", + "name": "buffer-crc32", + "version": "0.2.13", + "bom-ref": "buffer-crc32@0.2.13", + "author": "Brian J. Brennan", + "description": "A pure javascript CRC32 algorithm that plays nice with binary data", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/brianloveswords/buffer-crc32/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/buffer-crc32@0.2.13", + "externalReferences": [ + { + "url": "git://github.com/brianloveswords/buffer-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54ef47b7ffa9dd237b48a5aa72b804ce319b4522584f1f90d694d00b4c2b5aa1f1d2fa49ada43a1ad1f1f2dbdc835ae52b56f2854e6071cc603a08fb0744c391" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-crc32" + } + ] + }, + { + "type": "library", + "name": "pend", + "version": "1.2.0", + "bom-ref": "pend@1.2.0", + "author": "Andrew Kelley", + "description": "dead-simple optimistic async helper", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pend@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/andrewrk/node-pend.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andrewrk/node-pend#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andrewrk/node-pend/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1776acbf8d94b97721773b7ec57a9f5b538695505efa6c5ada6a88d29839c801d93ef16663763a76b49ffc643503ce9681610df4ace1fd6ae029aea219c1d72e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pend" + } + ] + }, + { + "type": "library", + "name": "yazl", + "version": "2.5.1", + "bom-ref": "yazl@2.5.1", + "author": "Josh Wolfe", + "description": "yet another zip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yazl@2.5.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yazl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yazl/-/yazl-2.5.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6110d8b63cb8879c76fa401568b7e7499da019d31a2c8fba777d697ece7223043967308d8fb19089677d3a04f4c539a1dfe6a743108f31e6a16b48e04de6faf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yazl" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/token-providers" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/util@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/token-providers" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "0.21.4", + "bom-ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@0.21.4", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bade6f7b0922bbc8e318176aa4ce385f18ee0a3abd2c029e1d59a855f1d5cf2f1e1e0c71abc49b01540da2f0c0f26562d3990fd046bf9ff5337121dc4c941f36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client/node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "1.1.3", + "bom-ref": "log-symbols@1.0.2|chalk@1.1.3", + "description": "Terminal string styling done right. Much color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53795154b31296c09f8ea60f6cbc95bf5d4cf423d6e08ef6f1de9308a300389b9e11e07dffca3e792b0c9f13c90fe43e2bdd3db1d11283b0beb489281faa27d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "2.2.1", + "bom-ref": "log-symbols@1.0.2|ansi-styles@2.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "92609ebc582146258cec7079cd33d42e5e2bf5b5454968f3eb6321aa2cc3194aead8d5ae34c432bafe2d1c7a0a247b3af4cfcc17ae2511c1dd608a1cadd59060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "561ba64926c1a834cff29d992ca8f8d148c1095e3ebfc6d4484a546f82a34605a4f696ea185e111058fa2846a089d6f67ff33a0330b41261720cd19ac3d382ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "log-symbols@1.0.2|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "2.0.0", + "bom-ref": "log-symbols@1.0.2|supports-color@2.0.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28a355b5dea909880f20a538729dbbdf71d6602a6995085d7592c152bc9a007a2eef6df1f854734390dff36e058fe232cae8904d1a2e6f84a72057c872ba7bd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "has-ansi@2.0.0|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "chokidar@3.5.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar/node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob/node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "3.1.1", + "bom-ref": "postcss-load-config@4.0.2|lilconfig@3.1.1", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5f297fb9f2bc74dc92e9cf5825755d4357535a62bb4d72d9bec04c9d29a6452493ca1ca95581ad88c9042c070e30ff65671fcab0343f880a8735868b910835" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config/node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "4.1.3", + "bom-ref": "ts-node@10.9.2|arg@4.1.3", + "author": "Josh Junon", + "description": "Another simple argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@4.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c4bd403a86d17c76ed8c0f4adf5f2718af8d8978df6602c1f0cc7d9fbbd5102a52b65e7fb2eb2906772c72cec024b814b341a653f9df7671f3de5278e087bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node/node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "4.1.1", + "bom-ref": "sucrase@3.35.0|commander@4.1.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e2a6f31864cc08f3171f01dafe4e0074febb9a5141cd9409ad95abd8d82ffdf5a36c22f66c4103b2c816cdec5795520b8f73ea91217db3142ef4a12a3dba58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "sucrase@3.35.0|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "sucrase@3.35.0|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "foreground-child@3.1.1|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child/node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e72ce091def8dc63c6dea0d2ed723679fe7c67d9a7e6304ea586b0eb79ba24a8c6a9f976de5bc9fd4d7a4f0cea9d18ae6a708de84f418a4d6eb00bb10c895a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f5f03689b17494936fb8da9bfc98bb398c94f686a164144e23db5c0e9a06d4aac67684bef636c514efce60f515e0a37b3464d815978d93887a7766d3affd5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8aae9e55523ae274104d162ad8ab44836776b94ecb125853270b07e18cc81d9b21c658199acff021ce15a03413946fc8bd522b04a1b4e82ad99e9d2abfb86471" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f933ce797ca6f64ac7cc222145a15ac0047242f10b47c15c7e98758fdd0704a811d889e9e3e5d1d28236f1b42d161195d8b78c1c0faceb4049433e116e6607c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b22ed0588eb350cab9e9b11216f6a0b66ccc7463ada317d1f927b3d753286df73bb66f9591472493d6d6d9479f7d319551b3a4b31992c34000da0b3c83bd4d09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cdefdf2015f417faf8b0dd1ef2ac6591aa7acdda84641245238e5e09367e04f06c716e3b46dc56eb108218de5f3f86bc14c0878266f8b842e3933f8304ad5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.0", + "bom-ref": "path-scurry@1.10.2|lru-cache@10.2.0", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9b20cf31f9501fe894f86ca0258d2d6a51680cb2a6513c6252e8549a84830f56f72d70d872569ec026eeeabb1396f63c24af205178a658e6d639258bf69ffed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "path-scurry@1.10.2|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.3.0", + "bom-ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e5e5171f98724949f245e20807e4fc5332af83e6f5c938efb1b49bfbacdb7e3856e8f7e79229a040c1e5498602c4a94c19abfb86618f35b4e09b855e46ff7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "14.1.0", + "bom-ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@14.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-14.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e5c08f95826e1212539b1553e94c84fb494ed1dea9362fb3f276e31ca2489a54ab96bfd77f53e1a6fd001df0d0cbbb291359391cae339e0f63e9d6b31e0531b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "3.1.4", + "bom-ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e8388ce04eefe1ca13138bb303c53ffd686d3f0ca18a29b77b28c43050a7529cdbae42bdc091e02834f6991f876ed4ab77f36e6d56984cea52a63525f0d41e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "tw-elements@1.1.0|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.0", + "bom-ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0391a9aaacf7269010ec2e7faf40322bb6449b364bf9003fccdf6db24a8f64a85902218925ca6db11265a4c28f98dffa99a37e2dcc43cd530e32ef230276fe7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "express@4.19.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "express@4.19.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "3.21.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "author": "Amit Gupta", + "description": "Validate XML or Parse XML to JS/JSON very fast without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@3.21.1", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1531558d8a013994c97a4894b1ac06b12615f502f403ecc3602463ef2df820ee8983ed8831812d41af9b6e272da5da55f1d1f15f2c2a53b0b48110c4385b4116" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "7.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@7.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fb308980e0c4ba730ee76f2511b4b3ced539acec2e47eb4d8b4444eff79cf53313bfec23fbac355139e85461e60151810e37de0d5d70c43e666eabe857e2ca2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "4.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1abc28c5837eb969733bcba1517465d0ffa41c4e06b553df63354b714c4f2fb28d7472a3ebabef9618b07881ea6185d6970f93f222cca78d8b9baee0870e1631" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "2.8.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@2.8.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de828e87e9ef63392088698e0a1b06299811fa0f8f1d55c740525fd3f7d1605d656d9620a5344f505dd24cf678d67d8a48ca8076c4c8ac7c041e87d4bde1dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "1.4.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@1.4.1", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-renderer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "547c01dca7eb70e3a47a5106d9939fc6a2d975f92297c3ed262e0ff0dd8c317b9c66adb22e9ef90a5562525395c32a071038d8538df702afb9cd63fad7e4466a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "3.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a2c81aa8a26af031d146d5ed24aaf01261f9e56f4969f0ce68e45c36385ab584d671c5c364f089345e6ecbc73061ba2767641fd4b41a950a0533de404e3f9d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@28.1.3#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "378193e689fc5246601f43b92d46af3115751031213532f42847d198321e647495ee9d9780ba18f6df550d480bea8fb27dd8181d5c6ecfcd46f2807d546e6ec8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@28.1.3#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "088281ae568a3b303b606d7d044a82c3748b22c1308d991e2737f96dda285675b86c7e5c92da9edc95fe1b6615d5a2b9bcff0df676b5206585cd8693a7a93a34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@28.1.3#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40f0243f913029d2bf6f122be82d48e15b34ae6da71e200dce3fd9e57d89424ad9a3a22abc2e25759f4af79b45d0776276103c068e9e8314b35053d829c1172f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@28.1.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4728e2c8c519acacff73ece53053b5a66ef40dc225493f007964e4a147597af7b0e38c1c359407b0454e88256d8159e51450fcd853da5f2732b39f1c7f69ae55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@28.1.3#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c5767f487b06ede7be7328f7f5dbce87b7d10fa099984fb3f4918f9189b7986765ed3abe77a432c41684d65db7758782621a25a94c10bce1f73cc4c5d031bee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@28.1.3#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dda9fa47c29712464a3f0b7e6e2d814cd9e991025b4820a66227d7809a18ec8f40aa64c6b4a7589bd11e5f588a86867d5ad74dc379b4dba6a21a3f5a8243ab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@28.1.3#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26e032ef093141954d53f57a83dc4acc2182e4b557c7d14370004ab125e9e4c88a3c4136d78e1afef5d3103a32ce352964a7d5c29d3c5aa83903859f4cc0338e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@28.1.3#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "919024c67484f85a84f188d6f2036ea159240bd23b4b5aa67a797cb0670338bae8a4048ff8191c18ac215e8caa42e18e19e618d32fe2c63addfe2111a445c736" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@28.1.3#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb9753e5d8bea0523a85f70b38719301f994c4546b8cafaf9da3f4924568c3d31dfcced5fccc6a40c3b3fd5576e5464ef29cde03d3e37d3a4ebba043bb048f40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@28.1.3#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aa440db6d1857fea30a8f155af02dd4a2b1e9e7a4d5520730f78b11ba5c7d27e411e5b204da69ca733fa3aabe5a6c3eb0e868b369a5df8c196d25f71b5dfffe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "1.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@1.9.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012141ba9d0ccf5bb28888c035a9f58f32d06a68bdcf53e86126428a2616d857333db7a75dce3915974164bcce4feafafa2722b8432876d982b62fa18da024d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@28.1.3#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd2f914160d771c5c32925a79076bf74fc2dfb6ab003c089cd1eb5c37168602be8a373e7f2dbc6732b26305d018f4117e5162f008d8422f0b9ece9a8b5f76d28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@28.0.2#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2cd08832348cb4cbd14af9c8e8558a316a64fb65ea3b321cea446c7b6036266909f5c2e718f6ba2d886901cf370c5d3b63ac200ffdfedff84d05efe7f13cd77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@28.1.3#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ac68e7d45895e4da77d9b7d48fc82f2003590d7dd28b9105b2cec325aaaf26b184a534a7e66717d18199f809de0c195505fbbbfa741b347794ce00a6bb88888" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@28.1.3#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "306dc836307227427802c3419bb4f786cbb1290a85222468fc052a6f5abd2d1288e5453a01aafd2476ebf48be7d535707d40fd2a2ad1a0cfd3eaef1795c40f1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@28.1.3#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34830f12aa9ae7d3169c38b592f5d7a586eab1f426489b086e777ce667551a48837d0f564104d738bb2f21251fa279a7053fb0f395848277828a01047470c5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@28.1.3#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a951a3ce116324ddc597d0cfec3ef0871c27bd7cc1406bff615c480a3fc9c57cd97f8e51a413db9cabd36a9191972c376e089612d14bd294f5300b44beac7e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@28.1.3#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "719f9e4b9cdcefd301c2df88850862129d0e78175da5cd67f0c068d67301f00ee83cc2843be4ab7bec0768b25ec50523f586bff0d3816344444948188c1e9fa3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@28.1.3#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5b7f8d1c3054c490ac847f9f3947d233d566b20e31e81eabedb345c5604ab228cddc1560e978ca2a28a4c017d2d261032874f52587c14aa6da0cd9870c5805c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@28.1.3#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97373c0a951b4a813876a4f453e835a8e0d08c14473e908f5e2b2c5c3e264bdfac5907669a9789f73487d6b4b51c492bb0c3747dbee72ab27d822011d5ddf007" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@28.1.3#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "784874c67f0796cb8e07116022cb3eda65fce55012e10cb739292357bae5056963b40e28587dfb825546c8e65266f12b0d3ff2072c1974f1b0097b93bd21bce6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@28.1.3#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e25ccc82d88d95cdc353ff2565f9aac4ddc0603e8618b6e5fbbdab741a57bdc57ec215fb983ad113390f769d919e67c8896060d586ee15291776e17625c69f26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "0.7.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "author": "Desmond Brand", + "description": "An ES6 string tag that strips indentation from multi-line strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@0.7.0", + "externalReferences": [ + { + "url": "git://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "43a7ca50faa7007032862520154ec15332e2bf491df2c687f5a97bb67bb943fa248fa767ba9c724e01480635732404dd7c8026f4d02cbd73738da29af9bc55c8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@28.1.3#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ab4f5cf8b20db2001539ba880e6d53ef4a548c4250c0e3ca30c74ec10cf0226ac5b4c98a581d83a8e071cbcfdab4055cc3554e2120b163cc9c344a8f5a08bfe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@28.0.2#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a88f6c3dfc3c526077ce9b994928275c0263c9cd05e66ccfd4ae5deb865821acfbd3dedb7eedaffea1773d6b390a98bbe88978ed57cddb116aa2fafb399e53c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@28.1.3#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2015bfd3a343a6c4747df994dbd780dfdaf371746097f20d71586513a94c394e266f7107f9b0728e6dde5470fc8b2f2a303700c03131775d6386d41ea6c65d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@28.1.3#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "910789eea1de98a7dbccaa068c71eb44a1fa6ad831324f049e493688f4375f03baa04fca603f253183b388291e481f46e1a74f3389d1d4313c4dfe497961fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@28.1.3#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354fbcf3549c05040b7352471b9789194ed48b790b2ab9b008f3ed62c26d072922c6b3363a15509693261562633320df7641a004c3635c2181fde6f3b2034643" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@28.1.3#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba03fa5ce844a6300484662fa795e3f7cf67b39701d4ae99763058b92df4ba64f80901044dac5288f719fc4d64164b57e0692b70ce2abb4ec82250d85f5829f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@28.1.3#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ffc0e90bd8f387bf9da1fa89393a3ff580e1bd1d2cb07683ed16c44252694220b5cd9f97885a67277770c88969499e91af42d99a8ea04ff79122d048a6c5f2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@28.1.3#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a372768ebe9d30c598547e0b87f34a9835dda2caec2608b802f892f285cbba3723a423016f514cb1b9439ce5ca64a7d28872f162e6f5792d081ee457b22a3d78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@28.1.3#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6755b7b538c4e9068d23dd2aa3f049a5f9efa71b5a153170e420e0c29c84fcacfc53fd3a3751e37f889af6ab94842877f6a206585d59bb1162062250c1211829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@28.1.3#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a4330e03ff451277ad8e54ed281208e7db74ccf9825ad94d96bb9cf3f71b1007533158a0ce96b9f290fc6732c374b6726595f2cf8a71d391aeb5bb44216b104" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@28.1.3#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4996ce181584b1a4f104608ea6c45695796f364bd3918d17c517e1ef3626bddf2e2f9433ca0d021c05e25ca44e7e587cd35aae03afbf0ec4f83830ed84e0bf38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@28.1.3#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9ad103b64345f342834fa2e31b09cec1bedb1e9bc7908153cd9309fd2e74be4769fc0da5433cbfd4d609e00b42d39754585c9534b896b604c0b60db4df16b1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "1.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "author": "Luke Edwards", + "description": "A tiny (813b), correct, general-purpose, and configurable \"exports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcdb691cd0cdee35a101a43d06f054619e984d7b110607ea58558fec16416a83093bf2371b9385cef4ee58d9590b768f8e29ecd45f9336b2cab066c7e2b7ec45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6884ea3b09cb6a7a472cd5d924435b3a08d405e1e8703fb1b1226636b8e8bca056e476d2a56dddd69125b3b18540f5165e2c06f7ed0fe06b477c4a82ff833423" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@28.1.1#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df06b2055362398c7473001b97daf09b990a14ff321c7dddfdf90468bd3634f4e40e88cfb6178607b1d9485638c335fe0f1cabbe15f3d0a482564b260a49c2b8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@28.1.3#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58554986742c88ab43128e651b698cd2fe344169c133eccc7471f226cf00599ec9d106494b9f4cb3229e2475a1a416411f7d92e3c14e56f1b23854f58740e5a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@28.1.3#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b78a9caa3f61cdefa3be214f50ddd802d0047859ebfdacc84d740430045fe5c330298d923014670904d72e2c53976d0e47a98b87d28b32b8152602484b29bed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "9.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@9.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04f4b8ca7256fe8f763d4478c20ae2cf651de60a524f9bf3e8641f322c440cad19f19094bf633b4a404bca41f9e93fbe5ecfbc967f734c66cebcd1887b4dbf8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "1.8.6", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@1.8.6", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2f9790092a3d94a6dcd2c17949e0efb101425ddc99e2612136861dd607f248d507e6ae9f74b85c146d8b6cedd7b9adb7498850388dc587a8266e9dad5bc125" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@28.1.3#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c55383f8a61cabc825eed696dca8c3b419241c61ed48b1a958083cd137285eb727b2c4c708c5ad75a8f343a5534b7ab7ad22d36a126618427d54633ff9c7534" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "28.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@28.1.2#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "715f0bc7705e4ad25bf22a4f1e7a95c3f20cd9508c58eddcad6673628752224c579d1717262a42771d4908ad0ae4cb09268b994131fbde6cdfe2f83145a1fdc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@28.1.3#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2f6e2f4b52b1c92e7dcd9435bac05da1bc832d77825497640d56b8eaf880521e2ae07eb477a3d46756dc7374418eda7f49c885b01e72df6f2e4acea04683660" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@28.1.3#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f11a8fd41fce5f38e34d692a317ebb8aa830055251802c8a0f72fd9eafba66a24c76f8c4f1180792da99ea336b91d313f9d26e60d237ae1429c5acfb76b2477f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@28.1.1#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "154d2215a1ff136ddaf9aef5f25f106bfd7d6c5f69d3a9201342a2a4c38c69dc1add28e768494accf6940b4be789bb3afc1ffd9e2f7bb3ad6671e8e4f16d5f43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@28.1.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe5fd55ac76dfda057823b212d6385c85b77215758ca9bb9cb65a7dab38ed6e9fa9e4a889fc48b5f38083185c5c98b11583c85e44b6198a24c21d26f934f20ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.24.51", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.24.51", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4fd4e44e9bfaddb9b3f96850d265020b534beb2c22787ef1ede84a2a1c433ed83fc6e4c2b76c86b299428b8adf09b3d81b9ece54c899e43ff4d944e2f0e2d50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@28.1.3#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae863792faefe7b0339f5c8f81d4de6cf017bdd476c5f7b368a298cd5c59e88b7fe4d0b1cc9ca6ead508e4fd7391d5a17d4624c4423db9959c41d6852e8f2625" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "28.0.8", + "bom-ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@28.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-28.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45686d255e644fcc0a62c7ca051bc44a8c0cf87a1b66f3230a393cb91d7ddf63a5bc926bceae6718d212831255b9d85268bfe7258546eb280aa87e78f89974e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@28.1.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fe7eea49be55801db41f9fbe1ca0d5f7cdfeb42d7309b1eccdbefc7c78887b88e47596e275a68c5881093517c3d8b4dabfe903830c70aab129d3152582e3dd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@28.1.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cded50a0267e79115293dda5af7c798ac04749d5fac4855196441ae43611b15dd72e1238bb43e500cd1c0abe6dbf5af9b6d7bd8402e1bf880ff4c720c714e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "4.9.5", + "bom-ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@4.9.5", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d455e4f44d879be433650ef3f8c7098872f8356d45d84cccbbd36af62df301a1aa89b69fa98c02554e96c9602ec90451cce971a2ef31652c972c437ca0a8f6e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "chalk@4.1.2|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "glob@7.2.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "glob@7.2.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/core@7.24.4|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "2.0.0", + "bom-ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "529cdc2c25e895459c36ee47b5530761d5c98c0ae3b05f42d1a367aae658638b96fd5bb49a2cb96285af6d5df8e476ae56f700527a51ba130c72a4dc18e636fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "2.5.2", + "bom-ref": "@babel/generator@7.24.4|jsesc@2.5.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "398bbb5c4ce39024370b93ecdd0219b107cda6aa09c99640f7dc1df5a59dd39342b42e6958e91284ada690be875d047afc2cb695b35d3e5641a6e4075c4eb780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator/node_modules/jsesc" + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "11.12.0", + "bom-ref": "@babel/traverse@7.24.1|globals@11.12.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@11.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e069fc410652222c252a7bc1cbffcba30efa557d5289dc5aac6e15f9bc781c3358d8327c177a1b3f8878a43d8c29b28681fdf60d793374fe41a5471638b354" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse/node_modules/globals" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "yargs@17.7.2|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "js-beautify@1.15.1|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "js-beautify@1.15.1|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.1", + "bom-ref": "editorconfig@1.0.4|minimatch@9.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d235a12690ff31d84f5f03ee8919026df61f48aa76aa79f678e736efda88edffa8b25fe5fa9aca4abbe1835e7bcd262fc7fd679a09f636a753ea4d99ef3487f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/core@3.26.9|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/core@3.26.9|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@oclif/core@3.26.9|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@oclif/core@3.26.9|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.3.2", + "bom-ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "79546a0af56565bbb0dc6acceb7a2f352340780d4ad7a91a47f2d163ff76c34cf1439ff5633c1b9545fae768b85ecf51c001a35bd77dcba5fcf2df0e68025f59" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "jake@10.8.7|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "jake@10.8.7|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.1.6", + "bom-ref": "filelist@1.0.4|minimatch@5.1.6", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.1.6", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94ac15ff56eba46ea6054147b5becd526b400426f65996669b6c0d88e0398406fc55d092e01dddb4c5b2bdca1589c730016fc23844635cbb74ccfd735d4376ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.13", + "bom-ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.13", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba0f02654089a6181eb5265581de07420c9ec256151861b52c87855c6c63818b2367f7f92379d20a3ef1a403040ea8d50ff970992ba3b55c1aeedbc480b1880b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-9.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54bfa536b128217c30d5ca0b3ce9a21262bfd2c1a2824a3908ec48d3d2b31dcd9525726c437ed4690fbcaaebb18c3780efe2a72c64d647239748b2d1d966f88f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "206374200c26843270cb5dd673c93ee0f11b4cf86926732d7d1e7765b3b28e4be611c2d2e270b0a7a9af3168d2e6c5237a25b79a9c7a7079ae84a12ef5799c43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-package-arg" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83cf8e9d4fcbdaffb0ca254af83e5f037e09ec41fc8d9f030e5bf085108cc66323ed4081bf188ed6619e37edfa25720a178cdebd4e2444177c955806f6f2de94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/proc-log" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a69c13b62259ab43bf6a2d33ef27ee76d069588a3133cc84ea71e2d57e3b785476116391a9f6eee829cf94db2378debcdde4f4a86e87fcfc9ff5f09cbe39e79d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63ab60e6b1dfb1e7d291f2ae8efd92c07ba522744ecbfac22f9178c3440e5b1badf009f16317f46263614e1f7965fcb1a6cb9da3aeaeaa4bb1d000859f231281" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5698c846f4ec33f16022a12b3a65096049b6fc5971932b2fee1492b4d22471cfc99538998613bf7a9a39eefb1fb10e0cb492a2901414073a5bc538caabec72" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2e907fe7807eff627986a43b8a66477dd537d4e96042ac7b6627159649bd93383dff0f0628b11c15f265fedec30840ee78ec81003eb3082c133ba173b3436811" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "yarn", + "version": "1.22.22", + "bom-ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22", + "description": "📦🐈 Fast, reliable, and secure dependency management.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/yarn@1.22.22", + "externalReferences": [ + { + "url": "git+https://github.com/yarnpkg/yarn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yarnpkg/yarn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yarnpkg/yarn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yarn/-/yarn-1.22.22.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/yarn" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "hosted-git-info@7.0.2|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f61a77569dbf845414888c0aa3c5c2785567ae0f0f9374d834f211eed2400ca8b961f705eef11a2bb6af1474e54b2de438a61a25069a95f128e98b9775c78139" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "string-locale-compare", + "group": "@isaacs", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "author": "Isaac Z. Schlueter", + "description": "Compare strings with Intl.Collator if available, falling back to String.localeCompare otherwise", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/string-locale-compare@1.1.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/string-locale-compare.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/string-locale-compare.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/string-locale-compare" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arborist", + "group": "@npmcli", + "version": "7.5.2", + "bom-ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "author": "GitHub Inc.", + "description": "Manage node_modules trees", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/arborist@7.5.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/arborist", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/arborist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/arborist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs", + "group": "@npmcli", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "author": "GitHub Inc.", + "description": "filesystem utilities for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/fs@3.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "installed-package-contents", + "group": "@npmcli", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "author": "GitHub Inc.", + "description": "Get the list of files installed in a package in node_modules, including bundled dependencies", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/installed-package-contents@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/installed-package-contents.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/installed-package-contents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/installed-package-contents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/installed-package-contents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/installed-package-contents" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-bundled", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-bundled@3.0.1", + "author": "GitHub Inc.", + "description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-bundled@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-bundled.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-bundled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-bundled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-bundled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-bundled" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-normalize-package-bin", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "author": "GitHub Inc.", + "description": "Turn any flavor of allowable package.json bin into a normalized object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-normalize-package-bin@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-normalize-package-bin.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-normalize-package-bin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-normalize-package-bin" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "map-workspaces", + "group": "@npmcli", + "version": "3.0.6", + "bom-ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "author": "GitHub Inc.", + "description": "Retrieves a name:pathname Map for a given workspaces config", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/map-workspaces@3.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/map-workspaces.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/map-workspaces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/map-workspaces#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/map-workspaces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/map-workspaces" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "metavuln-calculator", + "group": "@npmcli", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "author": "GitHub Inc.", + "description": "Calculate meta-vulnerabilities from package security advisories", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/metavuln-calculator@7.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/metavuln-calculator.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/metavuln-calculator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/metavuln-calculator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacache", + "version": "18.0.3", + "bom-ref": "npm@10.8.0|cacache@18.0.3", + "author": "GitHub Inc.", + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cacache@18.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cacache.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cacache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cacache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cacache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cacache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "author": "GitHub Inc.", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/json-parse-even-better-errors.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-parse-even-better-errors" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pacote", + "version": "18.0.6", + "bom-ref": "npm@10.8.0|pacote@18.0.6", + "author": "GitHub Inc.", + "description": "JavaScript package downloader", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/pacote@18.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/pacote.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/pacote.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/pacote#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/pacote/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/pacote" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "npm@10.8.0|semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/semver" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "name-from-folder", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "author": "GitHub Inc.", + "description": "Get the package name from a folder path", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/name-from-folder@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/name-from-folder.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/name-from-folder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/name-from-folder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/name-from-folder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/name-from-folder" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "group": "@npmcli", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "author": "GitHub Inc.", + "description": "Tools for dealing with node-gyp packages", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/node-gyp@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-gyp.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "package-json", + "group": "@npmcli", + "version": "5.1.0", + "bom-ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "author": "GitHub Inc.", + "description": "Programmatic API to update package.json", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/package-json@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "query", + "group": "@npmcli", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|@npmcli/query@3.1.0", + "author": "GitHub Inc.", + "description": "npm query parser and tools", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/query@3.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/query.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/query.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/query#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/query/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/query" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16?vcs_url=git%2Bhttps%3A//github.com/postcss/postcss-selector-parser.git", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/postcss-selector-parser" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/cssesc.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cssesc" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2?vcs_url=git%3A//github.com/TooTallNate/util-deprecate.git", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/util-deprecate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "redact", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/redact@2.0.0", + "author": "GitHub Inc.", + "description": "Redact sensitive npm information from output", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/redact@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/redact.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/redact.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/redact#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/redact/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/redact" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "run-script", + "group": "@npmcli", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "author": "GitHub Inc.", + "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/run-script@8.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/run-script.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/run-script.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/run-script#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/run-script/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/run-script" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bin-links", + "version": "4.0.4", + "bom-ref": "npm@10.8.0|bin-links@4.0.4", + "author": "GitHub Inc.", + "description": "JavaScript package binary linker", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/bin-links@4.0.4?vcs_url=git%2Bhttps%3A//github.com/npm/bin-links.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/bin-links.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/bin-links#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/bin-links/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/bin-links" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cmd-shim", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|cmd-shim@6.0.3", + "author": "GitHub Inc.", + "description": "Used in npm for command line application support", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cmd-shim@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-cmd-shim", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|read-cmd-shim@4.0.0", + "author": "GitHub Inc.", + "description": "Figure out what a cmd-shim is pointing at. This acts as the equivalent of fs.readlink.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-cmd-shim@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/read-cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|write-file-atomic@5.0.1", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/write-file-atomic.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/write-file-atomic" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "common-ancestor-path", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|common-ancestor-path@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Find the common ancestor of 2 or more paths on Windows or Unix", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/common-ancestor-path@1.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/common-ancestor-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/common-ancestor-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/common-ancestor-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-nice", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|json-stringify-nice@1.1.4", + "author": "Isaac Z. Schlueter", + "description": "Stringify an object sorting scalars before objects, and defaulting to 2-space indent", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-nice@1.1.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/json-stringify-nice.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/json-stringify-nice.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-stringify-nice" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "npm@10.8.0|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2?vcs_url=git%3A//github.com/isaacs/node-lru-cache.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/lru-cache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "npm@10.8.0|minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4?vcs_url=git%3A//github.com/isaacs/minimatch.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.1", + "bom-ref": "npm@10.8.0|nopt@7.2.1", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.1?vcs_url=git%2Bhttps%3A//github.com/npm/nopt.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/nopt" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-install-checks", + "version": "6.3.0", + "bom-ref": "npm@10.8.0|npm-install-checks@6.3.0", + "author": "GitHub Inc.", + "description": "Check the engines and platform fields in package.json", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-install-checks@6.3.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-install-checks.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-install-checks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-install-checks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-install-checks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-install-checks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "npm@10.8.0|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-package-arg.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-package-arg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-pick-manifest", + "version": "9.0.1", + "bom-ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "author": "GitHub Inc.", + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-pick-manifest@9.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-pick-manifest.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-pick-manifest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-pick-manifest" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-registry-fetch", + "version": "17.0.1", + "bom-ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "author": "GitHub Inc.", + "description": "Fetch-based http client for use with npm registry APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-registry-fetch@17.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-registry-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-registry-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-registry-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-conflict-json", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "author": "GitHub Inc.", + "description": "Parse a JSON string that has git merge conflicts, resolving if possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/parse-conflict-json@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/parse-conflict-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/parse-conflict-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/parse-conflict-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proggy", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|proggy@2.0.0", + "author": "GitHub Inc.", + "description": "Progress bar updates at a distance", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proggy@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proggy.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proggy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proggy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proggy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proggy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-all-reject-late", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-all-reject-late@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like Promise.all, but save rejections until all promises are resolved", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-all-reject-late@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-all-reject-late" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-call-limit", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|promise-call-limit@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Call an array of promise-returning functions, restricting concurrency to a specified limit.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-call-limit@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/promise-call-limit.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/promise-call-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-call-limit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-package-json-fast", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "author": "GitHub Inc.", + "description": "Like read-package-json, but faster", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-package-json-fast@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/read-package-json-fast.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-package-json-fast.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-package-json-fast" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ssri", + "version": "10.0.6", + "bom-ref": "npm@10.8.0|ssri@10.0.6", + "author": "GitHub Inc.", + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ssri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ssri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ssri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ssri" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "treeverse", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|treeverse@3.0.0", + "author": "GitHub Inc.", + "description": "Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/treeverse@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/treeverse.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/treeverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/treeverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/treeverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/treeverse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "walk-up-path", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|walk-up-path@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Given a path string, return a generator that walks up the path, emitting each dirname.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/walk-up-path@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/walk-up-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/walk-up-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/walk-up-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config", + "group": "@npmcli", + "version": "8.3.2", + "bom-ref": "npm@10.8.0|@npmcli/config@8.3.2", + "author": "GitHub Inc.", + "description": "Configuration management for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/config@8.3.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/config", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/config" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0?vcs_url=git%2Bhttps%3A//github.com/watson/ci-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "4.1.2", + "bom-ref": "npm@10.8.0|ini@4.1.2", + "author": "GitHub Inc.", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@4.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/ini.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ini" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.15", + "bom-ref": "npm@10.8.0|glob@10.3.15", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.15?vcs_url=git%3A//github.com/isaacs/node-glob.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/glob" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git", + "group": "@npmcli", + "version": "5.0.7", + "bom-ref": "npm@10.8.0|@npmcli/git@5.0.7", + "author": "GitHub Inc.", + "description": "a util for spawning git from npm CLI contexts", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/git@5.0.7?vcs_url=git%2Bhttps%3A//github.com/npm/git.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/git.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/git#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/git/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/git" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-spawn", + "group": "@npmcli", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "author": "GitHub Inc.", + "description": "spawn processes the way the npm cli likes to do", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/promise-spawn@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promise-spawn.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promise-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promise-spawn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promise-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/promise-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-inflight", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-inflight@1.0.1", + "author": "Rebecca Turner", + "description": "One promise for multiple requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-inflight@1.0.1?vcs_url=git%2Bhttps%3A//github.com/iarna/promise-inflight.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/promise-inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/promise-inflight#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/promise-inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-inflight" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-retry", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|promise-retry@2.0.1", + "author": "IndigoUnited", + "description": "Retries a function that returns a promise, leveraging the power of the retry module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/promise-retry@2.0.1?vcs_url=git%3A//github.com/IndigoUnited/node-promise-retry.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/node-promise-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-which.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/normalize-package-data.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "version": "10.1.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0", + "author": "Nathan Rajlich", + "description": "Node.js native addon build tool", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-gyp@10.1.0?vcs_url=git%3A//github.com/nodejs/node-gyp.git", + "externalReferences": [ + { + "url": "git://github.com/nodejs/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf", + "group": "@sigstore", + "version": "2.3.3", + "bom-ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "author": "bdehamer@github.com", + "description": "Client for the Sigstore TUF repository", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/tuf@2.3.3?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/tuf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/tuf" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "protobuf-specs", + "group": "@sigstore", + "version": "0.3.2", + "bom-ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/protobuf-specs@0.3.2?vcs_url=git%2Bhttps%3A//github.com/sigstore/protobuf-specs.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/protobuf-specs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/protobuf-specs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf-js", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|tuf-js@2.2.1", + "author": "bdehamer@github.com", + "description": "JavaScript implementation of The Update Framework (TUF)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tuf-js@2.2.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tuf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "models", + "group": "@tufjs", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|@tufjs/models@2.0.1", + "author": "bdehamer@github.com", + "description": "TUF metadata models", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/models@2.0.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/models#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/models" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "canonical-json", + "group": "@tufjs", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "author": "bdehamer@github.com", + "description": "OLPC JSON canonicalization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/canonical-json@2.0.0?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/canonical-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/canonical-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "npm@10.8.0|debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4?vcs_url=git%3A//github.com/debug-js/debug.git", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "make-fetch-happen", + "version": "13.0.1", + "bom-ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "author": "GitHub Inc.", + "description": "Opinionated, caching, retrying fetch client", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-fetch-happen@13.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/make-fetch-happen.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/make-fetch-happen.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/make-fetch-happen" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/abbrev-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/abbrev" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "archy", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|archy@1.0.0", + "author": "James Halliday", + "description": "render nested hierarchies `npm ls` style with unicode pipes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/archy@1.0.0?vcs_url=git%2Bssh%3A//git%40github.com/substack/node-archy.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/substack/node-archy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-archy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-archy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/archy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "3.0.3", + "bom-ref": "npm@10.8.0|fs-minipass@3.0.3", + "author": "GitHub Inc.", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@3.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-collect", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|minipass-collect@2.0.1", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that collects all the data into a single chunk", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-collect@2.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-collect.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-collect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-collect" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|minipass@7.1.1", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-flush", + "version": "1.0.5", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that calls a flush function before emitting 'end'", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-flush.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|yallist@4.0.0", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/yallist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-pipeline", + "version": "1.2.4", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "create a pipeline of streams using Minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-pipeline@1.2.4", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-map", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|p-map@4.0.0", + "author": "Sindre Sorhus", + "description": "Map over promises concurrently", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-map@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/p-map.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/p-map" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tar", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|tar@6.2.1", + "author": "GitHub Inc.", + "description": "tar for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-tar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-tar#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-tar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-filename", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|unique-filename@3.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique filename for use in temporary directories or caches.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-filename@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-filename.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/unique-filename", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/unique-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-filename" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-slug", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|unique-slug@4.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique character string suitible for use in files and URLs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-slug@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-slug.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-slug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/unique-slug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/unique-slug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-slug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "npm@10.8.0|imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4?vcs_url=git%2Bhttps%3A//github.com/jensyt/imurmurhash-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/imurmurhash" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "5.3.0", + "bom-ref": "npm@10.8.0|chalk@5.3.0", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@5.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/chalk.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chalk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-columns", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|cli-columns@4.0.0", + "author": "Shannon Moeller", + "description": "Columnated lists for the CLI.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-columns@4.0.0?vcs_url=git%2Bhttps%3A//github.com/shannonmoeller/cli-columns.git", + "externalReferences": [ + { + "url": "git+https://github.com/shannonmoeller/cli-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cli-columns" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "npm@10.8.0|string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "npm@10.8.0|emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-fullwidth-code-point" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "npm@10.8.0|fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16?vcs_url=git%2Bhttps%3A//github.com/ka-weihe/fastest-levenshtein.git", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1?vcs_url=git%2Bhttps%3A//github.com/tapjs/foreground-child.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/foreground-child" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3?vcs_url=git%2Bssh%3A//git%40github.com/moxystudio/node-cross-spawn.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-key.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-key" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0?vcs_url=git%2Bhttps%3A//github.com/kevva/shebang-command.git", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-command" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/shebang-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "npm@10.8.0|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0?vcs_url=git%2Bhttps%3A//github.com/tapjs/signal-exit.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "npm@10.8.0|jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/jackspeak.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jackspeak" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2?vcs_url=git%2Bhttps%3A//github.com/yargs/cliui.git", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0?vcs_url=git%3A//github.com/komagata/eastasianwidth.git", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/eastasianwidth" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1?vcs_url=git%2Bhttps%3A//github.com/Qix-/color-convert.git", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-convert" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4?vcs_url=git%2Bssh%3A//git%40github.com/colorjs/color-name.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0?vcs_url=git%2Bssh%3A//git%40github.com/pkgjs/parseargs.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@pkgjs/parseargs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.11.1", + "bom-ref": "npm@10.8.0|path-scurry@1.11.1", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.11.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/path-scurry.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-scurry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "npm@10.8.0|graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/graceful-fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "init-package-json", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|init-package-json@6.0.3", + "author": "GitHub Inc.", + "description": "A node module to get your node module started", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/init-package-json@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/init-package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/init-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/init-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/init-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/init-package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promzard", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|promzard@1.0.2", + "author": "GitHub Inc.", + "description": "prompting wizardly", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promzard@1.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promzard.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promzard.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promzard#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promzard/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promzard" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|read@3.0.1", + "author": "GitHub Inc.", + "description": "read(1) for node programs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/read.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-correct.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "npm@10.8.0|spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "npm@10.8.0|spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-license-ids.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/validate-npm-package-name.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-cidr", + "version": "5.0.5", + "bom-ref": "npm@10.8.0|is-cidr@5.0.5", + "author": "silverwind", + "description": "Check if a string is an IP address in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/is-cidr@5.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/is-cidr.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/is-cidr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/is-cidr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/is-cidr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-cidr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cidr-regex", + "version": "4.0.5", + "bom-ref": "npm@10.8.0|cidr-regex@4.0.5", + "author": "silverwind", + "description": "Regular expression for matching IP addresses in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/cidr-regex@4.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/cidr-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/cidr-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cidr-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-regex", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|ip-regex@5.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching IP addresses (IPv4 & IPv6)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-regex@5.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ip-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ip-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmaccess", + "version": "8.0.6", + "bom-ref": "npm@10.8.0|libnpmaccess@8.0.6", + "author": "GitHub Inc.", + "description": "programmatic library for `npm access` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmaccess@8.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmaccess", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmaccess", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmaccess", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmaccess/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmaccess" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmdiff", + "version": "6.1.2", + "bom-ref": "npm@10.8.0|libnpmdiff@6.1.2", + "author": "GitHub Inc.", + "description": "The registry diff", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmdiff@6.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmdiff", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmdiff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmdiff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/binary-extensions.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/binary-extensions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "npm@10.8.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0?vcs_url=git%3A//github.com/kpdecker/jsdiff.git", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmexec", + "version": "8.1.1", + "bom-ref": "npm@10.8.0|libnpmexec@8.1.1", + "author": "GitHub Inc.", + "description": "npm exec (npx) programmatic API", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmexec@8.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmexec", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmexec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmexec" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmfund", + "version": "5.0.10", + "bom-ref": "npm@10.8.0|libnpmfund@5.0.10", + "author": "GitHub Inc.", + "description": "Programmatic API for npm fund", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmfund@5.0.10?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmfund", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmfund", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmfund" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmhook", + "version": "10.0.5", + "bom-ref": "npm@10.8.0|libnpmhook@10.0.5", + "author": "GitHub Inc.", + "description": "programmatic API for managing npm registry hooks", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmhook@10.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmhook", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmhook", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmhook" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aproba", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|aproba@2.0.0", + "author": "Rebecca Turner", + "description": "A ridiculously light-weight argument validator (now browser friendly)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/aproba@2.0.0?vcs_url=git%2Bhttps%3A//github.com/iarna/aproba.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/aproba.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/aproba", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/aproba/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aproba" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmorg", + "version": "6.0.6", + "bom-ref": "npm@10.8.0|libnpmorg@6.0.6", + "author": "GitHub Inc.", + "description": "Programmatic api for `npm org` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmorg@6.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmorg", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmorg", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmorg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmorg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmorg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpack", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|libnpmpack@7.0.2", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm pack", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpack@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpack", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmpack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpublish", + "version": "9.0.8", + "bom-ref": "npm@10.8.0|libnpmpublish@9.0.8", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm publish and unpublish", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpublish@9.0.8?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpublish", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpublish", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpublish", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpublish" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sigstore", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|sigstore@2.3.0", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/sigstore@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sigstore" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bundle", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore bundle type", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/bundle@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/bundle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/bundle" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@sigstore", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@sigstore/core@1.1.0", + "author": "bdehamer@github.com", + "description": "Base library for Sigstore", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/core@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/core" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sign", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore signing library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/sign@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/sign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/sign" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "verify", + "group": "@sigstore", + "version": "1.2.0", + "bom-ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "author": "bdehamer@github.com", + "description": "Verification of Sigstore signatures", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/verify@1.2.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/verify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/verify" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmsearch", + "version": "7.0.5", + "bom-ref": "npm@10.8.0|libnpmsearch@7.0.5", + "author": "GitHub Inc.", + "description": "Programmatic API for searching in npm and compatible registries.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmsearch@7.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmsearch", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmsearch", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmsearch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmsearch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmsearch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmteam", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|libnpmteam@6.0.5", + "author": "GitHub Inc.", + "description": "npm Team management APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmteam@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmteam", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmteam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmteam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmteam" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmversion", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|libnpmversion@6.0.2", + "author": "GitHub Inc.", + "description": "library to do the things that 'npm version' does", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmversion@6.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmversion", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmversion", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmversion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent", + "group": "@npmcli", + "version": "2.2.2", + "bom-ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "author": "GitHub Inc.", + "description": "the http/https agent used by the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/agent@2.2.2?vcs_url=git%2Bhttps%3A//github.com/npm/agent.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent-base", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|agent-base@7.1.1", + "author": "Nathan Rajlich", + "description": "Turn a function into an `http.Agent` instance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/agent-base@7.1.1?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/agent-base" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-proxy-agent", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTP", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-proxy-agent@7.0.2?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "https-proxy-agent", + "version": "7.0.4", + "bom-ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/https-proxy-agent@7.0.4?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/https-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks-proxy-agent", + "version": "8.0.3", + "bom-ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "author": "Nathan Rajlich", + "description": "A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks-proxy-agent@8.0.3?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks", + "version": "2.8.3", + "bom-ref": "npm@10.8.0|socks@2.8.3", + "author": "Josh Glazebrook", + "description": "Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks@2.8.3?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/socks.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/socks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-address", + "version": "9.0.5", + "bom-ref": "npm@10.8.0|ip-address@9.0.5", + "author": "Beau Gunderson", + "description": "A library for parsing IPv4 and IPv6 IP addresses in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-address@9.0.5?vcs_url=git%3A//github.com/beaugunderson/ip-address.git", + "externalReferences": [ + { + "url": "git://github.com/beaugunderson/ip-address.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-address" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsbn", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|jsbn@1.1.0", + "author": "Tom Wu", + "description": "The jsbn library is a fast, portable implementation of large-number math in pure JavaScript, enabling public-key crypto and other applications on desktop and mobile browsers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsbn@1.1.0?vcs_url=git%2Bhttps%3A//github.com/andyperlitch/jsbn.git", + "externalReferences": [ + { + "url": "git+https://github.com/andyperlitch/jsbn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsbn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.1.3", + "bom-ref": "npm@10.8.0|sprintf-js@1.1.3", + "author": "Alexandru Mărășteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.1.3?vcs_url=git%2Bhttps%3A//github.com/alexei/sprintf.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "smart-buffer", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|smart-buffer@4.2.0", + "author": "Josh Glazebrook", + "description": "smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/smart-buffer@4.2.0?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/smart-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/smart-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/smart-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "npm@10.8.0|http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1?vcs_url=git%2Bhttps%3A//github.com/kornelski/http-cache-semantics.git", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-lambda", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|is-lambda@1.0.1", + "author": "Thomas Watson Steen", + "description": "Detect if your code is running on an AWS Lambda server", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-lambda@1.0.1?vcs_url=git%2Bhttps%3A//github.com/watson/is-lambda.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/is-lambda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/is-lambda", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/is-lambda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-lambda" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-fetch", + "version": "3.0.5", + "bom-ref": "npm@10.8.0|minipass-fetch@3.0.5", + "author": "GitHub Inc.", + "description": "An implementation of window.fetch in Node.js using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-fetch@3.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "encoding", + "version": "0.1.13", + "bom-ref": "npm@10.8.0|encoding@0.1.13", + "author": "Andris Reinman", + "description": "Convert encodings, uses iconv-lite", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encoding@0.1.13?vcs_url=git%2Bhttps%3A//github.com/andris9/encoding.git", + "externalReferences": [ + { + "url": "git+https://github.com/andris9/encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andris9/encoding#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andris9/encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/encoding" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|iconv-lite@0.6.3", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.6.3?vcs_url=git%3A//github.com/ashtuchkin/iconv-lite.git", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/iconv-lite" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2?vcs_url=git%2Bhttps%3A//github.com/ChALkeR/safer-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/safer-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-sized", + "version": "1.0.3", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that raises an error if you get a different number of bytes than expected", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-sized@1.0.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-sized.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-sized.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minizlib", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|minizlib@2.1.2", + "author": "Isaac Z. Schlueter", + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minizlib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minizlib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minizlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3?vcs_url=git%2Bhttps%3A//github.com/jshttp/negotiator.git", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/negotiator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "err-code", + "version": "2.0.3", + "bom-ref": "npm@10.8.0|err-code@2.0.3", + "author": "IndigoUnited", + "description": "Create an error with a code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/err-code@2.0.3?vcs_url=git%3A//github.com/IndigoUnited/js-err-code.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/js-err-code.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/err-code" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|retry@0.12.0", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.12.0?vcs_url=git%3A//github.com/tim-kos/node-retry.git", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1?vcs_url=git%3A//github.com/juliangruber/brace-expansion.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2?vcs_url=git%3A//github.com/juliangruber/balanced-match.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/balanced-match" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "npm@10.8.0|ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3?vcs_url=git%2Bhttps%3A//github.com/vercel/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/env-paths.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/env-paths" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "exponential-backoff", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|exponential-backoff@3.1.1", + "author": "Sami Sayegh", + "description": "A utility that allows retrying a function with an exponential delay between attempts.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/exponential-backoff@3.1.1?vcs_url=git%2Bhttps%3A//github.com/coveo/exponential-backoff.git", + "externalReferences": [ + { + "url": "git+https://github.com/coveo/exponential-backoff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/exponential-backoff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "npm@10.8.0|is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1?vcs_url=git%2Bhttps%3A//github.com/inspect-js/is-core-module.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-core-module" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2?vcs_url=git%2Bhttps%3A//github.com/inspect-js/hasOwn.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hasown" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "npm@10.8.0|function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2?vcs_url=git%2Bhttps%3A//github.com/Raynos/function-bind.git", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/function-bind" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-audit-report", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|npm-audit-report@5.0.0", + "author": "GitHub Inc.", + "description": "Given a response from the npm security api, render it into a variety of security reports", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-audit-report@5.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-audit-report.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-audit-report.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-audit-report#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-audit-report/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-audit-report" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-profile", + "version": "10.0.0", + "bom-ref": "npm@10.8.0|npm-profile@10.0.0", + "author": "GitHub Inc.", + "description": "Library for updating an npmjs.com profile", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-profile@10.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-profile.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-profile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-profile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-profile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-profile" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-json-stream", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSONStream, but using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-json-stream@1.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-json-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-json-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonparse", + "version": "1.3.1", + "bom-ref": "npm@10.8.0|jsonparse@1.3.1", + "author": "Tim Caswell", + "description": "This is a pure-js JSON streaming parser for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonparse@1.3.1?vcs_url=git%2Bssh%3A//git%40github.com/creationix/jsonparse.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/creationix/jsonparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/creationix/jsonparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/creationix/jsonparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsonparse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-user-validate", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|npm-user-validate@2.0.1", + "author": "GitHub Inc.", + "description": "User validations for npm", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-user-validate@2.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-user-validate.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-user-validate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-user-validate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-user-validate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-user-validate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aggregate-error", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|aggregate-error@3.1.0", + "author": "Sindre Sorhus", + "description": "Create an error from multiple errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/aggregate-error@3.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/aggregate-error.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/aggregate-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aggregate-error" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "2.2.0", + "bom-ref": "npm@10.8.0|clean-stack@2.2.0", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/clean-stack.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/clean-stack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/indent-string.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/indent-string" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-packlist", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|npm-packlist@8.0.2", + "author": "GitHub Inc.", + "description": "Get a list of the files to add from a folder into an npm package", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-packlist@8.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-packlist.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-packlist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-packlist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-packlist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-packlist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore-walk", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|ignore-walk@6.0.5", + "author": "GitHub Inc.", + "description": "Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ignore-walk@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/ignore-walk.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ignore-walk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ignore-walk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ignore-walk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ignore-walk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff-apply", + "version": "5.5.0", + "bom-ref": "npm@10.8.0|just-diff-apply@5.5.0", + "author": "Angus Croll", + "description": "Apply a diff to an object. Optionally supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff-apply@5.5.0?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff-apply" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|just-diff@6.0.2", + "author": "Angus Croll", + "description": "Return an object representing the diffs between two objects. Supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff@6.0.2?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "qrcode-terminal", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|qrcode-terminal@0.12.0", + "description": "QRCodes, in the terminal", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/qrcode-terminal@0.12.0?vcs_url=git%2Bhttps%3A//github.com/gtanner/qrcode-terminal.git", + "externalReferences": [ + { + "url": "git+https://github.com/gtanner/qrcode-terminal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/qrcode-terminal" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/mute-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@4.0.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "npm@10.8.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0?vcs_url=git%2Bhttps%3A//github.com/chalk/supports-color.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chownr", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|chownr@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "like `chown -R`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/chownr@2.0.0?vcs_url=git%3A//github.com/isaacs/chownr.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/chownr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/chownr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/chownr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chownr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "1.0.4", + "bom-ref": "npm@10.8.0|mkdirp@1.0.4", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@1.0.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-mkdirp.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0?vcs_url=git%3A//github.com/substack/text-table.git", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/text-table" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-relative-date", + "version": "1.3.0", + "bom-ref": "npm@10.8.0|tiny-relative-date@1.3.0", + "author": "Joseph Wynn", + "description": "Tiny function that provides relative, human-readable dates.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tiny-relative-date@1.3.0?vcs_url=git%2Bhttps%3A//github.com/wildlyinaccurate/relative-date.git", + "externalReferences": [ + { + "url": "git+https://github.com/wildlyinaccurate/relative-date.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tiny-relative-date" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-version@2.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "http-call", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "author": "Jeff Dickey @jdxcode", + "description": "make http requests", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/http-call@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/heroku/http-call.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heroku/http-call", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heroku/http-call/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-call/-/http-call-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a1c229ac0b6dc8084e243e5f714c18ca0788a76d169e2f265e46e9c2ff5272fd9e97f2dbf6d8c1008caf8a04e31254b6aa5cf4d399df3adfcc1a54828b1b1db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call" + } + ] + }, + { + "type": "library", + "name": "is-retry-allowed", + "version": "1.1.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "author": "Vsevolod Strukchinsky", + "description": "My prime module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-retry-allowed@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/is-retry-allowed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "11a060568b67339444033d0125a61a20d564fb34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/is-retry-allowed" + } + ] + }, + { + "type": "library", + "name": "json-parse-better-errors", + "version": "1.0.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-better-errors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/zkat/json-parse-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9abab264a7d7e4484bee1bea715e961b5c988e78deb980f30e185c00052babc3e8f3934140124ff990d44fbe6a650f7c22452806a76413192e90e53b4ecdb0af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/json-parse-better-errors" + } + ] + }, + { + "type": "library", + "name": "tunnel-agent", + "version": "0.6.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "author": "Mikeal Rogers", + "description": "HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/tunnel-agent@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/mikeal/tunnel-agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "27a5dea06b36b04a0a9966774b290868f0fc40fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/tunnel-agent" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "sinon@16.1.3|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "sinon@16.1.3|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "2.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b8b6b48fce7d98cae0dac97041874efc092b39f987f97e8b4d598d4d2f42a9ec6e13622f54e448912a492ea78f01b127289efb68c982c2bd4d519e7bd76d1772" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam/node_modules/@sinonjs/commons" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "11.2.2", + "bom-ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@11.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-11.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b6a62092c50ee858ec701920321477cf22cc9e2465d8b5cea615b9c503e9115e48849d397c73ff23ba5d92df6f621419c323d1c6a1e596019beebce91971c83" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/@sinonjs/fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "6.2.2", + "bom-ref": "nise@5.1.9|path-to-regexp@6.2.2", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@6.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1905f749232892781bdfafb085da515c4fb77fd57c533c80a2b958bce1b1f3bb9f1877a13539f9942c6b2ad2f2678625ff010a9cd9ebf7c6733b0c03655e6883" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/path-to-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "pretty-format@29.7.0|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-util@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint@8.57.0|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint@8.57.0|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint@8.57.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint@8.57.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@4.33.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68836203119574e975789c958da5a7fd871502ae068bf628df9a871829ea6d6573eb5837f43d21db7bde63f300d2b14519fc4aed3c92836bb00de36ff89815a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@4.33.0#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66885db1b5da76318148ad3fafe77ced7d120662b33aae3f4b99f32ba481809b29168f7f0940c9ee18dacaecdef892bb09940b0ccae8ab2b69ee939c14a4f164" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "7.32.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@7.32.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54767c817f840dfcfef7b8c6720c860b24626bf74f39de9787dc8fbfc065d7e4a8688c03f9afef96b3a6191532398bbb33052173b0b1a9e683654d774b8f84a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.12.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "author": "Sebastian McKenzie", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.12.11#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babeljs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66dd72a1d071d5473289e3cc4a45a753884faa1c2aee11a2da714bd4b780dc4525faad8b431d7a3084a0274fb3edd9e682f3fd42d2257ae11318e88e1f545c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@babel/code-frame" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "0.4.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@0.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27a285173e50098509ab7a5fd268c47022551116f3bfbd4f5080dccee87d264c0613371e77a08ee400cb1c1d6b6dfffea0f06da0f7cc60d3a9183cc200d95b5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "7.3.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@7.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/eslint/espree.git", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf724234213ae2e9a41699a4146ab354ab0e4f4b4dd59afeb9ea8b65fa55d4e6fc7be08480f59af8ec42a061f7b6786298c2886819b89bfbda46927f92b473da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.5.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15a82d285cfbe17ad397bcba1c2cd0a700df5cfd328717bd9472c3d546718ef64871bc91cfccd3145ff260d7d27f3538d78783c19d52aced10bedc9ffb014c42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "1.2.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66740c9cb5787bb843954bf0f07f94f0048bd36492d869fafbd01cdf01862c87bbfa37b601e00ec4f63e8b320f2437c50dbede0e37afd14b3c30ed6215137c84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "7.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@7.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d0ca9d28d7f98d75b4ced4f3ba9079304ab9a0674313fe3082a4d8b06d48c6a11378765061a89b6842e0a710e2b3813570834656882a10cba4b131e6d0561f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/acorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/glob-parent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/argparse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.29.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.29.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.29.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a65195478e6ce5dc8d5a3b633fda0129a9afc61d74e5ecb17fbd07805f85be990214fb6932a98f7b16432749cd89f0eb28abebc2497098fc78c552614817f02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.38.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.38.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.38.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b68cbf95c9f91c656f06a139aa2ec131beb5acb0179d4a8690435d6fca17e50de4f772c31d055a743a7f805628eb46ebe09a459e0f0c142f9463d2a0d11caea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "tsutils@3.21.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "@babel/highlight@7.24.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "@babel/highlight@7.24.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.20.2", + "bom-ref": "globals@13.24.0|type-fest@0.20.2", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35ef9e138af4fe25a7a40c43f39db3dc0f8dd01b7944dfff36327045dd95147126af2c317f9bec66587847a962c65e81fb0cfff1dfa669348090dd452242372d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "2.0.6", + "bom-ref": "optionator@0.9.3|fast-levenshtein@2.0.6", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c25eee887e1a9c92ced364a6371f1a77cbaaa9858e522599ab58c0eb29c11148e5d641d32153d220fcf62bcf2c3fba5f63388ca1d0de0cd2d6c2e61a1d83c77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator/node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "eslint-plugin-node@11.1.0|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "36.0.0", + "bom-ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "author": "Sindre Sorhus", + "description": "Various awesome ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@36.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-36.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c71376bd272d1969c35ba68b1259bf2ca23072b9a4ea676211c5b9e54bf992b72b55c20549632612073f870a5e9987d969c299e67a4511118dcf869386ca7500" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp/node_modules/escape-string-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/eslint-parser@7.24.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-limit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.8.1", + "bom-ref": "read-pkg-up@7.0.1|type-fest@0.8.1", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1d6f3233aaf8ed822339af0d64e6b107b4100d2a676e7611b20446a3374d5f13285a00886ca0a372eb2efe20df7721fa45b7063d8aa8bb903fb1c0a850b0d24" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.5.0", + "bom-ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.5.0", + "externalReferences": [ + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ff908c3774f44785d38f80dc19a7b1a3eae8652752156ff400e39344eae3c73086d70ad65c4b066d129ebe39482fe643138b19949af9103e185b4caa9a42be78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.8.9", + "bom-ref": "read-pkg@5.2.0|hosted-git-info@2.8.9", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.8.9", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9b120301bf4bb26e83a0e27bc47fb9f97e32d4b53fe078b9d0bf42e6c22cc0adc9cd42d2e1bc24d45be374182f611e1bcd3e2db944220b5e451367f91db2ef63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.7.2", + "bom-ref": "read-pkg@5.2.0|semver@5.7.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "701ce79d0f4a8c9a94ebb079d91302eb908c6ab2b6eb4d161676e471a8b05aadf1cbfe61685265b21827a63a2f31527e1df7f8f5df06127d1bf3b0b9a43435d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.6.0", + "bom-ref": "read-pkg@5.2.0|type-fest@0.6.0", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abe301f27611d4a0cbae0af81b9c9e99fb69302eff40ba959dd06610476ace6363e5d70538ee0ea3caa5c1913750b4f7f998a6d45f0aab87019e290d86508c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "0.5.0", + "bom-ref": "regjsparser@0.10.0|jsesc@0.5.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "http://mths.be/mit" + } + } + ], + "purl": "pkg:npm/jsesc@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b99cf952707bbb84fd2efc2616a5e28bba594a8b9a44fa2b1ace70868d48a7b54ed30c5a9c5bc12fb1a433a7531e5817fa384102945eb5a5a99c369b39e4dc9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser/node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "body-parser@1.20.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "body-parser@1.20.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "finalhandler@1.2.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "finalhandler@1.2.0|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "send@0.18.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "1.3.1", + "bom-ref": "global-prefix@1.0.2|which@1.3.1", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f125d616ab53132106c9de7c3472ab2c1e84cd536ebb2a5ac3b866755989710d2b54b4a52139a266875d76fd36661f1c547ee26a3d748e9bbb43c9ab3439221" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "7.8.1", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@7.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://rxjs.dev", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "000dd3563fb40368ae2284245842bfb6a16306ada3fba3cee98d3325cbf32c016110520edc72f4be5b3d8562e77196c001b2b499aafba19e15d3bf48fea3ccc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt/node_modules/rxjs" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "figures@3.2.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.0.33", + "bom-ref": "external-editor@3.1.0|tmp@0.0.33", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.0.33", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d10899688ca9d9dda75db533a3748aa846e3c4281bcd5dc198ab33bacd6657f0a7ca1299c66398df820250dc48cabaef03e1b251af4cbe7182459986c89971b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor/node_modules/tmp" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "rxjs@6.6.7|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@jest/core@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-config@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "jest-validate@29.7.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "resolve-cwd@3.0.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd/node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "json-colorizer@2.2.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "json-colorizer@2.2.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "json-colorizer@2.2.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "markdown-diff@2.0.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff/node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.0.0", + "bom-ref": "mocha@10.4.0|diff@5.0.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.0.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd54c2aef9b9674246b72fc158796387e0408b0dc82beda3f3b34632ef0dc1cfdfe3c5a80c00b7f79ba898ef590f5d7b64e05a1e6917d68c8bbe454cfda213df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "8.1.0", + "bom-ref": "mocha@10.4.0|glob@8.1.0", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@8.1.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afc869123890118945d9053475fddd4be9f1c5222b797412d6a461309334439343751dfce82ee36fb1f0c2877c1608ae7b1fa4d0616381fb75f32bf19b95e809" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/glob" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.0.1", + "bom-ref": "mocha@10.4.0|minimatch@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cb0f12054728436e5cf7a8cbaaf92a116440f8fa6889fc6fad743ae39249119e302c05ec5e1a98232c44346e5272eeb1e14766fddeb8506384afc96bbdbf4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "4.1.0", + "bom-ref": "mocha@10.4.0|log-symbols@4.1.0", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: `✔︎ Success`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f173efa4003cbb285fb5ebbca48bd0c69259ed2618769522bd9a46cbab05b01b8a458ffbad019abde75e07c68af99932ababa930554bffd016eaf398cdf4722e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/log-symbols" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "16.2.0", + "bom-ref": "mocha@10.4.0|yargs@16.2.0", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@16.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f59afbed0c6d0be5fb7f8c65a42e91b5fa6d1e43139f681bd33442eb6968f6db049550c5b1654bd880961c2a1ea3186224245847e0864f4214784caa5cf2607" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/yargs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "7.0.4", + "bom-ref": "mocha@10.4.0|cliui@7.0.4", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39c444ebc70eb15317a7562fa2797f7f39103b28cb4aeffc6e13c37d0b747b4fc46f6f374ca3f6d05b3632aa0fb2bf52c00e7de6b44203e40ccd873d9c13fe25" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/cliui" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "yargs-unparser@2.0.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser/node_modules/camelcase" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "oclif@4.13.0|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "oclif@4.13.0|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/debug" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "oclif@4.13.0|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/ms" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "8.1.0", + "bom-ref": "oclif@4.13.0|fs-extra@8.1.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca1950800ea69ce25428eb11505b2025d402be42a1733f2d9591b91c141f45e619cb8e8ec0b718f9989ad26b5d1ec3a8f72fe13fe0b130dd1353d431a0eb46e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/fs-extra" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "4.0.0", + "bom-ref": "oclif@4.13.0|jsonfile@4.0.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@4.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ba175477cfc8e395fda29901d2d907b3e6c8ca590cdbbae86e27f14a605459bcf1373ee1dc48c559cdfb0b84654e91f776d286cbe5258405ec394a196ab8dc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/jsonfile" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "0.1.2", + "bom-ref": "oclif@4.13.0|universalify@0.1.2", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@0.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac125e2390970259b2d6957eeb5ed607d27add4e9771acc71c5d9fd9d6c98b1e17ce9505d114b765b8f414620e080bdae4ffddfc604e61a002435c3ed1acd492" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/universalify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.575.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "602b2d55a5b9b40bd7b3ebf82d1f603403be55184839b8e4d7f92709d550e504114debed550b5d25678dac3658a38013a343871b2a860a3e59d3d4d632ff9ed5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.575.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0cad3e09d9d462b247f42453062f954d06a3ef73a8a035adb5f0b1812731d798bb26d567c60869dc7bce11ed4d944abf283ce7a7bb45f34822ef310c996c659" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.575.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d75ed4fa44248b65e829c6107dea6695170dc67eab10b1a538538143c6762530571181db956da47b4ebb6b408b9b1170a7fcc25ae73b2068ddde29f7c78437ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.575.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac474da6a5b68c47399306dffecf57432c0c2d094890c8ee08aea6c3db05d8e5511871959e1fba7a1ff5245c7c2a3f9e539d5cb627d0eca6877bc746728f0761" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.575.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5765a82c1897342738ac8599b7a15470fe13374564d3603d3cf0815a44dfc8ea288aa7eaf96666663451069c25d7ee54b2f011b25aca585d15ce178c4573c92d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-host-header" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.575.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec310ac7d675d4c69ac9eec57e162d0bcae36ccfcf70570c3b637840401fca97205828fec3882c784d8e19d7c01fd3850e815ce98bcba79defd7abdb3e3cd04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-logger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.575.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae2f3d95d445a2ce8a64319a92758f4b65cf3bdaabfa067bfa63daa14f189123355b8b8aaad9d448e37273e3b7085189aea45eb861e146ad25d9295dd1b8f03b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-recursion-detection" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.575.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7d696be117eb50d4b64773e03fe5aca0c60e44082fff8ecba742747dbddd5ced58bdd73335675d45b152517d8c43133fcbd5c57d03cba4b83396e8682f70a37a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.575.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0124ac1358a096bbdcbc1735c88a3606c242abded0e43d733b072953a1ee96fad1a4a783a2ad5e225eb580f7345e3704d37a9a311ee7e87ea8c62bd06d708f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.575.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eb9e89501acd305f176036e762ad1d783a034e6ab1fb59489fdfcfb63dde289d91fe2fb5e820b7a6d04800d6d469805a70da914795908d6801c33520446a5ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.575.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c02e71f95eb0de446547a5fa5d520db003c3606f93cecdd6b61970f982ed8ee3ce0d435921002ab000476a1c677a417202fb1efb5f76f47c28f8268bf811d918" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.575.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8800e89d7c9a5e0c2f0b84f4a91b8358274a227cfcd865f67327b3abfa2a5652fc6cf63b1c3f23c1966bbae25dab9b646898b51216cee3e7f592c66a3a264abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.575.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "930cef05f0342e820b0ce152e8157cb8e924b011eb62e94fea43577a00797999c348d89ae436c1b17ab143f1e49cd1796b8dbd496430d9a690244810bd907554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.575.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "613829ab7aef6015f35ba3930c1d34704efd7af42db2cfe5cf61a525782aa955c3d26ee2efb84603ccdbe3855ebcffd6c6d0da8925bb4928eebbc542046b20e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.575.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c507d599823ef4aa91be1598f1fc84967a5c5540415208bf1e88e2de853a58bad48eb5fdf24f771deee0283412c877fbca430b5002585b0b15e008d0da3ea78c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.575.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d33a6bfe5552e3607b773ac91bb1bcefb8b2b2e849fa877e44067d40df8537532699639697e773d877cf6362d7e6ae78e1cf64c34558892d1c3717e7050606" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.575.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbfe4d255ecc672b0a825a89490fcef0e10b35cc0b707df192769b2fd35a82dcc1ed1341da9d405174745254decbdb120cb2f8a0298d6bffae9d8ba0956fc086" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.575.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36d5c0f4e3c82aca9abecd85ee184b4ffb766438f026cbd07af8f7d68bf536999335831cece585583a6d386eeba69b1632c93928a99f88bdaa5624099decd734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.575.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41cbd51fbc29be91515c600680205f41e885fe9b43d0d27e1eb73c74361f3c6845799d04a1540160da612e2db9c5eec967e5db6aa08aad444766daf87c010e27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.575.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a5156a40b64b43dd7072e3b7ad1bcd062972bd2e1dec3423172e3712b34352d1f751210252db32b10bca8adb651099d14aa57c6d84d0f914a93b7cd12aad1fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.575.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f3433d0a109232aa9f80f6b7bd2a5736df76d95a032f4a05d1b9f2a0f5c8d595c6af1187f957770981f9a1363d26a1b727d58a465d091a19885cf10e1e4850" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.583.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cedf09ab1573e2da4344e3a943d570137d1aef74dc577780e54c5a2ea169abee5beaa1491c6e6b64576aff5c2859036cf41e20daba9842d5ef1bf2568955e4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.583.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4333189e98f0d6afd758d90e00ca2c6446793f86f4ba7ece8e5b1b950b3d563b8ed885a01f3ac10602040c8032cb68e7e3fe82d4e43d78b9334110f1a1e2b04" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.582.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1f983f7a21073d83575bcaa942cb1bb97c21bb90897da75368379faf1815322dd6e63c25773dd83df6744760426ebf63201b1e405051833cc1dca9b2699d923" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.583.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81372a415e7cbbcc91fce52cf10e3f2cd666cb5eff5cfd56ead2a4774773ce8f689d67acb007faa52110b55f006ebf8f56be0f24035c0a5e4dcade3ae971523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.583.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c553575d70d6bc1548fc0795b52740f5256e9aac6265a11293f269527f463249ad4ca7ed7abd02c1e6a9fb5890f63f1b4403b4bcd8662246dcbdd0754b859553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.583.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642f666f68eae811573d8b14b03dad99872796677ef4f18dc2714d9fc8e4e1a6e76b9263936c0392737cd726e4b66051e6db4df56f2e82692db8ab6f00c20309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.582.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9063942b0e6bc8f90321807af4f8cadd289c54b4db581d3aa2e14dd96d44bea509a644063c0506cd872898ab6dde625a0937ffd647e8687c0044097a28a48ff1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.583.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d2858d83fca9b3a72d8e111e2ffa89f4121affec573fb44f0d0a85299db306459b98b2cea0c59746f97cb8a5010faa827be0c699cbbdb247d55de5d27ac11" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.583.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bfd44bcbf6d05ecd2894fb4ead1b82bf90ebc57cf8e785e4f82525ea8cf33bfaf8cace0a768f1a7527d30c77af73b388d55a89fddf6ccc786823ac2a65ccc12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.583.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d276326881b596708248f8f862d5af3ab0983e83f05069b6b15993b3e71a449feefd50f2dc58348ea063ddfc4518582789415b870d6e13ef5a80f1025f741f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|cli-width@4.1.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@4.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2eb99778fdd9b64b0e469aacba6c6c8d34d7b5aadf51a66c6f78b48eeca720b139d4ed15dfb30fbf6ee9161a8d5a6e006230089cd3af2b72566c3b82169a6c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/cli-width" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "@inquirer/core@8.2.2|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6afb09421c9dfbaf3480a5f21bfb107349d7682eab0643ce7f21d87056fdfa1764a90911f5b767909d003198647b4a1eb0fa883be985149f8874173b9acb7820" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "6.2.0", + "bom-ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afa94f7011b1657948732984bbb227c43321756d0a0f1a4b82814b720b9ab3109a27f48e219c0835ab4af4a63fb5ff99ae5cb038a5345038f70135d405fc495c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.15", + "bom-ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a66b5993c211e31a8fae5994a6365c83f7712363ad317a5911177dae63d41ac4bd7ad6bb80504a1545eac5f2f9132ff48cbf2c266b1b987b120039a5d27b4c3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "3.1.0", + "bom-ref": "decompress-response@6.0.0|mimic-response@3.1.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf4c9623ee050ebaf0792f199ade048f91dd266932d79f8bd9ee96827dfe88ae5f5b36fa4f77e1345ab6f8c79345bd3ae1ce96af837fc2fd03cd04e33731cd19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response/node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "4.0.1", + "bom-ref": "sort-package-json@2.10.0|detect-newline@4.0.1", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a84dd57a0d585f3187421940ea3cde6d9376a957fa357f80ee6eea9610861b7d1d262c6b0108583ac263b270632640929ae38fa42937d35e397ebf055746f3a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/detect-newline" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "13.2.2", + "bom-ref": "sort-package-json@2.10.0|globby@13.2.2", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@13.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-13.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635ccd195fa9cd0761ec7dfd97dce00783c9aa344dab276f7580831b81c55cce17baf49a41094473dd48535c802cbf205130e89a00407f3dd725d9944bea28d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/globby" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "4.0.0", + "bom-ref": "sort-package-json@2.10.0|slash@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddd3ac0075d7524413a4e61ca00c4b228acc4e9e20210af9216de255bec0ee5148a74547867ca79bd8b3c7a4ecb1dac87152044809558ed9ced8af1b83e0a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/slash" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "4.1.0", + "bom-ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f822faf32e50d909c84c62301b792251683322a7af9ce127852ca73e7c58e841179428219905c8d1c86c102d1f0cd502093946d9dd54db0344deb5fe6983aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "3.1.0", + "bom-ref": "open@10.1.0|is-wsl@3.1.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51c55f55f68ae127389bb5f77544a81e8a3340604415e0c2fb3568d3ab7df317bc0b31d265905e90d5c7fadbb435a947a25709fd0006a92e3a1de7fb41704833" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open/node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "3.0.0", + "bom-ref": "is-inside-container@1.0.0|is-docker@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a58dc8040e5127b3fec05c5a2c0792bfda708ce0fec540f90673f0d62f2e6b985116bd96b21ab8a4d5df7f4086399c9e1ff58b15bc1900ea42691e7f6b21275" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container/node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "5.2.0", + "bom-ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ee46cd6029b06ab0c288665adf7f096e83c30791c9e98ece553e62f53c087e980df45340d3a2d7c3674776514b17a4f98f98c309e96efbdcc680dc9fa56e258" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "4.1.1", + "bom-ref": "prompt-sync@4.2.0|ansi-regex@4.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b96fe24ff77fabdf4383a83f6006be2ace92d950f7c6442f593d15a423c5adcbd5a6c181bb930c074f3a9bdb1a7702d014d542b97e38cf316462bab565edee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "ts-jest@29.1.4|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "test-exclude@6.0.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "7.0.1", + "bom-ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@7.0.1", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "055c156cf251b29ccd876c9fb25c93d4f49b979b88934dc46656f8f7744a1cde2a7a3fc3d3a9f570486394e246ebda05b04ece4fc5e3a5351c61fea92932cc87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/ts-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arrify", + "version": "1.0.1", + "bom-ref": "ts-mocha@10.0.0|arrify@1.0.1", + "author": "Sindre Sorhus", + "description": "Convert a value to an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arrify@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/arrify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/arrify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/arrify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc26337b1f4cf451908c218c1b28baff7d5cf0625b81bd2a1b2af1e475b13ddd1a0b0878701d988cc6f65dff54ba8a20accae53bd713aa7079ac8e461d94dc50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/arrify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "3.5.0", + "bom-ref": "ts-mocha@10.0.0|diff@3.5.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@3.5.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "038eaab4581dfa0ee90d98a7a67c22449b716c2d61a607f4bb33f7886f3db1c1e4d00502ec0d531b17f93a288e52ffc931947c18eb7c84bf74d215746cecb9c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "0.5.6", + "bom-ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "author": "James Halliday", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@0.5.6", + "externalReferences": [ + { + "url": "git+https://github.com/substack/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14ffa9f1107c396a45dd86410ab3f982d0039ad5c0a41e4030b9febddc80f8fcb10a3ac2b34d268f2528cecb0edf77300de4f7c0d19d2f127933ffd8aad1c027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "2.0.0", + "bom-ref": "ts-mocha@10.0.0|yn@2.0.0", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b93bfc27fc225938144e0fbdbcb4e2fff95e525e6f0d04baba28bf7a67936f6b2c63bbe5e9059fd9f15b2081a39e18ef6dd2a553479ded03e063586d4c2f3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/yn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "1.0.2", + "bom-ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "author": "Aseem Kishore", + "description": "JSON for humans.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83531630b062cfc14a8b57b8c3453254bdf0fa225c7960050406819e718a3a935ae5ff132e4b646eb7b5facea8202c9d5809be1d15064e623efffc6fda1bd760" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "3.0.0", + "bom-ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdabc03115ce80154d17a9f210498bdc304ad7d891a437282305beb3043e09b1a2bbb963bbab7e264940d4c1f07a85ad69d82de0849552c5cbc83ab7e1d75cc0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/strip-bom" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.9", + "bom-ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.9", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc17a5b7ab5d73c6cf800b5b72676d349962ad5a139846f97b6802f783e7930116f6323a0801d47a81bce6d8d63f95aabaa7dabe832d330886e0ff76e9928ab9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support/node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "3.2.1", + "bom-ref": "colorspace@1.1.4|color@3.2.1", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68197b75923d10d37a7d4182ee65a93133cd1e659448d6a7f6db9637a6a187964b364f5b68b24e9d2325ad090772b7c5833dbf462823515023771dfa55c7a628" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "colorspace@1.1.4|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "colorspace@1.1.4|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.3.0", + "bom-ref": "xlsx-populate@1.21.0|sax@1.3.0", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2cfa8026c3dccb975575712f41b5937b240774716e5ed101f85b72d610ae9ae0b68b100d8e4e919858363ee976ac04bb73eb0926deed71470f79991b89e7d58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate/node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "2.3.8", + "bom-ref": "jszip@3.10.1|readable-stream@2.3.8", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@2.3.8", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f29d00524e173838087b04a2d25f04a63b3e1159d688aecda03204194d07844efe67263c0f520c63ba1dbb9951ac55c683bd4bd79286f10acf9ae9b8e514ed74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.1.2", + "bom-ref": "jszip@3.10.1|safe-buffer@5.1.2", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.1.2", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19dd94641243917958ec66c9c5fb04f3f9ef2a45045351b7f1cd6c88de903fa6bd3d3f4c98707c1a7a6c71298c252a05f0b388aedf2e77fc0fb688f2b381bafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.1.1", + "bom-ref": "jszip@3.10.1|string_decoder@1.1.1", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ff4a19ef0e2e851db6d57ef8aba3e5a88e2173bfeb3c30f30705ccd578f7d4a4324bc282d3d21b759786300426e2f29240bde104767907c8fc933ff9b345fc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "2.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@2.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7dda27f9373eb5f48d30f9a909acb647d0c5f43dbe435f7f573b0413b5749d41039a607d374b5b88429e2684e66d017af1ab85623baed84e22c1a36eb7f28f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85a444ca9abbc6433b12b7e0232034cfe063e0018a94c49d9501368ef268ea1b960f511d90a615f86fd3e27ab4604176be04d3f24a8c14aa35b879fde74af849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path/node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2?vcs_url=git%2Bhttps%3A//github.com/zeit/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "author": "Isaac Z. Schlueter", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@5.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2?vcs_url=git%3A//github.com/isaacs/node-which.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "be35f5425be1f7f6c747184f98a788cb99477ee0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "send@0.18.0|debug@2.6.9|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ], + "dependencies": [ + { + "ref": "@mitre/saf@1.4.7", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@aws-sdk/client-securityhub@3.590.0", + "@e965/xlsx@0.20.1", + "@mitre/emass_client@3.10.0", + "@mitre/hdf-converters@2.10.8", + "@mitre/heimdall-lite@2.10.9", + "@mitre/inspec-objects@1.0.1", + "@oclif/core@3.26.9", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-plugins@5.2.2", + "@oclif/plugin-version@2.2.2", + "@oclif/plugin-warn-if-update-available@3.1.4", + "@oclif/test@3.2.15", + "@smithy/node-http-handler@3.0.0", + "@types/chai@4.3.14", + "@types/express@4.17.21", + "@types/flat@5.0.5", + "@types/fs-extra@11.0.4", + "@types/get-installed-path@4.0.3", + "@types/jest@29.5.12", + "@types/js-yaml@4.0.9", + "@types/lodash@4.17.4", + "@types/mocha@10.0.6", + "@types/mock-fs@4.13.4", + "@types/mustache@4.2.5", + "@types/node@20.14.1", + "@types/objects-to-csv@1.3.3", + "@types/prompt-sync@4.2.3", + "@types/tmp@0.2.6", + "@types/uuid@9.0.8", + "@types/xml2js@0.4.14", + "@typescript-eslint/eslint-plugin@7.12.0", + "accurate-search@1.2.15", + "ajv@8.16.0", + "axios@1.7.2", + "chai@4.4.1", + "colors@1.4.0", + "csv-parse@4.16.3", + "dotenv@16.4.5", + "eslint-config-oclif-typescript@1.0.3", + "eslint-config-oclif@4.0.0", + "eslint-plugin-unicorn@52.0.0", + "eslint@8.57.0", + "express@4.19.2", + "fast-xml-parser@4.4.0", + "flat@5.0.2", + "form-data@4.0.0", + "fs-extra@11.2.0", + "get-installed-path@4.0.8", + "htmlparser2@9.1.0", + "https@1.0.0", + "inquirer-file-tree-selection-prompt@2.0.2", + "inquirer@8.0.0", + "inspecjs@2.10.8", + "jest-mock@29.7.0", + "jest@29.7.0", + "js-yaml@4.1.0", + "json-colorizer@2.2.2", + "lodash@4.17.21", + "markdown-diff@2.0.0", + "markdown-table-ts@1.0.3", + "marked@12.0.2", + "mocha@10.4.0", + "mock-fs@5.2.0", + "moment@2.30.1", + "mustache@4.2.0", + "objects-to-csv@1.3.6", + "oclif@4.13.0", + "open@10.1.0", + "prompt-sync@4.2.0", + "run-script-os@1.1.6", + "table@6.8.2", + "tmp@0.2.3", + "ts-jest@29.1.4", + "ts-mocha@10.0.0", + "ts-node@10.9.2", + "tsimportlib@0.0.5", + "tslib@2.6.3", + "typescript@5.1.6", + "uuid@9.0.1", + "winston@3.13.0", + "xlsx-populate@1.21.0", + "xml2js@0.6.2", + "yaml@2.4.3", + "zip-lib@1.0.4" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0", + "dependsOn": [ + "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/util@3.0.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/util@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/util@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/types@3.577.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-utf8-browser@3.259.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-locate-window@3.535.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "tslib@2.6.3" + }, + { + "ref": "@aws-sdk/middleware-host-header@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-logger@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/config-resolver@3.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/core@2.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/fetch-http-handler@3.0.1", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/invalid-dependency@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-content-length@3.0.0", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-endpoint@3.0.1", + "dependsOn": [ + "@smithy/middleware-serde@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-retry@3.0.3", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/service-error-classification@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "tslib@2.6.3", + "uuid@9.0.1" + ] + }, + { + "ref": "@smithy/middleware-serde@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-stack@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-config-provider@3.1.0", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-http-handler@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/protocol-http@4.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/smithy-client@3.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-stack@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/types@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/url-parser@3.0.0", + "dependsOn": [ + "@smithy/querystring-parser@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-base64@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-browser@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-node@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-browser@3.0.3", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-node@3.0.3", + "dependsOn": [ + "@smithy/config-resolver@3.0.1", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-endpoints@2.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-middleware@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-retry@3.0.0", + "dependsOn": [ + "@smithy/service-error-classification@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-utf8@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/signature-v4@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/is-array-buffer@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-hex-encoding@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-uri-escape@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "strnum@1.0.5" + }, + { + "ref": "@smithy/property-provider@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-stream@3.0.1", + "dependsOn": [ + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/credential-provider-imds@3.1.0", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/shared-ini-file-loader@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-config-provider@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "bowser@2.11.0" + }, + { + "ref": "@smithy/querystring-builder@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-buffer-from@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/service-error-classification@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0" + ] + }, + { + "ref": "uuid@9.0.1" + }, + { + "ref": "@smithy/querystring-parser@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@e965/xlsx@0.20.1" + }, + { + "ref": "@mitre/emass_client@3.10.0", + "dependsOn": [ + "@mitre/emass_client@3.10.0|axios@0.21.4" + ] + }, + { + "ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "dependsOn": [ + "follow-redirects@1.15.6" + ] + }, + { + "ref": "follow-redirects@1.15.6" + }, + { + "ref": "@mitre/hdf-converters@2.10.8", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@e965/xlsx@0.20.1", + "@mdi/js@7.4.47", + "@mitre/jsonix@3.0.7", + "@smithy/node-http-handler@3.0.0", + "@types/csv2json@1.4.5", + "@types/ms@0.7.34", + "@types/mustache@4.2.5", + "@types/papaparse@5.3.14", + "@types/revalidator@0.3.12", + "@types/triple-beam@1.3.5", + "@types/validator@13.12.0", + "@types/xml2js@0.4.14", + "axios@1.7.2", + "compare-versions@6.1.0", + "csv2json@2.0.2", + "fast-xml-parser@4.4.0", + "html-entities@2.5.2", + "htmlparser2@9.1.0", + "inspecjs@2.10.8", + "lodash@4.17.21", + "moment@2.30.1", + "ms@2.1.3", + "mustache@4.2.0", + "papaparse@5.4.1", + "revalidator@0.3.1", + "run-script-os@1.1.6", + "semver@7.6.2", + "tailwindcss@3.4.3", + "tw-elements@1.1.0", + "validator@13.12.0", + "winston@3.13.0", + "xml-formatter@3.6.2", + "xml-parser-xo@4.1.1", + "xml2js@0.6.2", + "yaml@2.4.3" + ] + }, + { + "ref": "@mdi/js@7.4.47" + }, + { + "ref": "@mitre/jsonix@3.0.7", + "dependsOn": [ + "@xmldom/xmldom@0.8.10", + "amdefine@0.0.4", + "xmlhttprequest@1.8.0" + ] + }, + { + "ref": "@xmldom/xmldom@0.8.10" + }, + { + "ref": "amdefine@0.0.4" + }, + { + "ref": "xmlhttprequest@1.8.0" + }, + { + "ref": "@types/csv2json@1.4.5", + "dependsOn": [ + "@types/pumpify@1.4.4" + ] + }, + { + "ref": "@types/pumpify@1.4.4", + "dependsOn": [ + "@types/duplexify@3.6.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/duplexify@3.6.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/node@20.14.1", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/ms@0.7.34" + }, + { + "ref": "@types/mustache@4.2.5" + }, + { + "ref": "@types/papaparse@5.3.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/revalidator@0.3.12" + }, + { + "ref": "@types/triple-beam@1.3.5" + }, + { + "ref": "@types/validator@13.12.0" + }, + { + "ref": "@types/xml2js@0.4.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "axios@1.7.2", + "dependsOn": [ + "follow-redirects@1.15.6", + "form-data@4.0.0", + "proxy-from-env@1.1.0" + ] + }, + { + "ref": "compare-versions@6.1.0" + }, + { + "ref": "csv2json@2.0.2", + "dependsOn": [ + "csv-parser@2.3.5", + "exec-promise@0.7.0", + "minimist@1.2.8", + "promise-toolbox@0.14.0", + "pump@3.0.0", + "pumpify@2.0.1", + "strip-bom-stream@4.0.0", + "through2@3.0.2" + ] + }, + { + "ref": "csv-parser@2.3.5", + "dependsOn": [ + "minimist@1.2.8", + "through2@3.0.2" + ] + }, + { + "ref": "minimist@1.2.8" + }, + { + "ref": "through2@3.0.2", + "dependsOn": [ + "inherits@2.0.4", + "readable-stream@3.6.2" + ] + }, + { + "ref": "exec-promise@0.7.0", + "dependsOn": [ + "log-symbols@1.0.2" + ] + }, + { + "ref": "log-symbols@1.0.2", + "dependsOn": [ + "log-symbols@1.0.2|chalk@1.1.3" + ] + }, + { + "ref": "log-symbols@1.0.2|chalk@1.1.3", + "dependsOn": [ + "log-symbols@1.0.2|ansi-styles@2.2.1", + "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "has-ansi@2.0.0", + "log-symbols@1.0.2|strip-ansi@3.0.1", + "log-symbols@1.0.2|supports-color@2.0.0" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-styles@2.2.1" + }, + { + "ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "log-symbols@1.0.2|ansi-regex@2.1.1" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-regex@2.1.1" + }, + { + "ref": "log-symbols@1.0.2|supports-color@2.0.0" + }, + { + "ref": "has-ansi@2.0.0", + "dependsOn": [ + "has-ansi@2.0.0|ansi-regex@2.1.1" + ] + }, + { + "ref": "has-ansi@2.0.0|ansi-regex@2.1.1" + }, + { + "ref": "promise-toolbox@0.14.0", + "dependsOn": [ + "make-error@1.3.6" + ] + }, + { + "ref": "make-error@1.3.6" + }, + { + "ref": "pump@3.0.0", + "dependsOn": [ + "end-of-stream@1.4.4", + "once@1.4.0" + ] + }, + { + "ref": "end-of-stream@1.4.4", + "dependsOn": [ + "once@1.4.0" + ] + }, + { + "ref": "once@1.4.0", + "dependsOn": [ + "wrappy@1.0.2" + ] + }, + { + "ref": "pumpify@2.0.1", + "dependsOn": [ + "duplexify@4.1.3", + "inherits@2.0.4", + "pump@3.0.0" + ] + }, + { + "ref": "duplexify@4.1.3", + "dependsOn": [ + "end-of-stream@1.4.4", + "inherits@2.0.4", + "readable-stream@3.6.2", + "stream-shift@1.0.3" + ] + }, + { + "ref": "inherits@2.0.4" + }, + { + "ref": "readable-stream@3.6.2", + "dependsOn": [ + "inherits@2.0.4", + "string_decoder@1.3.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "stream-shift@1.0.3" + }, + { + "ref": "strip-bom-stream@4.0.0", + "dependsOn": [ + "first-chunk-stream@3.0.0", + "strip-bom-buf@2.0.0" + ] + }, + { + "ref": "first-chunk-stream@3.0.0" + }, + { + "ref": "strip-bom-buf@2.0.0", + "dependsOn": [ + "is-utf8@0.2.1" + ] + }, + { + "ref": "is-utf8@0.2.1" + }, + { + "ref": "fast-xml-parser@4.4.0", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "html-entities@2.5.2" + }, + { + "ref": "htmlparser2@9.1.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "domutils@3.1.0", + "entities@4.5.0" + ] + }, + { + "ref": "inspecjs@2.10.8" + }, + { + "ref": "lodash@4.17.21" + }, + { + "ref": "moment@2.30.1" + }, + { + "ref": "ms@2.1.3" + }, + { + "ref": "mustache@4.2.0" + }, + { + "ref": "papaparse@5.4.1" + }, + { + "ref": "revalidator@0.3.1" + }, + { + "ref": "run-script-os@1.1.6" + }, + { + "ref": "semver@7.6.2" + }, + { + "ref": "tailwindcss@3.4.3", + "dependsOn": [ + "@alloc/quick-lru@5.2.0", + "arg@5.0.2", + "chokidar@3.5.3", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "postcss-import@15.1.0", + "postcss-js@4.0.1", + "postcss-load-config@4.0.2", + "postcss-nested@6.0.1", + "postcss-selector-parser@6.0.16", + "postcss@8.4.38", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "@alloc/quick-lru@5.2.0" + }, + { + "ref": "arg@5.0.2" + }, + { + "ref": "chokidar@3.5.3", + "dependsOn": [ + "anymatch@3.1.3", + "braces@3.0.2", + "fsevents@2.3.3", + "chokidar@3.5.3|glob-parent@5.1.2", + "is-binary-path@2.1.0", + "is-glob@4.0.3", + "normalize-path@3.0.0", + "readdirp@3.6.0" + ] + }, + { + "ref": "chokidar@3.5.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "didyoumean@1.2.2" + }, + { + "ref": "dlv@1.1.3" + }, + { + "ref": "fast-glob@3.3.2", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "@nodelib/fs.walk@1.2.8", + "fast-glob@3.3.2|glob-parent@5.1.2", + "merge2@1.4.1", + "micromatch@4.0.5" + ] + }, + { + "ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "@nodelib/fs.stat@2.0.5" + }, + { + "ref": "@nodelib/fs.walk@1.2.8", + "dependsOn": [ + "@nodelib/fs.scandir@2.1.5", + "fastq@1.17.1" + ] + }, + { + "ref": "is-glob@4.0.3", + "dependsOn": [ + "is-extglob@2.1.1" + ] + }, + { + "ref": "merge2@1.4.1" + }, + { + "ref": "micromatch@4.0.5", + "dependsOn": [ + "braces@3.0.2", + "picomatch@2.3.1" + ] + }, + { + "ref": "glob-parent@6.0.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "jiti@1.21.0" + }, + { + "ref": "lilconfig@2.1.0" + }, + { + "ref": "braces@3.0.2", + "dependsOn": [ + "fill-range@7.0.1" + ] + }, + { + "ref": "picomatch@2.3.1" + }, + { + "ref": "normalize-path@3.0.0" + }, + { + "ref": "object-hash@3.0.0" + }, + { + "ref": "picocolors@1.0.0" + }, + { + "ref": "postcss-import@15.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "postcss-value-parser@4.2.0" + }, + { + "ref": "postcss@8.4.38", + "dependsOn": [ + "nanoid@3.3.7", + "picocolors@1.0.0", + "source-map-js@1.2.0" + ] + }, + { + "ref": "read-cache@1.0.0", + "dependsOn": [ + "pify@2.3.0" + ] + }, + { + "ref": "pify@2.3.0" + }, + { + "ref": "resolve@1.22.8", + "dependsOn": [ + "is-core-module@2.13.1", + "path-parse@1.0.7", + "supports-preserve-symlinks-flag@1.0.0" + ] + }, + { + "ref": "postcss-js@4.0.1", + "dependsOn": [ + "camelcase-css@2.0.1", + "postcss@8.4.38" + ] + }, + { + "ref": "camelcase-css@2.0.1" + }, + { + "ref": "postcss-load-config@4.0.2", + "dependsOn": [ + "postcss-load-config@4.0.2|lilconfig@3.1.1", + "postcss@8.4.38", + "ts-node@10.9.2", + "yaml@2.4.3" + ] + }, + { + "ref": "postcss-load-config@4.0.2|lilconfig@3.1.1" + }, + { + "ref": "ts-node@10.9.2", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1", + "@tsconfig/node10@1.0.11", + "@tsconfig/node12@1.0.11", + "@tsconfig/node14@1.0.3", + "@tsconfig/node16@1.0.4", + "@types/node@20.14.1", + "acorn-walk@8.3.2", + "acorn@8.11.3", + "ts-node@10.9.2|arg@4.1.3", + "create-require@1.1.1", + "diff@4.0.2", + "make-error@1.3.6", + "typescript@5.1.6", + "v8-compile-cache-lib@3.0.1", + "yn@3.1.1" + ] + }, + { + "ref": "ts-node@10.9.2|arg@4.1.3" + }, + { + "ref": "yaml@2.4.3" + }, + { + "ref": "postcss-nested@6.0.1", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "postcss-selector-parser@6.0.16", + "dependsOn": [ + "cssesc@3.0.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "cssesc@3.0.0" + }, + { + "ref": "util-deprecate@1.0.2" + }, + { + "ref": "nanoid@3.3.7" + }, + { + "ref": "source-map-js@1.2.0" + }, + { + "ref": "is-core-module@2.13.1", + "dependsOn": [ + "hasown@2.0.2" + ] + }, + { + "ref": "path-parse@1.0.7" + }, + { + "ref": "supports-preserve-symlinks-flag@1.0.0" + }, + { + "ref": "sucrase@3.35.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "sucrase@3.35.0|commander@4.1.1", + "sucrase@3.35.0|glob@10.3.12", + "lines-and-columns@1.2.4", + "mz@2.7.0", + "pirates@4.0.6", + "ts-interface-checker@0.1.13" + ] + }, + { + "ref": "sucrase@3.35.0|commander@4.1.1" + }, + { + "ref": "sucrase@3.35.0|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "sucrase@3.35.0|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "sucrase@3.35.0|minipass@7.0.4" + }, + { + "ref": "@jridgewell/gen-mapping@0.3.5", + "dependsOn": [ + "@jridgewell/set-array@1.2.1", + "@jridgewell/sourcemap-codec@1.4.15", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "@jridgewell/set-array@1.2.1" + }, + { + "ref": "@jridgewell/sourcemap-codec@1.4.15" + }, + { + "ref": "@jridgewell/trace-mapping@0.3.25", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "foreground-child@3.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "foreground-child@3.1.1|signal-exit@4.1.0" + ] + }, + { + "ref": "foreground-child@3.1.1|signal-exit@4.1.0" + }, + { + "ref": "cross-spawn@7.0.3", + "dependsOn": [ + "path-key@3.1.1", + "shebang-command@2.0.0", + "which@2.0.2" + ] + }, + { + "ref": "jackspeak@2.3.6", + "dependsOn": [ + "@isaacs/cliui@8.0.2", + "@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2", + "dependsOn": [ + "string-width@4.2.3", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.5h3h9846p8.g5nk6qdc128", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "wrap-ansi@7.0.0", + "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "eastasianwidth@0.2.0", + "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1" + }, + { + "ref": "string-width@4.2.3", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "emoji-regex@8.0.0" + }, + { + "ref": "is-fullwidth-code-point@3.0.0" + }, + { + "ref": "strip-ansi@6.0.1", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "ansi-regex@5.0.1" + }, + { + "ref": "wrap-ansi@7.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-styles@4.3.0", + "dependsOn": [ + "color-convert@2.0.1" + ] + }, + { + "ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@pkgjs/parseargs@0.11.0" + }, + { + "ref": "minimatch@9.0.4", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "path-scurry@1.10.2", + "dependsOn": [ + "path-scurry@1.10.2|lru-cache@10.2.0", + "path-scurry@1.10.2|minipass@7.0.4" + ] + }, + { + "ref": "path-scurry@1.10.2|lru-cache@10.2.0" + }, + { + "ref": "path-scurry@1.10.2|minipass@7.0.4" + }, + { + "ref": "lines-and-columns@1.2.4" + }, + { + "ref": "mz@2.7.0", + "dependsOn": [ + "any-promise@1.3.0", + "object-assign@4.1.1", + "thenify-all@1.6.0" + ] + }, + { + "ref": "any-promise@1.3.0" + }, + { + "ref": "object-assign@4.1.1" + }, + { + "ref": "thenify-all@1.6.0", + "dependsOn": [ + "thenify@3.3.1" + ] + }, + { + "ref": "thenify@3.3.1", + "dependsOn": [ + "any-promise@1.3.0" + ] + }, + { + "ref": "pirates@4.0.6" + }, + { + "ref": "ts-interface-checker@0.1.13" + }, + { + "ref": "tw-elements@1.1.0", + "dependsOn": [ + "@popperjs/core@2.11.8", + "chart.js@3.9.1", + "chartjs-plugin-datalabels@2.2.0", + "deepmerge@4.3.1", + "detect-autofill@1.1.4", + "perfect-scrollbar@1.5.5", + "tw-elements@1.1.0|tailwindcss@3.3.0" + ] + }, + { + "ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "dependsOn": [ + "arg@5.0.2", + "chokidar@3.5.3", + "color-name@1.1.4", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "tw-elements@1.1.0|postcss-import@14.1.0", + "postcss-js@4.0.1", + "tw-elements@1.1.0|postcss-load-config@3.1.4", + "tw-elements@1.1.0|postcss-nested@6.0.0", + "postcss-selector-parser@6.0.16", + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "quick-lru@5.1.1", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "dependsOn": [ + "lilconfig@2.1.0", + "postcss@8.4.38", + "ts-node@10.9.2", + "tw-elements@1.1.0|yaml@1.10.2" + ] + }, + { + "ref": "tw-elements@1.1.0|yaml@1.10.2" + }, + { + "ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "@popperjs/core@2.11.8" + }, + { + "ref": "chart.js@3.9.1" + }, + { + "ref": "chartjs-plugin-datalabels@2.2.0", + "dependsOn": [ + "chart.js@3.9.1" + ] + }, + { + "ref": "deepmerge@4.3.1" + }, + { + "ref": "detect-autofill@1.1.4", + "dependsOn": [ + "custom-event-polyfill@1.0.7" + ] + }, + { + "ref": "custom-event-polyfill@1.0.7" + }, + { + "ref": "perfect-scrollbar@1.5.5" + }, + { + "ref": "color-name@1.1.4" + }, + { + "ref": "quick-lru@5.1.1" + }, + { + "ref": "validator@13.12.0" + }, + { + "ref": "winston@3.13.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@dabh/diagnostics@2.0.3", + "async@3.2.5", + "is-stream@2.0.1", + "logform@2.6.0", + "one-time@1.0.0", + "readable-stream@3.6.2", + "safe-stable-stringify@2.4.3", + "stack-trace@0.0.10", + "triple-beam@1.4.1", + "winston-transport@4.7.0" + ] + }, + { + "ref": "xml-formatter@3.6.2", + "dependsOn": [ + "xml-parser-xo@4.1.1" + ] + }, + { + "ref": "xml-parser-xo@4.1.1" + }, + { + "ref": "xml2js@0.6.2", + "dependsOn": [ + "sax@1.2.1", + "xmlbuilder@11.0.1" + ] + }, + { + "ref": "@mitre/heimdall-lite@2.10.9", + "dependsOn": [ + "express@4.19.2" + ] + }, + { + "ref": "express@4.19.2", + "dependsOn": [ + "accepts@1.3.8", + "array-flatten@1.1.1", + "body-parser@1.20.2", + "content-disposition@0.5.4", + "content-type@1.0.5", + "cookie-signature@1.0.6", + "cookie@0.6.0", + "express@4.19.2|debug@2.6.9", + "depd@2.0.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "finalhandler@1.2.0", + "fresh@0.5.2", + "http-errors@2.0.0", + "merge-descriptors@1.0.1", + "methods@1.1.2", + "on-finished@2.4.1", + "parseurl@1.3.3", + "path-to-regexp@0.1.7", + "proxy-addr@2.0.7", + "qs@6.11.0", + "range-parser@1.2.1", + "safe-buffer@5.2.1", + "send@0.18.0", + "serve-static@1.15.0", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "type-is@1.6.18", + "utils-merge@1.0.1", + "vary@1.1.2" + ] + }, + { + "ref": "express@4.19.2|debug@2.6.9", + "dependsOn": [ + "express@4.19.2|ms@2.0.0" + ] + }, + { + "ref": "express@4.19.2|ms@2.0.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1", + "dependsOn": [ + "@types/flat@5.0.5", + "@types/he@1.2.3", + "@types/json-diff@0.7.0", + "@types/jstoxml@2.0.4", + "@types/lodash@4.17.4", + "@types/mustache@4.2.5", + "@types/pretty@2.0.3", + "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "flat@5.0.2", + "he@1.2.0", + "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "inspecjs@2.10.8", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json-diff@0.9.1", + "jstoxml@3.2.10", + "lodash@4.17.21", + "mustache@4.2.0", + "pretty@2.0.0", + "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "winston@3.13.0", + "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "@mitre/inspec-objects@1.0.1|entities@3.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "rimraf@3.0.2", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "terminal-link@2.1.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "dependsOn": [ + "@types/node@20.14.1", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "dependsOn": [ + "execa@5.1.1", + "p-limit@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "micromatch@4.0.5", + "parse-json@5.2.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "is-generator-fn@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "p-limit@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/babel__traverse@7.20.5", + "@types/prettier@2.7.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "natural-compare@1.4.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "semver@7.6.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "ansi-regex@5.0.1", + "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "execa@5.1.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "jest-pnp-resolver@1.2.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "leven@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "string-length@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "prompts@2.4.2", + "yargs@17.7.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + }, + { + "ref": "@types/flat@5.0.5" + }, + { + "ref": "@types/he@1.2.3" + }, + { + "ref": "@types/json-diff@0.7.0" + }, + { + "ref": "@types/jstoxml@2.0.4" + }, + { + "ref": "@types/lodash@4.17.4" + }, + { + "ref": "@types/pretty@2.0.3" + }, + { + "ref": "flat@5.0.2" + }, + { + "ref": "he@1.2.0" + }, + { + "ref": "domelementtype@2.3.0" + }, + { + "ref": "chalk@4.1.2", + "dependsOn": [ + "ansi-styles@4.3.0", + "chalk@4.1.2|supports-color@7.2.0" + ] + }, + { + "ref": "chalk@4.1.2|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "slash@3.0.0" + }, + { + "ref": "@bcoe/v8-coverage@0.2.3" + }, + { + "ref": "collect-v8-coverage@1.0.2" + }, + { + "ref": "exit@0.1.2" + }, + { + "ref": "glob@7.2.3", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "glob@7.2.3|minimatch@3.1.2", + "once@1.4.0", + "path-is-absolute@1.0.1" + ] + }, + { + "ref": "glob@7.2.3|minimatch@3.1.2", + "dependsOn": [ + "glob@7.2.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "glob@7.2.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "graceful-fs@4.2.11" + }, + { + "ref": "istanbul-lib-coverage@3.2.2" + }, + { + "ref": "@babel/core@7.24.4", + "dependsOn": [ + "@ampproject/remapping@2.3.0", + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-compilation-targets@7.23.6", + "@babel/helper-module-transforms@7.23.3", + "@babel/helpers@7.24.4", + "@babel/parser@7.24.4", + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "convert-source-map@2.0.0", + "debug@4.3.4", + "gensync@1.0.0-beta.2", + "json5@2.2.3", + "@babel/core@7.24.4|semver@6.3.1" + ] + }, + { + "ref": "@babel/core@7.24.4|semver@6.3.1" + }, + { + "ref": "@babel/parser@7.24.4" + }, + { + "ref": "@istanbuljs/schema@0.1.3" + }, + { + "ref": "istanbul-lib-report@3.0.1", + "dependsOn": [ + "istanbul-lib-coverage@3.2.2", + "make-dir@4.0.0", + "istanbul-lib-report@3.0.1|supports-color@7.2.0" + ] + }, + { + "ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "istanbul-lib-source-maps@4.0.1", + "dependsOn": [ + "debug@4.3.4", + "istanbul-lib-coverage@3.2.2", + "source-map@0.6.1" + ] + }, + { + "ref": "istanbul-reports@3.1.7", + "dependsOn": [ + "html-escaper@2.0.2", + "istanbul-lib-report@3.0.1" + ] + }, + { + "ref": "merge-stream@2.0.0" + }, + { + "ref": "supports-color@8.1.1", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "string-length@4.0.2", + "dependsOn": [ + "char-regex@1.0.2", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "terminal-link@2.1.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "supports-hyperlinks@2.3.0" + ] + }, + { + "ref": "ansi-escapes@4.3.2", + "dependsOn": [ + "type-fest@0.21.3" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0", + "dependsOn": [ + "has-flag@4.0.0", + "supports-hyperlinks@2.3.0|supports-color@7.2.0" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "v8-to-istanbul@9.2.0", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "@types/istanbul-lib-coverage@2.0.6", + "convert-source-map@2.0.0" + ] + }, + { + "ref": "@types/istanbul-lib-coverage@2.0.6" + }, + { + "ref": "babel-plugin-istanbul@6.1.1", + "dependsOn": [ + "@babel/helper-plugin-utils@7.24.0", + "@istanbuljs/load-nyc-config@1.1.0", + "@istanbuljs/schema@0.1.3", + "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "test-exclude@6.0.0" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "babel-plugin-istanbul@6.1.1|semver@6.3.1" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1" + }, + { + "ref": "fast-json-stable-stringify@2.1.0" + }, + { + "ref": "write-file-atomic@4.0.2", + "dependsOn": [ + "imurmurhash@0.1.4", + "signal-exit@3.0.7" + ] + }, + { + "ref": "execa@5.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "get-stream@6.0.1", + "human-signals@2.1.0", + "is-stream@2.0.1", + "merge-stream@2.0.0", + "npm-run-path@4.0.1", + "onetime@5.1.2", + "signal-exit@3.0.7", + "strip-final-newline@2.0.0" + ] + }, + { + "ref": "p-limit@3.1.0", + "dependsOn": [ + "yocto-queue@0.1.0" + ] + }, + { + "ref": "co@4.6.0" + }, + { + "ref": "is-generator-fn@2.1.0" + }, + { + "ref": "stack-utils@2.0.6", + "dependsOn": [ + "stack-utils@2.0.6|escape-string-regexp@2.0.0" + ] + }, + { + "ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0" + }, + { + "ref": "parse-json@5.2.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "error-ex@1.3.2", + "json-parse-even-better-errors@2.3.1", + "lines-and-columns@1.2.4" + ] + }, + { + "ref": "strip-json-comments@3.1.1" + }, + { + "ref": "@types/graceful-fs@4.1.9", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "anymatch@3.1.3", + "dependsOn": [ + "normalize-path@3.0.0", + "picomatch@2.3.1" + ] + }, + { + "ref": "fb-watchman@2.0.2", + "dependsOn": [ + "bser@2.1.1" + ] + }, + { + "ref": "fsevents@2.3.3" + }, + { + "ref": "walker@1.0.8", + "dependsOn": [ + "makeerror@1.0.12" + ] + }, + { + "ref": "@babel/code-frame@7.24.2", + "dependsOn": [ + "@babel/highlight@7.24.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "@types/stack-utils@2.0.3" + }, + { + "ref": "jest-pnp-resolver@1.2.3", + "dependsOn": [ + "jest-resolve@29.7.0" + ] + }, + { + "ref": "detect-newline@3.1.0" + }, + { + "ref": "source-map-support@0.5.13", + "dependsOn": [ + "buffer-from@1.1.2", + "source-map@0.6.1" + ] + }, + { + "ref": "type-detect@4.0.8" + }, + { + "ref": "callsites@3.1.0" + }, + { + "ref": "cjs-module-lexer@1.2.3" + }, + { + "ref": "strip-bom@4.0.0" + }, + { + "ref": "@babel/generator@7.24.4", + "dependsOn": [ + "@babel/types@7.24.0", + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25", + "@babel/generator@7.24.4|jsesc@2.5.2" + ] + }, + { + "ref": "@babel/generator@7.24.4|jsesc@2.5.2" + }, + { + "ref": "@babel/plugin-syntax-typescript@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-function-name@7.23.0", + "@babel/helper-hoist-variables@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "debug@4.3.4", + "@babel/traverse@7.24.1|globals@11.12.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1|globals@11.12.0" + }, + { + "ref": "@babel/types@7.24.0", + "dependsOn": [ + "@babel/helper-string-parser@7.24.1", + "@babel/helper-validator-identifier@7.22.20", + "to-fast-properties@2.0.0" + ] + }, + { + "ref": "@types/babel__traverse@7.20.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/prettier@2.7.3" + }, + { + "ref": "babel-preset-current-node-syntax@1.0.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/plugin-syntax-async-generators@7.8.4", + "@babel/plugin-syntax-bigint@7.8.3", + "@babel/plugin-syntax-class-properties@7.12.13", + "@babel/plugin-syntax-import-meta@7.10.4", + "@babel/plugin-syntax-json-strings@7.8.3", + "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "@babel/plugin-syntax-numeric-separator@7.10.4", + "@babel/plugin-syntax-object-rest-spread@7.8.3", + "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "@babel/plugin-syntax-optional-chaining@7.8.3", + "@babel/plugin-syntax-top-level-await@7.14.5" + ] + }, + { + "ref": "natural-compare@1.4.0" + }, + { + "ref": "leven@3.1.0" + }, + { + "ref": "react-is@18.2.0" + }, + { + "ref": "rimraf@3.0.2", + "dependsOn": [ + "glob@7.2.3" + ] + }, + { + "ref": "@types/istanbul-reports@3.0.4", + "dependsOn": [ + "@types/istanbul-lib-report@3.0.3" + ] + }, + { + "ref": "@types/yargs@17.0.32", + "dependsOn": [ + "@types/yargs-parser@21.0.3" + ] + }, + { + "ref": "import-local@3.1.0", + "dependsOn": [ + "pkg-dir@4.2.0", + "resolve-cwd@3.0.0" + ] + }, + { + "ref": "prompts@2.4.2", + "dependsOn": [ + "kleur@3.0.3", + "sisteransi@1.0.5" + ] + }, + { + "ref": "kleur@3.0.3" + }, + { + "ref": "sisteransi@1.0.5" + }, + { + "ref": "yargs@17.7.2", + "dependsOn": [ + "cliui@8.0.1", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs@17.7.2|yargs-parser@21.1.1" + ] + }, + { + "ref": "yargs@17.7.2|yargs-parser@21.1.1" + }, + { + "ref": "json-diff@0.9.1", + "dependsOn": [ + "cli-color@2.0.4", + "difflib@0.2.4", + "dreamopt@0.8.0" + ] + }, + { + "ref": "cli-color@2.0.4", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "memoizee@0.4.15", + "timers-ext@0.1.7" + ] + }, + { + "ref": "d@1.0.2", + "dependsOn": [ + "es5-ext@0.10.64", + "type@2.7.2" + ] + }, + { + "ref": "es5-ext@0.10.64", + "dependsOn": [ + "es6-iterator@2.0.3", + "es6-symbol@3.1.4", + "esniff@2.0.1", + "next-tick@1.1.0" + ] + }, + { + "ref": "type@2.7.2" + }, + { + "ref": "es6-iterator@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "es6-symbol@3.1.4", + "dependsOn": [ + "d@1.0.2", + "ext@1.7.0" + ] + }, + { + "ref": "ext@1.7.0", + "dependsOn": [ + "type@2.7.2" + ] + }, + { + "ref": "esniff@2.0.1", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "event-emitter@0.3.5", + "type@2.7.2" + ] + }, + { + "ref": "event-emitter@0.3.5", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64" + ] + }, + { + "ref": "next-tick@1.1.0" + }, + { + "ref": "memoizee@0.4.15", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-weak-map@2.0.3", + "event-emitter@0.3.5", + "is-promise@2.2.2", + "lru-queue@0.1.0", + "next-tick@1.1.0", + "timers-ext@0.1.7" + ] + }, + { + "ref": "es6-weak-map@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "is-promise@2.2.2" + }, + { + "ref": "lru-queue@0.1.0", + "dependsOn": [ + "es5-ext@0.10.64" + ] + }, + { + "ref": "timers-ext@0.1.7", + "dependsOn": [ + "es5-ext@0.10.64", + "next-tick@1.1.0" + ] + }, + { + "ref": "difflib@0.2.4", + "dependsOn": [ + "heap@0.2.7" + ] + }, + { + "ref": "heap@0.2.7" + }, + { + "ref": "dreamopt@0.8.0", + "dependsOn": [ + "wordwrap@1.0.0" + ] + }, + { + "ref": "wordwrap@1.0.0" + }, + { + "ref": "jstoxml@3.2.10" + }, + { + "ref": "pretty@2.0.0", + "dependsOn": [ + "condense-newlines@0.2.1", + "extend-shallow@2.0.1", + "js-beautify@1.15.1" + ] + }, + { + "ref": "condense-newlines@0.2.1", + "dependsOn": [ + "extend-shallow@2.0.1", + "is-whitespace@0.3.0", + "kind-of@3.2.2" + ] + }, + { + "ref": "extend-shallow@2.0.1", + "dependsOn": [ + "is-extendable@0.1.1" + ] + }, + { + "ref": "is-whitespace@0.3.0" + }, + { + "ref": "kind-of@3.2.2", + "dependsOn": [ + "is-buffer@1.1.6" + ] + }, + { + "ref": "is-buffer@1.1.6" + }, + { + "ref": "is-extendable@0.1.1" + }, + { + "ref": "js-beautify@1.15.1", + "dependsOn": [ + "config-chain@1.1.13", + "editorconfig@1.0.4", + "js-beautify@1.15.1|glob@10.3.12", + "js-cookie@3.0.5", + "nopt@7.2.0" + ] + }, + { + "ref": "js-beautify@1.15.1|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "js-beautify@1.15.1|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "js-beautify@1.15.1|minipass@7.0.4" + }, + { + "ref": "config-chain@1.1.13", + "dependsOn": [ + "ini@1.3.8", + "proto-list@1.2.4" + ] + }, + { + "ref": "ini@1.3.8" + }, + { + "ref": "proto-list@1.2.4" + }, + { + "ref": "editorconfig@1.0.4", + "dependsOn": [ + "@one-ini/wasm@0.1.1", + "commander@10.0.1", + "editorconfig@1.0.4|minimatch@9.0.1", + "semver@7.6.2" + ] + }, + { + "ref": "editorconfig@1.0.4|minimatch@9.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "@one-ini/wasm@0.1.1" + }, + { + "ref": "commander@10.0.1" + }, + { + "ref": "brace-expansion@2.0.1", + "dependsOn": [ + "balanced-match@1.0.2" + ] + }, + { + "ref": "js-cookie@3.0.5" + }, + { + "ref": "nopt@7.2.0", + "dependsOn": [ + "abbrev@2.0.0" + ] + }, + { + "ref": "abbrev@2.0.0" + }, + { + "ref": "@types/babel__core@7.20.5", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "@types/babel__generator@7.6.8", + "@types/babel__template@7.4.4", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@babel/template@7.24.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "bs-logger@0.2.6", + "dependsOn": [ + "fast-json-stable-stringify@2.1.0" + ] + }, + { + "ref": "json5@2.2.3" + }, + { + "ref": "lodash.memoize@4.1.2" + }, + { + "ref": "@oclif/core@3.26.9", + "dependsOn": [ + "@types/cli-progress@3.11.5", + "ansi-escapes@4.3.2", + "ansi-styles@4.3.0", + "cardinal@2.1.1", + "chalk@4.1.2", + "clean-stack@3.0.1", + "cli-progress@3.12.0", + "color@4.2.3", + "@oclif/core@3.26.9|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "hyperlinker@1.0.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "@oclif/core@3.26.9|js-yaml@3.14.1", + "minimatch@9.0.4", + "natural-orderby@2.0.3", + "object-treeify@1.1.33", + "password-prompt@1.1.3", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "supports-color@8.1.1", + "supports-hyperlinks@2.3.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/core@3.26.9|debug@4.3.5", + "dependsOn": [ + "@oclif/core@3.26.9|ms@2.1.2" + ] + }, + { + "ref": "@oclif/core@3.26.9|ms@2.1.2" + }, + { + "ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "dependsOn": [ + "@oclif/core@3.26.9|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@oclif/core@3.26.9|argparse@1.0.10", + "dependsOn": [ + "@oclif/core@3.26.9|sprintf-js@1.0.3" + ] + }, + { + "ref": "@oclif/core@3.26.9|sprintf-js@1.0.3" + }, + { + "ref": "@types/cli-progress@3.11.5", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "type-fest@0.21.3" + }, + { + "ref": "color-convert@2.0.1", + "dependsOn": [ + "color-name@1.1.4" + ] + }, + { + "ref": "cardinal@2.1.1", + "dependsOn": [ + "ansicolors@0.3.2", + "redeyed@2.1.1" + ] + }, + { + "ref": "ansicolors@0.3.2" + }, + { + "ref": "redeyed@2.1.1", + "dependsOn": [ + "esprima@4.0.1" + ] + }, + { + "ref": "esprima@4.0.1" + }, + { + "ref": "has-flag@4.0.0" + }, + { + "ref": "clean-stack@3.0.1", + "dependsOn": [ + "escape-string-regexp@4.0.0" + ] + }, + { + "ref": "escape-string-regexp@4.0.0" + }, + { + "ref": "cli-progress@3.12.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "color@4.2.3", + "dependsOn": [ + "color-convert@2.0.1", + "color-string@1.9.1" + ] + }, + { + "ref": "color-string@1.9.1", + "dependsOn": [ + "color-name@1.1.4", + "simple-swizzle@0.2.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2", + "dependsOn": [ + "simple-swizzle@0.2.2|is-arrayish@0.3.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2" + }, + { + "ref": "ejs@3.1.10", + "dependsOn": [ + "jake@10.8.7" + ] + }, + { + "ref": "jake@10.8.7", + "dependsOn": [ + "async@3.2.5", + "chalk@4.1.2", + "filelist@1.0.4", + "jake@10.8.7|minimatch@3.1.2" + ] + }, + { + "ref": "jake@10.8.7|minimatch@3.1.2", + "dependsOn": [ + "jake@10.8.7|brace-expansion@1.1.11" + ] + }, + { + "ref": "jake@10.8.7|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "async@3.2.5" + }, + { + "ref": "filelist@1.0.4", + "dependsOn": [ + "filelist@1.0.4|minimatch@5.1.6" + ] + }, + { + "ref": "filelist@1.0.4|minimatch@5.1.6", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "balanced-match@1.0.2" + }, + { + "ref": "concat-map@0.0.1" + }, + { + "ref": "get-package-type@0.1.0" + }, + { + "ref": "globby@11.1.0", + "dependsOn": [ + "array-union@2.1.0", + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "slash@3.0.0" + ] + }, + { + "ref": "array-union@2.1.0" + }, + { + "ref": "dir-glob@3.0.1", + "dependsOn": [ + "path-type@4.0.0" + ] + }, + { + "ref": "path-type@4.0.0" + }, + { + "ref": "ignore@5.3.1" + }, + { + "ref": "hyperlinker@1.0.0" + }, + { + "ref": "indent-string@4.0.0" + }, + { + "ref": "is-wsl@2.2.0", + "dependsOn": [ + "is-docker@2.2.1" + ] + }, + { + "ref": "is-docker@2.2.1" + }, + { + "ref": "natural-orderby@2.0.3" + }, + { + "ref": "object-treeify@1.1.33" + }, + { + "ref": "password-prompt@1.1.3", + "dependsOn": [ + "ansi-escapes@4.3.2", + "cross-spawn@7.0.3" + ] + }, + { + "ref": "slice-ansi@4.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "astral-regex@2.0.0", + "is-fullwidth-code-point@3.0.0" + ] + }, + { + "ref": "astral-regex@2.0.0" + }, + { + "ref": "widest-line@3.1.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0", + "dependsOn": [ + "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0" + }, + { + "ref": "ansis@3.2.0" + }, + { + "ref": "cli-spinners@2.9.2" + }, + { + "ref": "cosmiconfig@9.0.0", + "dependsOn": [ + "env-paths@2.2.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "parse-json@5.2.0", + "typescript@5.1.6" + ] + }, + { + "ref": "env-paths@2.2.1" + }, + { + "ref": "import-fresh@3.3.0", + "dependsOn": [ + "parent-module@1.0.1", + "resolve-from@4.0.0" + ] + }, + { + "ref": "js-yaml@4.1.0", + "dependsOn": [ + "argparse@2.0.1" + ] + }, + { + "ref": "error-ex@1.3.2", + "dependsOn": [ + "is-arrayish@0.2.1" + ] + }, + { + "ref": "json-parse-even-better-errors@2.3.1" + }, + { + "ref": "typescript@5.1.6" + }, + { + "ref": "debug@4.3.4", + "dependsOn": [ + "debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "debug@4.3.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "npm@10.8.0", + "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "semver@7.6.2", + "validate-npm-package-name@5.0.1", + "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2", + "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "semver@7.6.2", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + }, + { + "ref": "hosted-git-info@7.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2|lru-cache@10.2.2" + ] + }, + { + "ref": "hosted-git-info@7.0.2|lru-cache@10.2.2" + }, + { + "ref": "validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/config@8.3.2", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|abbrev@2.0.0", + "npm@10.8.0|archy@1.0.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|chalk@5.3.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|cli-columns@4.0.0", + "npm@10.8.0|fastest-levenshtein@1.0.16", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|init-package-json@6.0.3", + "npm@10.8.0|is-cidr@5.0.5", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|libnpmaccess@8.0.6", + "npm@10.8.0|libnpmdiff@6.1.2", + "npm@10.8.0|libnpmexec@8.1.1", + "npm@10.8.0|libnpmfund@5.0.10", + "npm@10.8.0|libnpmhook@10.0.5", + "npm@10.8.0|libnpmorg@6.0.6", + "npm@10.8.0|libnpmpack@7.0.2", + "npm@10.8.0|libnpmpublish@9.0.8", + "npm@10.8.0|libnpmsearch@7.0.5", + "npm@10.8.0|libnpmteam@6.0.5", + "npm@10.8.0|libnpmversion@6.0.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|ms@2.1.3", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-audit-report@5.0.0", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-profile@10.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|npm-user-validate@2.0.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|qrcode-terminal@0.12.0", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|spdx-expression-parse@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|supports-color@9.4.0", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|text-table@0.2.0", + "npm@10.8.0|tiny-relative-date@1.3.0", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|validate-npm-package-name@5.0.1", + "npm@10.8.0|which@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0" + }, + { + "ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/query@3.1.0", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|bin-links@4.0.4", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|common-ancestor-path@1.0.1", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|json-stringify-nice@1.1.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|proggy@2.0.0", + "npm@10.8.0|promise-all-reject-late@1.0.1", + "npm@10.8.0|promise-call-limit@3.0.1", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "dependsOn": [ + "npm@10.8.0|npm-bundled@3.0.1", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-bundled@3.0.1", + "dependsOn": [ + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|read-package-json-fast@3.0.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "dependsOn": [ + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|cacache@18.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass-collect@2.0.1", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|unique-filename@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2" + }, + { + "ref": "npm@10.8.0|pacote@18.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-packlist@8.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|proc-log@4.2.0" + }, + { + "ref": "npm@10.8.0|semver@7.6.2" + }, + { + "ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/query@3.1.0", + "dependsOn": [ + "npm@10.8.0|postcss-selector-parser@6.0.16" + ] + }, + { + "ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "dependsOn": [ + "npm@10.8.0|cssesc@3.0.0", + "npm@10.8.0|util-deprecate@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|cssesc@3.0.0" + }, + { + "ref": "npm@10.8.0|util-deprecate@1.0.2" + }, + { + "ref": "npm@10.8.0|@npmcli/redact@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|bin-links@4.0.4", + "dependsOn": [ + "npm@10.8.0|cmd-shim@6.0.3", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|read-cmd-shim@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|cmd-shim@6.0.3" + }, + { + "ref": "npm@10.8.0|read-cmd-shim@4.0.0" + }, + { + "ref": "npm@10.8.0|write-file-atomic@5.0.1", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|common-ancestor-path@1.0.1" + }, + { + "ref": "npm@10.8.0|hosted-git-info@7.0.2", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2" + ] + }, + { + "ref": "npm@10.8.0|json-stringify-nice@1.1.4" + }, + { + "ref": "npm@10.8.0|lru-cache@10.2.2" + }, + { + "ref": "npm@10.8.0|minimatch@9.0.4", + "dependsOn": [ + "npm@10.8.0|brace-expansion@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|nopt@7.2.1", + "dependsOn": [ + "npm@10.8.0|abbrev@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|npm-install-checks@6.3.0", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-package-arg@11.0.2", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "dependsOn": [ + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-json-stream@1.0.1", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|just-diff-apply@5.5.0", + "npm@10.8.0|just-diff@6.0.2" + ] + }, + { + "ref": "npm@10.8.0|proggy@2.0.0" + }, + { + "ref": "npm@10.8.0|promise-all-reject-late@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-call-limit@3.0.1" + }, + { + "ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ssri@10.0.6", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|treeverse@3.0.0" + }, + { + "ref": "npm@10.8.0|walk-up-path@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/config@8.3.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ci-info@4.0.0" + }, + { + "ref": "npm@10.8.0|ini@4.1.2" + }, + { + "ref": "npm@10.8.0|glob@10.3.15", + "dependsOn": [ + "npm@10.8.0|foreground-child@3.1.1", + "npm@10.8.0|jackspeak@2.3.6", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|path-scurry@1.11.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/git@5.0.7", + "dependsOn": [ + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-inflight@1.0.1", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "dependsOn": [ + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|promise-inflight@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-retry@2.0.1", + "dependsOn": [ + "npm@10.8.0|err-code@2.0.3", + "npm@10.8.0|retry@0.12.0" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0", + "dependsOn": [ + "npm@10.8.0|which@4.0.0|isexe@3.1.1" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1" + }, + { + "ref": "npm@10.8.0|normalize-package-data@6.0.1", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|is-core-module@2.13.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0", + "dependsOn": [ + "npm@10.8.0|env-paths@2.2.1", + "npm@10.8.0|exponential-backoff@3.1.1", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0" + }, + { + "ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|tuf-js@2.2.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + }, + { + "ref": "npm@10.8.0|tuf-js@2.2.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/models@2.0.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|make-fetch-happen@13.0.1" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/models@2.0.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0" + }, + { + "ref": "npm@10.8.0|debug@4.3.4", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2" + }, + { + "ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/agent@2.2.2", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|http-cache-semantics@4.1.1", + "npm@10.8.0|is-lambda@1.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|negotiator@0.6.3", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|abbrev@2.0.0" + }, + { + "ref": "npm@10.8.0|archy@1.0.0" + }, + { + "ref": "npm@10.8.0|fs-minipass@3.0.3", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass-collect@2.0.1", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass@7.1.1" + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5", + "dependsOn": [ + "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|yallist@4.0.0" + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "dependsOn": [ + "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|p-map@4.0.0", + "dependsOn": [ + "npm@10.8.0|aggregate-error@3.1.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1", + "dependsOn": [ + "npm@10.8.0|chownr@2.0.0", + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|mkdirp@1.0.4", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "dependsOn": [ + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0" + }, + { + "ref": "npm@10.8.0|unique-filename@3.0.0", + "dependsOn": [ + "npm@10.8.0|unique-slug@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|unique-slug@4.0.0", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4" + ] + }, + { + "ref": "npm@10.8.0|imurmurhash@0.1.4" + }, + { + "ref": "npm@10.8.0|chalk@5.3.0" + }, + { + "ref": "npm@10.8.0|cli-columns@4.0.0", + "dependsOn": [ + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|string-width@4.2.3", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|emoji-regex@8.0.0" + }, + { + "ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0" + }, + { + "ref": "npm@10.8.0|strip-ansi@6.0.1", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|ansi-regex@5.0.1" + }, + { + "ref": "npm@10.8.0|fastest-levenshtein@1.0.16" + }, + { + "ref": "npm@10.8.0|foreground-child@3.1.1", + "dependsOn": [ + "npm@10.8.0|cross-spawn@7.0.3", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3", + "dependsOn": [ + "npm@10.8.0|path-key@3.1.1", + "npm@10.8.0|shebang-command@2.0.0", + "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "dependsOn": [ + "npm@10.8.0|isexe@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|path-key@3.1.1" + }, + { + "ref": "npm@10.8.0|shebang-command@2.0.0", + "dependsOn": [ + "npm@10.8.0|shebang-regex@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|shebang-regex@3.0.0" + }, + { + "ref": "npm@10.8.0|isexe@2.0.0" + }, + { + "ref": "npm@10.8.0|signal-exit@4.1.0" + }, + { + "ref": "npm@10.8.0|jackspeak@2.3.6", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2", + "npm@10.8.0|@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "dependsOn": [ + "BomRef.6h760ft6oi8.7sr4bitkllo", + "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.uih8rvtlbdo.33q7f9m1mj", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "npm@10.8.0|wrap-ansi@7.0.0", + "npm@10.8.0|wrap-ansi@8.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "dependsOn": [ + "npm@10.8.0|color-convert@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|color-convert@2.0.1", + "dependsOn": [ + "npm@10.8.0|color-name@1.1.4" + ] + }, + { + "ref": "npm@10.8.0|color-name@1.1.4" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0", + "dependsOn": [ + "npm@10.8.0|ansi-styles@6.2.1", + "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + }, + { + "ref": "npm@10.8.0|ansi-styles@6.2.1" + }, + { + "ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0" + }, + { + "ref": "npm@10.8.0|path-scurry@1.11.1", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|graceful-fs@4.2.11" + }, + { + "ref": "npm@10.8.0|init-package-json@6.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|promzard@1.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|promzard@1.0.2", + "dependsOn": [ + "npm@10.8.0|read@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|read@3.0.1", + "dependsOn": [ + "npm@10.8.0|mute-stream@1.0.0" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0", + "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-exceptions@2.5.0" + }, + { + "ref": "npm@10.8.0|spdx-license-ids@3.0.17" + }, + { + "ref": "npm@10.8.0|validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0|is-cidr@5.0.5", + "dependsOn": [ + "npm@10.8.0|cidr-regex@4.0.5" + ] + }, + { + "ref": "npm@10.8.0|cidr-regex@4.0.5", + "dependsOn": [ + "npm@10.8.0|ip-regex@5.0.0" + ] + }, + { + "ref": "npm@10.8.0|ip-regex@5.0.0" + }, + { + "ref": "npm@10.8.0|libnpmaccess@8.0.6", + "dependsOn": [ + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmdiff@6.1.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|binary-extensions@2.3.0", + "npm@10.8.0|diff@5.2.0", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|binary-extensions@2.3.0" + }, + { + "ref": "npm@10.8.0|diff@5.2.0" + }, + { + "ref": "npm@10.8.0|libnpmexec@8.1.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmfund@5.0.10", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmhook@10.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|aproba@2.0.0" + }, + { + "ref": "npm@10.8.0|libnpmorg@6.0.6", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmpack@7.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6" + ] + }, + { + "ref": "npm@10.8.0|libnpmpublish@9.0.8", + "dependsOn": [ + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|sigstore@2.3.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|@sigstore/sign@2.3.1", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|@sigstore/verify@1.2.0" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/core@1.1.0" + }, + { + "ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmsearch@7.0.5", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmteam@6.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmversion@6.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|http-proxy-agent@7.0.2", + "npm@10.8.0|https-proxy-agent@7.0.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|socks-proxy-agent@8.0.3" + ] + }, + { + "ref": "npm@10.8.0|agent-base@7.1.1", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|socks@2.8.3" + ] + }, + { + "ref": "npm@10.8.0|socks@2.8.3", + "dependsOn": [ + "npm@10.8.0|ip-address@9.0.5", + "npm@10.8.0|smart-buffer@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|ip-address@9.0.5", + "dependsOn": [ + "npm@10.8.0|jsbn@1.1.0", + "npm@10.8.0|sprintf-js@1.1.3" + ] + }, + { + "ref": "npm@10.8.0|jsbn@1.1.0" + }, + { + "ref": "npm@10.8.0|sprintf-js@1.1.3" + }, + { + "ref": "npm@10.8.0|smart-buffer@4.2.0" + }, + { + "ref": "npm@10.8.0|http-cache-semantics@4.1.1" + }, + { + "ref": "npm@10.8.0|is-lambda@1.0.1" + }, + { + "ref": "npm@10.8.0|minipass-fetch@3.0.5", + "dependsOn": [ + "npm@10.8.0|encoding@0.1.13", + "npm@10.8.0|minipass-sized@1.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|encoding@0.1.13", + "dependsOn": [ + "npm@10.8.0|iconv-lite@0.6.3" + ] + }, + { + "ref": "npm@10.8.0|iconv-lite@0.6.3", + "dependsOn": [ + "npm@10.8.0|safer-buffer@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|safer-buffer@2.1.2" + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3", + "dependsOn": [ + "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2", + "dependsOn": [ + "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|negotiator@0.6.3" + }, + { + "ref": "npm@10.8.0|err-code@2.0.3" + }, + { + "ref": "npm@10.8.0|retry@0.12.0" + }, + { + "ref": "npm@10.8.0|brace-expansion@2.0.1", + "dependsOn": [ + "npm@10.8.0|balanced-match@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|balanced-match@1.0.2" + }, + { + "ref": "npm@10.8.0|ms@2.1.3" + }, + { + "ref": "npm@10.8.0|env-paths@2.2.1" + }, + { + "ref": "npm@10.8.0|exponential-backoff@3.1.1" + }, + { + "ref": "npm@10.8.0|is-core-module@2.13.1", + "dependsOn": [ + "npm@10.8.0|hasown@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|hasown@2.0.2", + "dependsOn": [ + "npm@10.8.0|function-bind@1.1.2" + ] + }, + { + "ref": "npm@10.8.0|function-bind@1.1.2" + }, + { + "ref": "npm@10.8.0|npm-audit-report@5.0.0" + }, + { + "ref": "npm@10.8.0|npm-profile@10.0.0", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "dependsOn": [ + "npm@10.8.0|jsonparse@1.3.1", + "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|jsonparse@1.3.1" + }, + { + "ref": "npm@10.8.0|npm-user-validate@2.0.1" + }, + { + "ref": "npm@10.8.0|aggregate-error@3.1.0", + "dependsOn": [ + "npm@10.8.0|clean-stack@2.2.0", + "npm@10.8.0|indent-string@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|clean-stack@2.2.0" + }, + { + "ref": "npm@10.8.0|indent-string@4.0.0" + }, + { + "ref": "npm@10.8.0|npm-packlist@8.0.2", + "dependsOn": [ + "npm@10.8.0|ignore-walk@6.0.5" + ] + }, + { + "ref": "npm@10.8.0|ignore-walk@6.0.5", + "dependsOn": [ + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|just-diff-apply@5.5.0" + }, + { + "ref": "npm@10.8.0|just-diff@6.0.2" + }, + { + "ref": "npm@10.8.0|qrcode-terminal@0.12.0" + }, + { + "ref": "npm@10.8.0|mute-stream@1.0.0" + }, + { + "ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|supports-color@9.4.0" + }, + { + "ref": "npm@10.8.0|chownr@2.0.0" + }, + { + "ref": "npm@10.8.0|mkdirp@1.0.4" + }, + { + "ref": "npm@10.8.0|text-table@0.2.0" + }, + { + "ref": "npm@10.8.0|tiny-relative-date@1.3.0" + }, + { + "ref": "@oclif/plugin-version@2.2.2", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "ansis@3.2.0" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-version@2.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "lodash@4.17.21" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "dependsOn": [ + "content-type@1.0.5", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "is-stream@2.0.1", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "dependsOn": [ + "error-ex@1.3.2", + "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "content-type@1.0.5" + }, + { + "ref": "is-stream@2.0.1" + }, + { + "ref": "is-arrayish@0.2.1" + }, + { + "ref": "safe-buffer@5.2.1" + }, + { + "ref": "@oclif/test@3.2.15", + "dependsOn": [ + "@oclif/core@3.26.9", + "chai@4.4.1", + "fancy-test@3.0.15" + ] + }, + { + "ref": "chai@4.4.1", + "dependsOn": [ + "assertion-error@1.1.0", + "check-error@1.0.3", + "deep-eql@4.1.3", + "get-func-name@2.0.2", + "loupe@2.3.7", + "pathval@1.1.1", + "type-detect@4.0.8" + ] + }, + { + "ref": "fancy-test@3.0.15", + "dependsOn": [ + "@types/chai@4.3.14", + "@types/lodash@4.17.4", + "@types/node@20.14.1", + "@types/sinon@17.0.3", + "lodash@4.17.21", + "mock-stdin@1.0.0", + "nock@13.5.4", + "sinon@16.1.3", + "stdout-stderr@0.1.13" + ] + }, + { + "ref": "@types/chai@4.3.14" + }, + { + "ref": "@types/sinon@17.0.3", + "dependsOn": [ + "@types/sinonjs__fake-timers@8.1.5" + ] + }, + { + "ref": "@types/sinonjs__fake-timers@8.1.5" + }, + { + "ref": "mock-stdin@1.0.0" + }, + { + "ref": "nock@13.5.4", + "dependsOn": [ + "debug@4.3.4", + "json-stringify-safe@5.0.1", + "propagate@2.0.1" + ] + }, + { + "ref": "json-stringify-safe@5.0.1" + }, + { + "ref": "propagate@2.0.1" + }, + { + "ref": "sinon@16.1.3", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "@sinonjs/fake-timers@10.3.0", + "@sinonjs/samsam@8.0.0", + "sinon@16.1.3|diff@5.2.0", + "nise@5.1.9", + "sinon@16.1.3|supports-color@7.2.0" + ] + }, + { + "ref": "sinon@16.1.3|diff@5.2.0" + }, + { + "ref": "sinon@16.1.3|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "@sinonjs/commons@3.0.1", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/fake-timers@10.3.0", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0", + "dependsOn": [ + "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "lodash.get@4.4.2", + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "lodash.get@4.4.2" + }, + { + "ref": "nise@5.1.9", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "@sinonjs/text-encoding@0.7.2", + "just-extend@6.2.0", + "nise@5.1.9|path-to-regexp@6.2.2" + ] + }, + { + "ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "nise@5.1.9|path-to-regexp@6.2.2" + }, + { + "ref": "@sinonjs/text-encoding@0.7.2" + }, + { + "ref": "just-extend@6.2.0" + }, + { + "ref": "stdout-stderr@0.1.13", + "dependsOn": [ + "debug@4.3.4", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@smithy/abort-controller@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@types/express@4.17.21", + "dependsOn": [ + "@types/body-parser@1.19.5", + "@types/express-serve-static-core@4.19.0", + "@types/qs@6.9.15", + "@types/serve-static@1.15.7" + ] + }, + { + "ref": "@types/body-parser@1.19.5", + "dependsOn": [ + "@types/connect@3.4.38", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/connect@3.4.38", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/express-serve-static-core@4.19.0", + "dependsOn": [ + "@types/node@20.14.1", + "@types/qs@6.9.15", + "@types/range-parser@1.2.7", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/qs@6.9.15" + }, + { + "ref": "@types/range-parser@1.2.7" + }, + { + "ref": "@types/send@0.17.4", + "dependsOn": [ + "@types/mime@1.3.5", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/mime@1.3.5" + }, + { + "ref": "@types/serve-static@1.15.7", + "dependsOn": [ + "@types/http-errors@2.0.4", + "@types/node@20.14.1", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/http-errors@2.0.4" + }, + { + "ref": "@types/fs-extra@11.0.4", + "dependsOn": [ + "@types/jsonfile@6.1.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/jsonfile@6.1.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/get-installed-path@4.0.3" + }, + { + "ref": "@types/jest@29.5.12", + "dependsOn": [ + "expect@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "expect@29.7.0", + "dependsOn": [ + "@jest/expect-utils@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/expect-utils@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3" + ] + }, + { + "ref": "jest-get-type@29.6.3" + }, + { + "ref": "jest-matcher-utils@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-diff@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "diff-sequences@29.6.3", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "diff-sequences@29.6.3" + }, + { + "ref": "pretty-format@29.7.0", + "dependsOn": [ + "@jest/schemas@29.6.3", + "pretty-format@29.7.0|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "pretty-format@29.7.0|ansi-styles@5.2.0" + }, + { + "ref": "jest-message-util@29.7.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@jest/types@29.6.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/types@29.6.3", + "dependsOn": [ + "@jest/schemas@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "jest-util@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-util@29.7.0|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "jest-util@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/schemas@29.6.3", + "dependsOn": [ + "@sinclair/typebox@0.27.8" + ] + }, + { + "ref": "@sinclair/typebox@0.27.8" + }, + { + "ref": "@types/js-yaml@4.0.9" + }, + { + "ref": "@types/mocha@10.0.6" + }, + { + "ref": "@types/mock-fs@4.13.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "@types/objects-to-csv@1.3.3" + }, + { + "ref": "@types/prompt-sync@4.2.3" + }, + { + "ref": "@types/tmp@0.2.6" + }, + { + "ref": "@types/uuid@9.0.8" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0", + "dependsOn": [ + "@eslint-community/regexpp@4.10.0", + "@typescript-eslint/parser@7.7.1", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/type-utils@7.12.0", + "@typescript-eslint/utils@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "eslint@8.57.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "natural-compare@1.4.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@eslint-community/regexpp@4.10.0" + }, + { + "ref": "@typescript-eslint/parser@7.7.1", + "dependsOn": [ + "@typescript-eslint/scope-manager@7.7.1", + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/typescript-estree@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/scope-manager@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1" + ] + }, + { + "ref": "@typescript-eslint/types@7.7.1" + }, + { + "ref": "@typescript-eslint/visitor-keys@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/typescript-estree@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "ts-api-utils@1.3.0", + "dependsOn": [ + "typescript@5.1.6" + ] + }, + { + "ref": "eslint-visitor-keys@3.4.3" + }, + { + "ref": "eslint@8.57.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@eslint-community/regexpp@4.10.0", + "@eslint/eslintrc@2.1.4", + "@eslint/js@8.57.0", + "@humanwhocodes/config-array@0.11.14", + "@humanwhocodes/module-importer@1.0.1", + "@nodelib/fs.walk@1.2.8", + "@ungap/structured-clone@1.2.0", + "eslint@8.57.0|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "escape-string-regexp@4.0.0", + "eslint-scope@7.2.2", + "eslint-visitor-keys@3.4.3", + "espree@9.6.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "find-up@5.0.0", + "glob-parent@6.0.2", + "globals@13.24.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "is-path-inside@3.0.3", + "js-yaml@4.1.0", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint@8.57.0|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "strip-ansi@6.0.1", + "text-table@0.2.0" + ] + }, + { + "ref": "eslint@8.57.0|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint@8.57.0|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint@8.57.0|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint@8.57.0|minimatch@3.1.2", + "dependsOn": [ + "eslint@8.57.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint@8.57.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "@typescript-eslint/utils@7.12.0", + "debug@4.3.4", + "eslint@8.57.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@eslint-community/eslint-utils@4.4.0", + "dependsOn": [ + "eslint-visitor-keys@3.4.3", + "eslint@8.57.0" + ] + }, + { + "ref": "graphemer@1.4.0" + }, + { + "ref": "accurate-search@1.2.15" + }, + { + "ref": "ajv@8.16.0", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "json-schema-traverse@1.0.0", + "require-from-string@2.0.2", + "uri-js@4.4.1" + ] + }, + { + "ref": "fast-deep-equal@3.1.3" + }, + { + "ref": "json-schema-traverse@1.0.0" + }, + { + "ref": "require-from-string@2.0.2" + }, + { + "ref": "uri-js@4.4.1", + "dependsOn": [ + "punycode@2.3.1" + ] + }, + { + "ref": "punycode@2.3.1" + }, + { + "ref": "form-data@4.0.0", + "dependsOn": [ + "asynckit@0.4.0", + "combined-stream@1.0.8", + "mime-types@2.1.35" + ] + }, + { + "ref": "proxy-from-env@1.1.0" + }, + { + "ref": "assertion-error@1.1.0" + }, + { + "ref": "check-error@1.0.3", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "get-func-name@2.0.2" + }, + { + "ref": "deep-eql@4.1.3", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "loupe@2.3.7", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "pathval@1.1.1" + }, + { + "ref": "colors@1.4.0" + }, + { + "ref": "csv-parse@4.16.3" + }, + { + "ref": "dotenv@16.4.5" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "functional-red-black-tree@1.0.1", + "ignore@5.3.1", + "regexpp@3.2.0", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "enquirer@2.4.1", + "escape-string-regexp@4.0.0", + "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "functional-red-black-tree@1.0.1", + "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "import-fresh@3.3.0", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "progress@2.0.3", + "regexpp@3.2.0", + "semver@7.6.2", + "strip-ansi@6.0.1", + "strip-json-comments@3.1.1", + "table@6.8.2", + "text-table@0.2.0", + "v8-compile-cache@2.4.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "dependsOn": [ + "@babel/highlight@7.24.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "import-fresh@3.3.0", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0", + "dependsOn": [ + "@types/json-schema@7.0.15", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "eslint-utils@3.0.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + }, + { + "ref": "@types/json-schema@7.0.15" + }, + { + "ref": "tsutils@3.21.0", + "dependsOn": [ + "tsutils@3.21.0|tslib@1.14.1", + "typescript@5.1.6" + ] + }, + { + "ref": "tsutils@3.21.0|tslib@1.14.1" + }, + { + "ref": "esrecurse@4.3.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "eslint-utils@3.0.0", + "dependsOn": [ + "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/highlight@7.24.2", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@babel/highlight@7.24.2|chalk@2.4.2", + "js-tokens@4.0.0", + "picocolors@1.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "dependsOn": [ + "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "@babel/highlight@7.24.2|supports-color@5.5.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "dependsOn": [ + "@babel/highlight@7.24.2|color-convert@1.9.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "dependsOn": [ + "@babel/highlight@7.24.2|color-name@1.1.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-name@1.1.3" + }, + { + "ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5" + }, + { + "ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "dependsOn": [ + "@babel/highlight@7.24.2|has-flag@3.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|has-flag@3.0.0" + }, + { + "ref": "globals@13.24.0", + "dependsOn": [ + "globals@13.24.0|type-fest@0.20.2" + ] + }, + { + "ref": "globals@13.24.0|type-fest@0.20.2" + }, + { + "ref": "doctrine@3.0.0", + "dependsOn": [ + "esutils@2.0.3" + ] + }, + { + "ref": "enquirer@2.4.1", + "dependsOn": [ + "ansi-colors@4.1.1", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-colors@4.1.1" + }, + { + "ref": "acorn-jsx@5.3.2", + "dependsOn": [ + "acorn@8.11.3" + ] + }, + { + "ref": "esquery@1.5.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "esutils@2.0.3" + }, + { + "ref": "file-entry-cache@6.0.1", + "dependsOn": [ + "flat-cache@3.2.0" + ] + }, + { + "ref": "functional-red-black-tree@1.0.1" + }, + { + "ref": "imurmurhash@0.1.4" + }, + { + "ref": "json-stable-stringify-without-jsonify@1.0.1" + }, + { + "ref": "levn@0.4.1", + "dependsOn": [ + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "lodash.merge@4.6.2" + }, + { + "ref": "optionator@0.9.3", + "dependsOn": [ + "@aashutoshrathi/word-wrap@1.2.6", + "deep-is@0.1.4", + "optionator@0.9.3|fast-levenshtein@2.0.6", + "levn@0.4.1", + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "optionator@0.9.3|fast-levenshtein@2.0.6" + }, + { + "ref": "progress@2.0.3" + }, + { + "ref": "regexpp@3.2.0" + }, + { + "ref": "table@6.8.2", + "dependsOn": [ + "ajv@8.16.0", + "lodash.truncate@4.4.2", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "text-table@0.2.0" + }, + { + "ref": "v8-compile-cache@2.4.0" + }, + { + "ref": "confusing-browser-globals@1.0.10" + }, + { + "ref": "eslint-plugin-mocha@9.0.0", + "dependsOn": [ + "eslint-utils@3.0.0", + "eslint@8.57.0", + "ramda@0.27.2" + ] + }, + { + "ref": "ramda@0.27.2" + }, + { + "ref": "eslint-plugin-node@11.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1", + "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "eslint@8.57.0", + "ignore@5.3.1", + "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "resolve@1.22.8", + "eslint-plugin-node@11.1.0|semver@6.3.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "dependsOn": [ + "eslint-plugin-node@11.1.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|semver@6.3.1" + }, + { + "ref": "eslint-plugin-es@3.0.1", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "eslint@8.57.0", + "regexpp@3.2.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif@4.0.0", + "dependsOn": [ + "eslint-config-xo-space@0.27.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0", + "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "clean-regexp@1.0.0", + "eslint-template-visitor@2.3.2", + "eslint-utils@3.0.0", + "eslint@8.57.0", + "is-builtin-module@3.2.1", + "lodash@4.17.21", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "safe-regex@2.1.1", + "semver@7.6.2" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0" + }, + { + "ref": "eslint-config-xo-space@0.27.0", + "dependsOn": [ + "eslint-config-xo@0.35.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-config-xo@0.35.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint@8.57.0" + ] + }, + { + "ref": "@babel/helper-validator-identifier@7.22.20" + }, + { + "ref": "clean-regexp@1.0.0", + "dependsOn": [ + "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + }, + { + "ref": "eslint-template-visitor@2.3.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/eslint-parser@7.24.1", + "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "esquery@1.5.0", + "multimap@1.1.0" + ] + }, + { + "ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "@babel/eslint-parser@7.24.1|semver@6.3.1" + ] + }, + { + "ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1|semver@6.3.1" + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "dependsOn": [ + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + }, + { + "ref": "multimap@1.1.0" + }, + { + "ref": "is-builtin-module@3.2.1", + "dependsOn": [ + "builtin-modules@3.3.0" + ] + }, + { + "ref": "pluralize@8.0.0" + }, + { + "ref": "read-pkg-up@7.0.1", + "dependsOn": [ + "read-pkg-up@7.0.1|find-up@4.1.0", + "read-pkg@5.2.0", + "read-pkg-up@7.0.1|type-fest@0.8.1" + ] + }, + { + "ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-locate@4.1.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-limit@2.3.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|type-fest@0.8.1" + }, + { + "ref": "regexp-tree@0.1.27" + }, + { + "ref": "safe-regex@2.1.1", + "dependsOn": [ + "regexp-tree@0.1.27" + ] + }, + { + "ref": "eslint-plugin-unicorn@52.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@eslint-community/eslint-utils@4.4.0", + "@eslint/eslintrc@2.1.4", + "ci-info@4.0.0", + "clean-regexp@1.0.0", + "core-js-compat@3.37.0", + "eslint@8.57.0", + "esquery@1.5.0", + "indent-string@4.0.0", + "is-builtin-module@3.2.1", + "jsesc@3.0.2", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "regjsparser@0.10.0", + "semver@7.6.2", + "strip-indent@3.0.0" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "debug@4.3.4", + "espree@9.6.1", + "globals@13.24.0", + "ignore@5.3.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1" + }, + { + "ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "espree@9.6.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "acorn@8.11.3", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "parent-module@1.0.1", + "dependsOn": [ + "callsites@3.1.0" + ] + }, + { + "ref": "resolve-from@4.0.0" + }, + { + "ref": "ci-info@4.0.0" + }, + { + "ref": "core-js-compat@3.37.0", + "dependsOn": [ + "browserslist@4.23.0" + ] + }, + { + "ref": "browserslist@4.23.0", + "dependsOn": [ + "caniuse-lite@1.0.30001612", + "electron-to-chromium@1.4.747", + "node-releases@2.0.14", + "update-browserslist-db@1.0.13" + ] + }, + { + "ref": "caniuse-lite@1.0.30001612" + }, + { + "ref": "electron-to-chromium@1.4.747" + }, + { + "ref": "node-releases@2.0.14" + }, + { + "ref": "update-browserslist-db@1.0.13", + "dependsOn": [ + "browserslist@4.23.0", + "escalade@3.1.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "escalade@3.1.2" + }, + { + "ref": "estraverse@5.3.0" + }, + { + "ref": "builtin-modules@3.3.0" + }, + { + "ref": "jsesc@3.0.2" + }, + { + "ref": "p-try@2.2.0" + }, + { + "ref": "path-exists@4.0.0" + }, + { + "ref": "read-pkg@5.2.0", + "dependsOn": [ + "@types/normalize-package-data@2.4.4", + "read-pkg@5.2.0|normalize-package-data@2.5.0", + "parse-json@5.2.0", + "read-pkg@5.2.0|type-fest@0.6.0" + ] + }, + { + "ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "dependsOn": [ + "read-pkg@5.2.0|hosted-git-info@2.8.9", + "resolve@1.22.8", + "read-pkg@5.2.0|semver@5.7.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "read-pkg@5.2.0|hosted-git-info@2.8.9" + }, + { + "ref": "read-pkg@5.2.0|semver@5.7.2" + }, + { + "ref": "read-pkg@5.2.0|type-fest@0.6.0" + }, + { + "ref": "@types/normalize-package-data@2.4.4" + }, + { + "ref": "validate-npm-package-license@3.0.4", + "dependsOn": [ + "spdx-correct@3.2.0", + "spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "regjsparser@0.10.0", + "dependsOn": [ + "regjsparser@0.10.0|jsesc@0.5.0" + ] + }, + { + "ref": "regjsparser@0.10.0|jsesc@0.5.0" + }, + { + "ref": "strip-indent@3.0.0", + "dependsOn": [ + "min-indent@1.0.1" + ] + }, + { + "ref": "min-indent@1.0.1" + }, + { + "ref": "@eslint/js@8.57.0" + }, + { + "ref": "@humanwhocodes/config-array@0.11.14", + "dependsOn": [ + "@humanwhocodes/object-schema@2.0.3", + "debug@4.3.4", + "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "dependsOn": [ + "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@humanwhocodes/object-schema@2.0.3" + }, + { + "ref": "@humanwhocodes/module-importer@1.0.1" + }, + { + "ref": "@nodelib/fs.scandir@2.1.5", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "run-parallel@1.2.0" + ] + }, + { + "ref": "run-parallel@1.2.0", + "dependsOn": [ + "queue-microtask@1.2.3" + ] + }, + { + "ref": "queue-microtask@1.2.3" + }, + { + "ref": "fastq@1.17.1", + "dependsOn": [ + "reusify@1.0.4" + ] + }, + { + "ref": "reusify@1.0.4" + }, + { + "ref": "@ungap/structured-clone@1.2.0" + }, + { + "ref": "path-key@3.1.1" + }, + { + "ref": "shebang-command@2.0.0", + "dependsOn": [ + "shebang-regex@3.0.0" + ] + }, + { + "ref": "shebang-regex@3.0.0" + }, + { + "ref": "which@2.0.2", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "isexe@2.0.0" + }, + { + "ref": "eslint-scope@7.2.2", + "dependsOn": [ + "esrecurse@4.3.0", + "estraverse@5.3.0" + ] + }, + { + "ref": "acorn@8.11.3" + }, + { + "ref": "flat-cache@3.2.0", + "dependsOn": [ + "flatted@3.3.1", + "keyv@4.5.4", + "rimraf@3.0.2" + ] + }, + { + "ref": "flatted@3.3.1" + }, + { + "ref": "keyv@4.5.4", + "dependsOn": [ + "json-buffer@3.0.1" + ] + }, + { + "ref": "json-buffer@3.0.1" + }, + { + "ref": "find-up@5.0.0", + "dependsOn": [ + "locate-path@6.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "locate-path@6.0.0", + "dependsOn": [ + "p-locate@5.0.0" + ] + }, + { + "ref": "p-locate@5.0.0", + "dependsOn": [ + "p-limit@3.1.0" + ] + }, + { + "ref": "is-extglob@2.1.1" + }, + { + "ref": "is-path-inside@3.0.3" + }, + { + "ref": "prelude-ls@1.2.1" + }, + { + "ref": "type-check@0.4.0", + "dependsOn": [ + "prelude-ls@1.2.1" + ] + }, + { + "ref": "@aashutoshrathi/word-wrap@1.2.6" + }, + { + "ref": "deep-is@0.1.4" + }, + { + "ref": "accepts@1.3.8", + "dependsOn": [ + "mime-types@2.1.35", + "negotiator@0.6.3" + ] + }, + { + "ref": "mime-types@2.1.35", + "dependsOn": [ + "mime-db@1.52.0" + ] + }, + { + "ref": "negotiator@0.6.3" + }, + { + "ref": "array-flatten@1.1.1" + }, + { + "ref": "body-parser@1.20.2", + "dependsOn": [ + "bytes@3.1.2", + "content-type@1.0.5", + "body-parser@1.20.2|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "on-finished@2.4.1", + "qs@6.11.0", + "raw-body@2.5.2", + "type-is@1.6.18", + "unpipe@1.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|debug@2.6.9", + "dependsOn": [ + "body-parser@1.20.2|ms@2.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|ms@2.0.0" + }, + { + "ref": "bytes@3.1.2" + }, + { + "ref": "depd@2.0.0" + }, + { + "ref": "destroy@1.2.0" + }, + { + "ref": "http-errors@2.0.0", + "dependsOn": [ + "depd@2.0.0", + "inherits@2.0.4", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "toidentifier@1.0.1" + ] + }, + { + "ref": "iconv-lite@0.4.24", + "dependsOn": [ + "safer-buffer@2.1.2" + ] + }, + { + "ref": "safer-buffer@2.1.2" + }, + { + "ref": "on-finished@2.4.1", + "dependsOn": [ + "ee-first@1.1.1" + ] + }, + { + "ref": "qs@6.11.0", + "dependsOn": [ + "side-channel@1.0.6" + ] + }, + { + "ref": "raw-body@2.5.2", + "dependsOn": [ + "bytes@3.1.2", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "unpipe@1.0.0" + ] + }, + { + "ref": "unpipe@1.0.0" + }, + { + "ref": "type-is@1.6.18", + "dependsOn": [ + "media-typer@0.3.0", + "mime-types@2.1.35" + ] + }, + { + "ref": "content-disposition@0.5.4", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "cookie-signature@1.0.6" + }, + { + "ref": "cookie@0.6.0" + }, + { + "ref": "encodeurl@1.0.2" + }, + { + "ref": "escape-html@1.0.3" + }, + { + "ref": "etag@1.8.1" + }, + { + "ref": "finalhandler@1.2.0", + "dependsOn": [ + "finalhandler@1.2.0|debug@2.6.9", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "on-finished@2.4.1", + "parseurl@1.3.3", + "statuses@2.0.1", + "unpipe@1.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|debug@2.6.9", + "dependsOn": [ + "finalhandler@1.2.0|ms@2.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|ms@2.0.0" + }, + { + "ref": "parseurl@1.3.3" + }, + { + "ref": "statuses@2.0.1" + }, + { + "ref": "fresh@0.5.2" + }, + { + "ref": "setprototypeof@1.2.0" + }, + { + "ref": "toidentifier@1.0.1" + }, + { + "ref": "merge-descriptors@1.0.1" + }, + { + "ref": "methods@1.1.2" + }, + { + "ref": "ee-first@1.1.1" + }, + { + "ref": "path-to-regexp@0.1.7" + }, + { + "ref": "proxy-addr@2.0.7", + "dependsOn": [ + "forwarded@0.2.0", + "ipaddr.js@1.9.1" + ] + }, + { + "ref": "forwarded@0.2.0" + }, + { + "ref": "ipaddr.js@1.9.1" + }, + { + "ref": "side-channel@1.0.6", + "dependsOn": [ + "call-bind@1.0.7", + "es-errors@1.3.0", + "get-intrinsic@1.2.4", + "object-inspect@1.13.1" + ] + }, + { + "ref": "call-bind@1.0.7", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "set-function-length@1.2.2" + ] + }, + { + "ref": "es-define-property@1.0.0", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "get-intrinsic@1.2.4", + "dependsOn": [ + "es-errors@1.3.0", + "function-bind@1.1.2", + "has-proto@1.0.3", + "has-symbols@1.0.3", + "hasown@2.0.2" + ] + }, + { + "ref": "es-errors@1.3.0" + }, + { + "ref": "function-bind@1.1.2" + }, + { + "ref": "set-function-length@1.2.2", + "dependsOn": [ + "define-data-property@1.1.4", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "gopd@1.0.1", + "has-property-descriptors@1.0.2" + ] + }, + { + "ref": "define-data-property@1.1.4", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "gopd@1.0.1" + ] + }, + { + "ref": "gopd@1.0.1", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "has-property-descriptors@1.0.2", + "dependsOn": [ + "es-define-property@1.0.0" + ] + }, + { + "ref": "has-proto@1.0.3" + }, + { + "ref": "has-symbols@1.0.3" + }, + { + "ref": "hasown@2.0.2", + "dependsOn": [ + "function-bind@1.1.2" + ] + }, + { + "ref": "object-inspect@1.13.1" + }, + { + "ref": "range-parser@1.2.1" + }, + { + "ref": "send@0.18.0", + "dependsOn": [ + "send@0.18.0|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "fresh@0.5.2", + "http-errors@2.0.0", + "mime@1.6.0", + "ms@2.1.3", + "on-finished@2.4.1", + "range-parser@1.2.1", + "statuses@2.0.1" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9", + "dependsOn": [ + "send@0.18.0|debug@2.6.9|ms@2.0.0" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9|ms@2.0.0" + }, + { + "ref": "mime@1.6.0" + }, + { + "ref": "serve-static@1.15.0", + "dependsOn": [ + "encodeurl@1.0.2", + "escape-html@1.0.3", + "parseurl@1.3.3", + "send@0.18.0" + ] + }, + { + "ref": "media-typer@0.3.0" + }, + { + "ref": "utils-merge@1.0.1" + }, + { + "ref": "vary@1.1.2" + }, + { + "ref": "asynckit@0.4.0" + }, + { + "ref": "combined-stream@1.0.8", + "dependsOn": [ + "delayed-stream@1.0.0" + ] + }, + { + "ref": "delayed-stream@1.0.0" + }, + { + "ref": "mime-db@1.52.0" + }, + { + "ref": "fs-extra@11.2.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "jsonfile@6.1.0", + "universalify@2.0.1" + ] + }, + { + "ref": "jsonfile@6.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "universalify@2.0.1" + ] + }, + { + "ref": "universalify@2.0.1" + }, + { + "ref": "get-installed-path@4.0.8", + "dependsOn": [ + "global-modules@1.0.0" + ] + }, + { + "ref": "global-modules@1.0.0", + "dependsOn": [ + "global-prefix@1.0.2", + "is-windows@1.0.2", + "resolve-dir@1.0.1" + ] + }, + { + "ref": "global-prefix@1.0.2", + "dependsOn": [ + "expand-tilde@2.0.2", + "homedir-polyfill@1.0.3", + "ini@1.3.8", + "is-windows@1.0.2", + "global-prefix@1.0.2|which@1.3.1" + ] + }, + { + "ref": "global-prefix@1.0.2|which@1.3.1", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "expand-tilde@2.0.2", + "dependsOn": [ + "homedir-polyfill@1.0.3" + ] + }, + { + "ref": "homedir-polyfill@1.0.3", + "dependsOn": [ + "parse-passwd@1.0.0" + ] + }, + { + "ref": "parse-passwd@1.0.0" + }, + { + "ref": "is-windows@1.0.2" + }, + { + "ref": "resolve-dir@1.0.1", + "dependsOn": [ + "expand-tilde@2.0.2", + "global-modules@1.0.0" + ] + }, + { + "ref": "domhandler@5.0.3", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "domutils@3.1.0", + "dependsOn": [ + "dom-serializer@2.0.0", + "domelementtype@2.3.0", + "domhandler@5.0.3" + ] + }, + { + "ref": "dom-serializer@2.0.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "entities@4.5.0" + ] + }, + { + "ref": "entities@4.5.0" + }, + { + "ref": "https@1.0.0" + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2", + "dependsOn": [ + "chalk@4.1.2", + "cli-cursor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1" + ] + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "cli-cursor@3.1.0", + "dependsOn": [ + "restore-cursor@3.1.0" + ] + }, + { + "ref": "restore-cursor@3.1.0", + "dependsOn": [ + "onetime@5.1.2", + "signal-exit@3.0.7" + ] + }, + { + "ref": "onetime@5.1.2", + "dependsOn": [ + "mimic-fn@2.1.0" + ] + }, + { + "ref": "mimic-fn@2.1.0" + }, + { + "ref": "signal-exit@3.0.7" + }, + { + "ref": "figures@3.2.0", + "dependsOn": [ + "figures@3.2.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "figures@3.2.0|escape-string-regexp@1.0.5" + }, + { + "ref": "inquirer@8.0.0", + "dependsOn": [ + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-cursor@3.1.0", + "cli-width@3.0.0", + "external-editor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "mute-stream@0.0.8", + "run-async@2.4.1", + "rxjs@6.6.7", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "through@2.3.8" + ] + }, + { + "ref": "cli-width@3.0.0" + }, + { + "ref": "external-editor@3.1.0", + "dependsOn": [ + "chardet@0.7.0", + "iconv-lite@0.4.24", + "external-editor@3.1.0|tmp@0.0.33" + ] + }, + { + "ref": "external-editor@3.1.0|tmp@0.0.33", + "dependsOn": [ + "os-tmpdir@1.0.2" + ] + }, + { + "ref": "chardet@0.7.0" + }, + { + "ref": "os-tmpdir@1.0.2" + }, + { + "ref": "mute-stream@0.0.8" + }, + { + "ref": "run-async@2.4.1" + }, + { + "ref": "rxjs@6.6.7", + "dependsOn": [ + "rxjs@6.6.7|tslib@1.14.1" + ] + }, + { + "ref": "rxjs@6.6.7|tslib@1.14.1" + }, + { + "ref": "through@2.3.8" + }, + { + "ref": "jest-mock@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-util@29.7.0" + ] + }, + { + "ref": "@types/istanbul-lib-report@3.0.3", + "dependsOn": [ + "@types/istanbul-lib-coverage@2.0.6" + ] + }, + { + "ref": "@types/yargs-parser@21.0.3" + }, + { + "ref": "jest@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/types@29.6.3", + "import-local@3.1.0", + "jest-cli@29.7.0" + ] + }, + { + "ref": "@jest/core@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/reporters@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@jest/core@29.7.0|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-changed-files@29.7.0", + "jest-config@29.7.0", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve-dependencies@29.7.0", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "jest-watcher@29.7.0", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@jest/core@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/console@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "@jest/reporters@29.7.0", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@jest/console@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "istanbul-lib-instrument@6.0.2", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@jest/test-result@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/types@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@jest/transform@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "convert-source-map@2.0.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "fs.realpath@1.0.0" + }, + { + "ref": "inflight@1.0.6", + "dependsOn": [ + "once@1.4.0", + "wrappy@1.0.2" + ] + }, + { + "ref": "path-is-absolute@1.0.1" + }, + { + "ref": "istanbul-lib-instrument@6.0.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "semver@7.6.2" + ] + }, + { + "ref": "make-dir@4.0.0", + "dependsOn": [ + "semver@7.6.2" + ] + }, + { + "ref": "source-map@0.6.1" + }, + { + "ref": "html-escaper@2.0.2" + }, + { + "ref": "jest-worker@29.7.0", + "dependsOn": [ + "@types/node@20.14.1", + "jest-util@29.7.0", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "char-regex@1.0.2" + }, + { + "ref": "convert-source-map@2.0.0" + }, + { + "ref": "jest-changed-files@29.7.0", + "dependsOn": [ + "execa@5.1.1", + "jest-util@29.7.0", + "p-limit@3.1.0" + ] + }, + { + "ref": "get-stream@6.0.1" + }, + { + "ref": "human-signals@2.1.0" + }, + { + "ref": "npm-run-path@4.0.1", + "dependsOn": [ + "path-key@3.1.1" + ] + }, + { + "ref": "strip-final-newline@2.0.0" + }, + { + "ref": "yocto-queue@0.1.0" + }, + { + "ref": "jest-config@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/test-sequencer@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "babel-jest@29.7.0", + "chalk@4.1.2", + "jest-config@29.7.0|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-circus@29.7.0", + "jest-environment-node@29.7.0", + "jest-get-type@29.6.3", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "micromatch@4.0.5", + "parse-json@5.2.0", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "jest-config@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/test-sequencer@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "jest-haste-map@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "babel-jest@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "babel-preset-jest@29.6.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "jest-circus@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "dedent@1.5.3", + "is-generator-fn@2.1.0", + "jest-each@29.7.0", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "p-limit@3.1.0", + "pretty-format@29.7.0", + "pure-rand@6.1.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/environment@29.7.0", + "dependsOn": [ + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/expect@29.7.0", + "dependsOn": [ + "expect@29.7.0", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "jest-snapshot@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-jsx@7.24.1", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/types@7.24.0", + "@jest/expect-utils@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "expect@29.7.0", + "graceful-fs@4.2.11", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "natural-compare@1.4.0", + "pretty-format@29.7.0", + "semver@7.6.2" + ] + }, + { + "ref": "dedent@1.5.3" + }, + { + "ref": "jest-each@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "jest-util@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-runtime@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/globals@29.7.0", + "@jest/source-map@29.6.3", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "pure-rand@6.1.0" + }, + { + "ref": "jest-environment-node@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/fake-timers@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@sinonjs/fake-timers@10.3.0", + "@types/node@20.14.1", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "jest-regex-util@29.6.3" + }, + { + "ref": "jest-resolve@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-pnp-resolver@1.2.3", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "resolve.exports@2.0.2", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "jest-runner@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/environment@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "emittery@0.13.1", + "graceful-fs@4.2.11", + "jest-docblock@29.7.0", + "jest-environment-node@29.7.0", + "jest-haste-map@29.7.0", + "jest-leak-detector@29.7.0", + "jest-message-util@29.7.0", + "jest-resolve@29.7.0", + "jest-runtime@29.7.0", + "jest-util@29.7.0", + "jest-watcher@29.7.0", + "jest-worker@29.7.0", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "jest-validate@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "jest-validate@29.7.0|camelcase@6.3.0", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "leven@3.1.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-validate@29.7.0|camelcase@6.3.0" + }, + { + "ref": "bser@2.1.1", + "dependsOn": [ + "node-int64@0.4.0" + ] + }, + { + "ref": "node-int64@0.4.0" + }, + { + "ref": "makeerror@1.0.12", + "dependsOn": [ + "tmpl@1.0.5" + ] + }, + { + "ref": "tmpl@1.0.5" + }, + { + "ref": "jest-resolve-dependencies@29.7.0", + "dependsOn": [ + "jest-regex-util@29.6.3", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "resolve.exports@2.0.2" + }, + { + "ref": "emittery@0.13.1" + }, + { + "ref": "jest-docblock@29.7.0", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "jest-leak-detector@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-watcher@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "emittery@0.13.1", + "jest-util@29.7.0", + "string-length@4.0.2" + ] + }, + { + "ref": "@jest/globals@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/types@29.6.3", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/source-map@29.6.3", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@babel/plugin-syntax-jsx@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/helper-plugin-utils@7.24.0" + }, + { + "ref": "@babel/plugin-syntax-async-generators@7.8.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-bigint@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-class-properties@7.12.13", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-import-meta@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-json-strings@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "pkg-dir@4.2.0", + "dependsOn": [ + "pkg-dir@4.2.0|find-up@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|find-up@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-locate@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-limit@2.3.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0", + "dependsOn": [ + "resolve-cwd@3.0.0|resolve-from@5.0.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0|resolve-from@5.0.0" + }, + { + "ref": "jest-cli@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "chalk@4.1.2", + "create-jest@29.7.0", + "exit@0.1.2", + "import-local@3.1.0", + "jest-config@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "yargs@17.7.2" + ] + }, + { + "ref": "create-jest@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-config@29.7.0", + "jest-util@29.7.0", + "prompts@2.4.2" + ] + }, + { + "ref": "cliui@8.0.1", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "get-caller-file@2.0.5" + }, + { + "ref": "require-directory@2.1.1" + }, + { + "ref": "y18n@5.0.8" + }, + { + "ref": "argparse@2.0.1" + }, + { + "ref": "json-colorizer@2.2.2", + "dependsOn": [ + "json-colorizer@2.2.2|chalk@2.4.2", + "lodash.get@4.4.2" + ] + }, + { + "ref": "json-colorizer@2.2.2|chalk@2.4.2", + "dependsOn": [ + "json-colorizer@2.2.2|ansi-styles@3.2.1", + "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "json-colorizer@2.2.2|supports-color@5.5.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "dependsOn": [ + "json-colorizer@2.2.2|color-convert@1.9.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "dependsOn": [ + "json-colorizer@2.2.2|color-name@1.1.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-name@1.1.3" + }, + { + "ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5" + }, + { + "ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "dependsOn": [ + "json-colorizer@2.2.2|has-flag@3.0.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|has-flag@3.0.0" + }, + { + "ref": "markdown-diff@2.0.0", + "dependsOn": [ + "markdown-diff@2.0.0|diff@5.2.0", + "marked@12.0.2" + ] + }, + { + "ref": "markdown-diff@2.0.0|diff@5.2.0" + }, + { + "ref": "marked@12.0.2" + }, + { + "ref": "markdown-table-ts@1.0.3" + }, + { + "ref": "mocha@10.4.0", + "dependsOn": [ + "ansi-colors@4.1.1", + "browser-stdout@1.3.1", + "chokidar@3.5.3", + "debug@4.3.4", + "mocha@10.4.0|diff@5.0.0", + "escape-string-regexp@4.0.0", + "find-up@5.0.0", + "mocha@10.4.0|glob@8.1.0", + "he@1.2.0", + "js-yaml@4.1.0", + "mocha@10.4.0|log-symbols@4.1.0", + "mocha@10.4.0|minimatch@5.0.1", + "ms@2.1.3", + "serialize-javascript@6.0.0", + "strip-json-comments@3.1.1", + "supports-color@8.1.1", + "workerpool@6.2.1", + "yargs-parser@20.2.4", + "yargs-unparser@2.0.0", + "mocha@10.4.0|yargs@16.2.0" + ] + }, + { + "ref": "mocha@10.4.0|diff@5.0.0" + }, + { + "ref": "mocha@10.4.0|glob@8.1.0", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "mocha@10.4.0|minimatch@5.0.1", + "once@1.4.0" + ] + }, + { + "ref": "mocha@10.4.0|minimatch@5.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "mocha@10.4.0|log-symbols@4.1.0", + "dependsOn": [ + "chalk@4.1.2", + "is-unicode-supported@0.1.0" + ] + }, + { + "ref": "mocha@10.4.0|yargs@16.2.0", + "dependsOn": [ + "mocha@10.4.0|cliui@7.0.4", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs-parser@20.2.4" + ] + }, + { + "ref": "mocha@10.4.0|cliui@7.0.4", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "browser-stdout@1.3.1" + }, + { + "ref": "fill-range@7.0.1", + "dependsOn": [ + "to-regex-range@5.0.1" + ] + }, + { + "ref": "to-regex-range@5.0.1", + "dependsOn": [ + "is-number@7.0.0" + ] + }, + { + "ref": "is-number@7.0.0" + }, + { + "ref": "is-binary-path@2.1.0", + "dependsOn": [ + "binary-extensions@2.3.0" + ] + }, + { + "ref": "binary-extensions@2.3.0" + }, + { + "ref": "readdirp@3.6.0", + "dependsOn": [ + "picomatch@2.3.1" + ] + }, + { + "ref": "wrappy@1.0.2" + }, + { + "ref": "is-unicode-supported@0.1.0" + }, + { + "ref": "serialize-javascript@6.0.0", + "dependsOn": [ + "randombytes@2.1.0" + ] + }, + { + "ref": "randombytes@2.1.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "workerpool@6.2.1" + }, + { + "ref": "yargs-parser@20.2.4" + }, + { + "ref": "yargs-unparser@2.0.0", + "dependsOn": [ + "yargs-unparser@2.0.0|camelcase@6.3.0", + "decamelize@4.0.0", + "flat@5.0.2", + "is-plain-obj@2.1.0" + ] + }, + { + "ref": "yargs-unparser@2.0.0|camelcase@6.3.0" + }, + { + "ref": "decamelize@4.0.0" + }, + { + "ref": "is-plain-obj@2.1.0" + }, + { + "ref": "mock-fs@5.2.0" + }, + { + "ref": "objects-to-csv@1.3.6", + "dependsOn": [ + "async-csv@2.1.3" + ] + }, + { + "ref": "async-csv@2.1.3", + "dependsOn": [ + "csv@5.5.3" + ] + }, + { + "ref": "csv@5.5.3", + "dependsOn": [ + "csv-generate@3.4.3", + "csv-parse@4.16.3", + "csv-stringify@5.6.5", + "stream-transform@2.1.3" + ] + }, + { + "ref": "csv-generate@3.4.3" + }, + { + "ref": "csv-stringify@5.6.5" + }, + { + "ref": "stream-transform@2.1.3", + "dependsOn": [ + "mixme@0.5.10" + ] + }, + { + "ref": "mixme@0.5.10" + }, + { + "ref": "oclif@4.13.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0", + "@aws-sdk/client-s3@3.583.0", + "@inquirer/confirm@3.1.9", + "@inquirer/input@2.1.9", + "@inquirer/select@2.3.5", + "oclif@4.13.0|@oclif/core@4.0.1", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-not-found@3.2.1", + "@oclif/plugin-warn-if-update-available@3.1.4", + "async-retry@1.3.3", + "chalk@4.1.2", + "change-case@4.1.2", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "find-yarn-workspace-root@2.0.0", + "oclif@4.13.0|fs-extra@8.1.0", + "github-slugger@2.0.0", + "got@13.0.0", + "lodash@4.17.21", + "normalize-package-data@6.0.1", + "semver@7.6.2", + "sort-package-json@2.10.0", + "tiny-jsonc@1.0.1", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "oclif@4.13.0|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "oclif@4.13.0|debug@4.3.5", + "dependsOn": [ + "oclif@4.13.0|ms@2.1.2" + ] + }, + { + "ref": "oclif@4.13.0|ms@2.1.2" + }, + { + "ref": "oclif@4.13.0|fs-extra@8.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "oclif@4.13.0|jsonfile@4.0.0", + "oclif@4.13.0|universalify@0.1.2" + ] + }, + { + "ref": "oclif@4.13.0|jsonfile@4.0.0", + "dependsOn": [ + "graceful-fs@4.2.11" + ] + }, + { + "ref": "oclif@4.13.0|universalify@0.1.2" + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/xml-builder@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-waiter@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0", + "dependsOn": [ + "@aws-crypto/sha1-browser@3.0.0", + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "@aws-sdk/middleware-expect-continue@3.577.0", + "@aws-sdk/middleware-flexible-checksums@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-location-constraint@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/middleware-signing@3.577.0", + "@aws-sdk/middleware-ssec@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/signature-v4-multi-region@3.582.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/eventstream-serde-browser@3.0.0", + "@smithy/eventstream-serde-config-resolver@3.0.0", + "@smithy/eventstream-serde-node@3.0.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-blob-browser@3.0.0", + "@smithy/hash-node@3.0.0", + "@smithy/hash-stream-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/md5-js@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/region-config-resolver@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-node@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-env@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-process@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/token-providers@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso-oidc@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sts@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/credential-provider-node@3.577.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-http@3.577.0", + "@aws-sdk/credential-provider-ini@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-user-agent@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-endpoints@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-http@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-ini@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-sso@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso@3.577.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-arn-parser@3.568.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@aws-crypto/crc32c@3.0.0", + "@aws-sdk/types@3.577.0", + "@smithy/is-array-buffer@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/crc32c@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-signing@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-ssec@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "dependsOn": [ + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-browser@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-universal@3.0.0", + "dependsOn": [ + "@smithy/eventstream-codec@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-codec@3.0.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-node@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-blob-browser@3.0.0", + "dependsOn": [ + "@smithy/chunked-blob-reader-native@3.0.0", + "@smithy/chunked-blob-reader@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader-native@3.0.0", + "dependsOn": [ + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-stream-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/md5-js@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@inquirer/confirm@3.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/core@8.2.2", + "dependsOn": [ + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "@types/mute-stream@0.0.4", + "@types/node@20.14.1", + "@types/wrap-ansi@3.0.0", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-spinners@2.9.2", + "@inquirer/core@8.2.2|cli-width@4.1.0", + "@inquirer/core@8.2.2|mute-stream@1.0.0", + "@inquirer/core@8.2.2|signal-exit@4.1.0", + "strip-ansi@6.0.1", + "@inquirer/core@8.2.2|wrap-ansi@6.2.0" + ] + }, + { + "ref": "@inquirer/core@8.2.2|cli-width@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|mute-stream@1.0.0" + }, + { + "ref": "@inquirer/core@8.2.2|signal-exit@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@inquirer/figures@1.0.3" + }, + { + "ref": "@inquirer/type@1.3.3" + }, + { + "ref": "@types/mute-stream@0.0.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/wrap-ansi@3.0.0" + }, + { + "ref": "@inquirer/input@2.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/select@2.3.5", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "ansi-escapes@4.3.2", + "chalk@4.1.2" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1", + "dependsOn": [ + "@inquirer/confirm@3.1.9", + "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "ansis@3.2.0", + "fast-levenshtein@3.0.0" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "fast-levenshtein@3.0.0", + "dependsOn": [ + "fastest-levenshtein@1.0.16" + ] + }, + { + "ref": "fastest-levenshtein@1.0.16" + }, + { + "ref": "async-retry@1.3.3", + "dependsOn": [ + "retry@0.13.1" + ] + }, + { + "ref": "retry@0.13.1" + }, + { + "ref": "change-case@4.1.2", + "dependsOn": [ + "camel-case@4.1.2", + "capital-case@1.0.4", + "constant-case@3.0.4", + "dot-case@3.0.4", + "header-case@2.0.4", + "no-case@3.0.4", + "param-case@3.0.4", + "pascal-case@3.1.2", + "path-case@3.0.4", + "sentence-case@3.0.4", + "snake-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "camel-case@4.1.2", + "dependsOn": [ + "pascal-case@3.1.2", + "tslib@2.6.3" + ] + }, + { + "ref": "pascal-case@3.1.2", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "capital-case@1.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "no-case@3.0.4", + "dependsOn": [ + "lower-case@2.0.2", + "tslib@2.6.3" + ] + }, + { + "ref": "upper-case-first@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "constant-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case@2.0.2" + ] + }, + { + "ref": "upper-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "dot-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "header-case@2.0.4", + "dependsOn": [ + "capital-case@1.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "lower-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "param-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "path-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "sentence-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "snake-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "find-yarn-workspace-root@2.0.0", + "dependsOn": [ + "micromatch@4.0.5" + ] + }, + { + "ref": "github-slugger@2.0.0" + }, + { + "ref": "got@13.0.0", + "dependsOn": [ + "@sindresorhus/is@5.6.0", + "@szmarczak/http-timer@5.0.1", + "cacheable-lookup@7.0.0", + "cacheable-request@10.2.14", + "decompress-response@6.0.0", + "form-data-encoder@2.1.4", + "get-stream@6.0.1", + "http2-wrapper@2.2.1", + "lowercase-keys@3.0.0", + "p-cancelable@3.0.0", + "responselike@3.0.0" + ] + }, + { + "ref": "@sindresorhus/is@5.6.0" + }, + { + "ref": "@szmarczak/http-timer@5.0.1", + "dependsOn": [ + "defer-to-connect@2.0.1" + ] + }, + { + "ref": "defer-to-connect@2.0.1" + }, + { + "ref": "cacheable-lookup@7.0.0" + }, + { + "ref": "cacheable-request@10.2.14", + "dependsOn": [ + "@types/http-cache-semantics@4.0.4", + "get-stream@6.0.1", + "http-cache-semantics@4.1.1", + "keyv@4.5.4", + "mimic-response@4.0.0", + "normalize-url@8.0.1", + "responselike@3.0.0" + ] + }, + { + "ref": "@types/http-cache-semantics@4.0.4" + }, + { + "ref": "http-cache-semantics@4.1.1" + }, + { + "ref": "mimic-response@4.0.0" + }, + { + "ref": "normalize-url@8.0.1" + }, + { + "ref": "responselike@3.0.0", + "dependsOn": [ + "lowercase-keys@3.0.0" + ] + }, + { + "ref": "decompress-response@6.0.0", + "dependsOn": [ + "decompress-response@6.0.0|mimic-response@3.1.0" + ] + }, + { + "ref": "decompress-response@6.0.0|mimic-response@3.1.0" + }, + { + "ref": "form-data-encoder@2.1.4" + }, + { + "ref": "http2-wrapper@2.2.1", + "dependsOn": [ + "quick-lru@5.1.1", + "resolve-alpn@1.2.1" + ] + }, + { + "ref": "resolve-alpn@1.2.1" + }, + { + "ref": "lowercase-keys@3.0.0" + }, + { + "ref": "p-cancelable@3.0.0" + }, + { + "ref": "normalize-package-data@6.0.1", + "dependsOn": [ + "hosted-git-info@7.0.2", + "is-core-module@2.13.1", + "semver@7.6.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "spdx-correct@3.2.0", + "dependsOn": [ + "spdx-expression-parse@3.0.1", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-expression-parse@3.0.1", + "dependsOn": [ + "spdx-exceptions@2.5.0", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-license-ids@3.0.17" + }, + { + "ref": "spdx-exceptions@2.5.0" + }, + { + "ref": "sort-package-json@2.10.0", + "dependsOn": [ + "detect-indent@7.0.1", + "sort-package-json@2.10.0|detect-newline@4.0.1", + "get-stdin@9.0.0", + "git-hooks-list@3.1.0", + "sort-package-json@2.10.0|globby@13.2.2", + "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "semver@7.6.2", + "sort-object-keys@1.1.3" + ] + }, + { + "ref": "sort-package-json@2.10.0|detect-newline@4.0.1" + }, + { + "ref": "sort-package-json@2.10.0|globby@13.2.2", + "dependsOn": [ + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "sort-package-json@2.10.0|slash@4.0.0" + ] + }, + { + "ref": "sort-package-json@2.10.0|slash@4.0.0" + }, + { + "ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0" + }, + { + "ref": "detect-indent@7.0.1" + }, + { + "ref": "get-stdin@9.0.0" + }, + { + "ref": "git-hooks-list@3.1.0" + }, + { + "ref": "sort-object-keys@1.1.3" + }, + { + "ref": "tiny-jsonc@1.0.1" + }, + { + "ref": "open@10.1.0", + "dependsOn": [ + "default-browser@5.2.1", + "define-lazy-prop@3.0.0", + "is-inside-container@1.0.0", + "open@10.1.0|is-wsl@3.1.0" + ] + }, + { + "ref": "open@10.1.0|is-wsl@3.1.0", + "dependsOn": [ + "is-inside-container@1.0.0" + ] + }, + { + "ref": "default-browser@5.2.1", + "dependsOn": [ + "bundle-name@4.1.0", + "default-browser-id@5.0.0" + ] + }, + { + "ref": "bundle-name@4.1.0", + "dependsOn": [ + "run-applescript@7.0.0" + ] + }, + { + "ref": "run-applescript@7.0.0" + }, + { + "ref": "default-browser-id@5.0.0" + }, + { + "ref": "define-lazy-prop@3.0.0" + }, + { + "ref": "is-inside-container@1.0.0", + "dependsOn": [ + "is-inside-container@1.0.0|is-docker@3.0.0" + ] + }, + { + "ref": "is-inside-container@1.0.0|is-docker@3.0.0" + }, + { + "ref": "prompt-sync@4.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|strip-ansi@5.2.0" + ] + }, + { + "ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|ansi-regex@4.1.1" + ] + }, + { + "ref": "prompt-sync@4.2.0|ansi-regex@4.1.1" + }, + { + "ref": "lodash.truncate@4.4.2" + }, + { + "ref": "tmp@0.2.3" + }, + { + "ref": "ts-jest@29.1.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-jest@29.7.0", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "jest-util@29.7.0", + "jest@29.7.0", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "typescript@5.1.6", + "ts-jest@29.1.4|yargs-parser@21.1.1" + ] + }, + { + "ref": "ts-jest@29.1.4|yargs-parser@21.1.1" + }, + { + "ref": "@ampproject/remapping@2.3.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "js-tokens@4.0.0" + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6", + "dependsOn": [ + "@babel/compat-data@7.24.4", + "@babel/helper-validator-option@7.23.5", + "browserslist@4.23.0", + "lru-cache@5.1.1", + "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + ] + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + }, + { + "ref": "@babel/compat-data@7.24.4" + }, + { + "ref": "@babel/helper-validator-option@7.23.5" + }, + { + "ref": "lru-cache@5.1.1", + "dependsOn": [ + "yallist@3.1.1" + ] + }, + { + "ref": "yallist@3.1.1" + }, + { + "ref": "@babel/helper-module-transforms@7.23.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-module-imports@7.24.3", + "@babel/helper-simple-access@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/helper-validator-identifier@7.22.20" + ] + }, + { + "ref": "@babel/helper-environment-visitor@7.22.20" + }, + { + "ref": "@babel/helper-module-imports@7.24.3", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-simple-access@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-split-export-declaration@7.22.6", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helpers@7.24.4", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-function-name@7.23.0", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-hoist-variables@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-string-parser@7.24.1" + }, + { + "ref": "to-fast-properties@2.0.0" + }, + { + "ref": "gensync@1.0.0-beta.2" + }, + { + "ref": "@jridgewell/resolve-uri@3.1.2" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0", + "dependsOn": [ + "camelcase@5.3.1", + "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "get-package-type@0.1.0", + "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + }, + { + "ref": "camelcase@5.3.1" + }, + { + "ref": "test-exclude@6.0.0", + "dependsOn": [ + "@istanbuljs/schema@0.1.3", + "glob@7.2.3", + "test-exclude@6.0.0|minimatch@3.1.2" + ] + }, + { + "ref": "test-exclude@6.0.0|minimatch@3.1.2", + "dependsOn": [ + "test-exclude@6.0.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@types/babel__generator@7.6.8", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/babel__template@7.4.4", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "babel-preset-jest@29.6.3", + "dependsOn": [ + "@babel/core@7.24.4", + "babel-plugin-jest-hoist@29.6.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "babel-plugin-jest-hoist@29.6.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "ts-mocha@10.0.0", + "dependsOn": [ + "mocha@10.4.0", + "ts-mocha@10.0.0|ts-node@7.0.1", + "tsconfig-paths@3.15.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "dependsOn": [ + "ts-mocha@10.0.0|arrify@1.0.1", + "buffer-from@1.1.2", + "ts-mocha@10.0.0|diff@3.5.0", + "make-error@1.3.6", + "minimist@1.2.8", + "ts-mocha@10.0.0|mkdirp@0.5.6", + "source-map-support@0.5.13", + "ts-mocha@10.0.0|yn@2.0.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|arrify@1.0.1" + }, + { + "ref": "ts-mocha@10.0.0|diff@3.5.0" + }, + { + "ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "ts-mocha@10.0.0|yn@2.0.0" + }, + { + "ref": "buffer-from@1.1.2" + }, + { + "ref": "tsconfig-paths@3.15.0", + "dependsOn": [ + "@types/json5@0.0.29", + "tsconfig-paths@3.15.0|json5@1.0.2", + "minimist@1.2.8", + "tsconfig-paths@3.15.0|strip-bom@3.0.0" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0" + }, + { + "ref": "@types/json5@0.0.29" + }, + { + "ref": "@cspotcode/source-map-support@0.8.1", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9" + ] + }, + { + "ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "@tsconfig/node10@1.0.11" + }, + { + "ref": "@tsconfig/node12@1.0.11" + }, + { + "ref": "@tsconfig/node14@1.0.3" + }, + { + "ref": "@tsconfig/node16@1.0.4" + }, + { + "ref": "acorn-walk@8.3.2" + }, + { + "ref": "create-require@1.1.1" + }, + { + "ref": "diff@4.0.2" + }, + { + "ref": "v8-compile-cache-lib@3.0.1" + }, + { + "ref": "yn@3.1.1" + }, + { + "ref": "tsimportlib@0.0.5" + }, + { + "ref": "@colors/colors@1.6.0" + }, + { + "ref": "@dabh/diagnostics@2.0.3", + "dependsOn": [ + "colorspace@1.1.4", + "enabled@2.0.0", + "kuler@2.0.0" + ] + }, + { + "ref": "colorspace@1.1.4", + "dependsOn": [ + "colorspace@1.1.4|color@3.2.1", + "text-hex@1.0.0" + ] + }, + { + "ref": "colorspace@1.1.4|color@3.2.1", + "dependsOn": [ + "colorspace@1.1.4|color-convert@1.9.3", + "color-string@1.9.1" + ] + }, + { + "ref": "colorspace@1.1.4|color-convert@1.9.3", + "dependsOn": [ + "colorspace@1.1.4|color-name@1.1.3" + ] + }, + { + "ref": "colorspace@1.1.4|color-name@1.1.3" + }, + { + "ref": "text-hex@1.0.0" + }, + { + "ref": "enabled@2.0.0" + }, + { + "ref": "kuler@2.0.0" + }, + { + "ref": "logform@2.6.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@types/triple-beam@1.3.5", + "fecha@4.2.3", + "ms@2.1.3", + "safe-stable-stringify@2.4.3", + "triple-beam@1.4.1" + ] + }, + { + "ref": "fecha@4.2.3" + }, + { + "ref": "safe-stable-stringify@2.4.3" + }, + { + "ref": "triple-beam@1.4.1" + }, + { + "ref": "one-time@1.0.0", + "dependsOn": [ + "fn.name@1.1.0" + ] + }, + { + "ref": "fn.name@1.1.0" + }, + { + "ref": "string_decoder@1.3.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "stack-trace@0.0.10" + }, + { + "ref": "winston-transport@4.7.0", + "dependsOn": [ + "logform@2.6.0", + "readable-stream@3.6.2", + "triple-beam@1.4.1" + ] + }, + { + "ref": "xlsx-populate@1.21.0", + "dependsOn": [ + "cfb@1.2.2", + "jszip@3.10.1", + "lodash@4.17.21", + "xlsx-populate@1.21.0|sax@1.3.0" + ] + }, + { + "ref": "xlsx-populate@1.21.0|sax@1.3.0" + }, + { + "ref": "cfb@1.2.2", + "dependsOn": [ + "adler-32@1.3.1", + "crc-32@1.2.2" + ] + }, + { + "ref": "adler-32@1.3.1" + }, + { + "ref": "crc-32@1.2.2" + }, + { + "ref": "jszip@3.10.1", + "dependsOn": [ + "lie@3.3.0", + "pako@1.0.11", + "jszip@3.10.1|readable-stream@2.3.8", + "setimmediate@1.0.5" + ] + }, + { + "ref": "jszip@3.10.1|readable-stream@2.3.8", + "dependsOn": [ + "core-util-is@1.0.3", + "inherits@2.0.4", + "isarray@1.0.0", + "process-nextick-args@2.0.1", + "jszip@3.10.1|safe-buffer@5.1.2", + "jszip@3.10.1|string_decoder@1.1.1", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "jszip@3.10.1|safe-buffer@5.1.2" + }, + { + "ref": "jszip@3.10.1|string_decoder@1.1.1", + "dependsOn": [ + "jszip@3.10.1|safe-buffer@5.1.2" + ] + }, + { + "ref": "lie@3.3.0", + "dependsOn": [ + "immediate@3.0.6" + ] + }, + { + "ref": "immediate@3.0.6" + }, + { + "ref": "pako@1.0.11" + }, + { + "ref": "core-util-is@1.0.3" + }, + { + "ref": "isarray@1.0.0" + }, + { + "ref": "process-nextick-args@2.0.1" + }, + { + "ref": "setimmediate@1.0.5" + }, + { + "ref": "sax@1.2.1" + }, + { + "ref": "xmlbuilder@11.0.1" + }, + { + "ref": "zip-lib@1.0.4", + "dependsOn": [ + "yauzl@3.1.3", + "yazl@2.5.1" + ] + }, + { + "ref": "yauzl@3.1.3", + "dependsOn": [ + "buffer-crc32@0.2.13", + "pend@1.2.0" + ] + }, + { + "ref": "buffer-crc32@0.2.13" + }, + { + "ref": "pend@1.2.0" + }, + { + "ref": "yazl@2.5.1", + "dependsOn": [ + "buffer-crc32@0.2.13" + ] + } + ], + "data": { + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "serialNumber": "urn:uuid:7103f08b-5c5e-4b5b-b2c7-d4be65fa19fe", + "metadata": { + "timestamp": "2024-07-08T18:08:55.978Z", + "tools": [ + { + "name": "npm", + "version": "10.7.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "1.19.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "6.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "saf", + "group": "@mitre", + "version": "1.4.7", + "bom-ref": "@mitre/saf@1.4.7", + "author": "The MITRE Security Automation Framework", + "description": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/saf@1.4.7?vcs_url=git%2Bhttps%3A//github.com/mitre/saf.git", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/saf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/saf", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/saf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + } + ] + } + } + } + } + ], + "raw": { + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "serialNumber": "urn:uuid:7103f08b-5c5e-4b5b-b2c7-d4be65fa19fe", + "metadata": { + "timestamp": "2024-07-08T18:08:55.978Z", + "tools": [ + { + "name": "npm", + "version": "10.7.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "1.19.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "6.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "saf", + "group": "@mitre", + "version": "1.4.7", + "bom-ref": "@mitre/saf@1.4.7", + "author": "The MITRE Security Automation Framework", + "description": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/saf@1.4.7?vcs_url=git%2Bhttps%3A//github.com/mitre/saf.git", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/saf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/saf", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/saf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + } + ] + } + }, + "components": [ + { + "type": "library", + "name": "client-config-service", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Config Service Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-config-service@3.590.0#clients/client-config-service", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-config-service", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-config-service", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ad29ae81b639104043527461f1bd58d83f0294a7d812a161b7210ff7855d54705dae36775d2b2269d856e08b21e4ed081c2c93ba6c189b90327e25fcb03aa3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/token-providers" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha256-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-browser/-/sha256-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f152e65b607e82315b539b8c7aab5033a363d3f1756eba3cd31417096e824015a0a2c1565d3c7beda78e17908020099b38aeb849d30125d36be89e35c8fe66bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "ie11-detection", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions and types for detecting if the host environment is IE11", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/ie11-detection@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/ie11-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/ie11-detection/-/ie11-detection-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df8d650419226350df0cd29a8bfc173376ae8cd0645d1eedab55113d00cbf708b70146c8f34351ef8b85d535c7326ee9a3501c9c593c8aed92d88794ffefc0f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha256-js", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-js@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-js@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-js/-/sha256-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e734dee8b34fb27755ef5c0cb6dc214e9936cc683c60c57b53287c9bac9dfd63c906cc10138011626d624a1fa061cad2c8fd9caccecf3bc4238137206283abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "supports-web-crypto", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions for detecting if the host environment supports the WebCrypto API", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/supports-web-crypto@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/supports-web-crypto", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/supports-web-crypto/-/supports-web-crypto-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d3a84174cc1401bd96153b861bbdcb482d307cfbbddf15b0a39bcbd9eb7d7b29a09aedc8779bc500705b6a355688684f3b7eea72c7426a9fc5a97bc918958f22" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "util", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/util@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/util@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/util", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/util/-/util-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8e265a5e269091e3c082f2bfae2950a1cecf48ba7823f70919ae5f19d38d435845afc881c82d82823cdcc98212ac8af8fe4b798ba3a05573b981373771038eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/util@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/types@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.577.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "153d896444b7c0128dfda95f9a1968fb764eabf5c9d02ed039970336ba4a8c1d24a98a0a8e154a67f1f1e80ad1d1cce429f1f304112ceb2e3479b207c769d298" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/types" + } + ] + }, + { + "type": "library", + "name": "util-utf8-browser", + "group": "@aws-sdk", + "version": "3.259.0", + "bom-ref": "@aws-sdk/util-utf8-browser@3.259.0", + "author": "AWS SDK for JavaScript Team", + "description": "A browser UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-utf8-browser@3.259.0#packages/util-utf8-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-utf8-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-utf8-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52f15afef47e7b5f57a2891917c47315906bc361149105b18815b4c9840086f9370be4151a5d07de8b9c6bc2c306505f40a5f0996de1ba8ff9f47f2bc1bd7027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-utf8-browser" + } + ] + }, + { + "type": "library", + "name": "util-locate-window", + "group": "@aws-sdk", + "version": "3.535.0", + "bom-ref": "@aws-sdk/util-locate-window@3.535.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-locate-window@3.535.0#packages/util-locate-window", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-locate-window", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-locate-window", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.535.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c727748be9dda3a5c81ba9d8223f1917a6eec3adcd8f6158b0c5222abef30a843c33481d56de632fb69cf028ce0813bccb168759a3418a8c9f40b285e775784" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-locate-window" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "2.6.3", + "bom-ref": "tslib@2.6.3", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@2.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4dbf12443948963c6854b9475080024f28e3897c69c8c8ac9239cd3d5e42ac81d515ff7136cefc1961d7a38e64603c281cca6d63b8b1f7db6eb203bb0414929" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-host-header@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.577.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c6b9309cf8e7908e0c8557b34fec5a6266eeddd03b81146b5cdff2913c82b2e9cdfd09f786f3fec9035a6dfb3e58b5dd3dd66804011c24e21f681455f0ac5a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-host-header" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-logger@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.577.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68f146a468d365c25893edb86e0ee34f85dd229e369855d2b8fb78f65c392b281e7cbc8933fb01d1b28aa8f6188af5b4adcb99f5bad0e7c79950db61af3600be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-logger" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.577.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a67dd95447768a86ca2654771fe6c38a51e38119cdad0e873262bd673670f3d0a49f70dc6efe3cc4ebf8449beed1a53c4832e5fd2342c69a4a8de2c34cf18134" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-recursion-detection" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.577.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc40331e047a1d6a59387ef11607892dcebf0b331cc789f1790a25671559a01e693da25ddc28f246164dd315de641d1721109699be322418328ae8172cd3242c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-browser" + } + ] + }, + { + "type": "library", + "name": "config-resolver", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/config-resolver@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/config-resolver@3.0.1#packages/config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85b91825cdb44810f3daaa8bcedb6323f12a5de9ad996934a284739cbb225e9df4eba290453bee2876bb5388c264226ae83a33aafcb4475fef344482f629cf26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/config-resolver" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@smithy", + "version": "2.1.1", + "bom-ref": "@smithy/core@2.1.1", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/core@2.1.1#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/core/-/core-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2f6c8c3051c83414c85354980c85bb1148014bd2bc1dbb2fce433ed7ab5a495c93b2686bfe3c68e3d6219ac119730543c0e41909bfb4baabe614d94f2093f58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/core" + } + ] + }, + { + "type": "library", + "name": "fetch-http-handler", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/fetch-http-handler@3.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/fetch-http-handler@3.0.1#packages/fetch-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/fetch-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/fetch-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9a1fbe22e410e3fab070a106978a82a923448704916d395c33ac2a71671a61396d248b98e18fb757bc33183362097a6f13a5d16f4b6882d3cb2339b95f14616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/fetch-http-handler" + } + ] + }, + { + "type": "library", + "name": "hash-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-node@3.0.0#packages/hash-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f38a97b2d35e98fdd74b98dca1fd1e97af9b0df8f3baf8493d04c47eba37960b5b0ad2a0ccf9b7320892e9e85754f8de439f894b41ea993cfc7ff4587f31d5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-node" + } + ] + }, + { + "type": "library", + "name": "invalid-dependency", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/invalid-dependency@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/invalid-dependency@3.0.0#packages/invalid-dependency", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/invalid-dependency", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/invalid-dependency", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17ac0105a105809ce3d2ce0a5259622063e6a977a6c0fe846af82f0ea630087e343b95ebda2307bd2f2da1d986559b6e242a2b0645ec60bc93bb83ee8b356ae6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/invalid-dependency" + } + ] + }, + { + "type": "library", + "name": "middleware-content-length", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-content-length@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-content-length@3.0.0#packages/middleware-content-length", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-content-length", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-content-length", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc2e2ce1dfe21a86e00ad936b67596ebecd24ce060d4f4409b6bed5992ddae2c13ae815b6d6352af795ccb31ddad01e71176020b92b9d846e97e875a21463cb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-content-length" + } + ] + }, + { + "type": "library", + "name": "middleware-endpoint", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/middleware-endpoint@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-endpoint@3.0.1#packages/middleware-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "950fd439d183e0a33990b662025d2af10cb774f6f29ef0172807579d896b0353a9694c2bfa7792b15a240d9a58e9955be58c7c8e7bacdbdbafe975a933d3f849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-endpoint" + } + ] + }, + { + "type": "library", + "name": "middleware-retry", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/middleware-retry@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-retry@3.0.3#packages/middleware-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5af7b5ab325bf3754453feaafbf2347107409039eecc42c2e88bc80700f3504886a4aa97817d6fd74154b9919b452e8ebff3fe1c7b61700a07389650bd934090" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-retry" + } + ] + }, + { + "type": "library", + "name": "middleware-serde", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-serde@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-serde@3.0.0#packages/middleware-serde", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-serde", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-serde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "235bca1b57e823ea0f806f6bec8318d52fb10679809f5212aa9968cafaa4c07a126fc54fb278070d33a0606601a27b8e2a775a591506259aca6182c1f809deeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-serde" + } + ] + }, + { + "type": "library", + "name": "middleware-stack", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-stack@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a means for composing multiple middleware functions into a single handler", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-stack@3.0.0#packages/middleware-stack", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-stack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-stack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87d239b27c0c874455e6eb0ba7b24b8d02ab63ef27e6c0507a169dfb7a7cada76ab4e3bfce77dc5eb446946e5bb22263a51a71a969519a55f8f06b04abfa2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-stack" + } + ] + }, + { + "type": "library", + "name": "node-config-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/node-config-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "Load config default values from ini config files and environmental variable", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-config-provider@3.1.0#packages/node-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e07c1f1022d51f4c54df1ccbcab9cda0d56eb4575bab220647a83d49345642dad4d65da86a7f65ef297a9c052ef266a47b1aa910419cb5d72fe534e516ceaed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-config-provider" + } + ] + }, + { + "type": "library", + "name": "node-http-handler", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/node-http-handler@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-http-handler@3.0.0#packages/node-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dedac3e2becd38cca0c0b6d4268e1ea1dc90bb2a405abeeebcf9de6cd27d6bbd1d421567f944bc8ff9429efa094ba0577d9785ecf924908d037a6549c3e9fe79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-http-handler" + } + ] + }, + { + "type": "library", + "name": "protocol-http", + "group": "@smithy", + "version": "4.0.0", + "bom-ref": "@smithy/protocol-http@4.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/protocol-http@4.0.0#packages/protocol-http", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/protocol-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/protocol-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e4193842365cb5915813bd020218b87baa8d9d9cb32afcfc89601431c336e2202c0311c76065f1c9395390fa561f433dda1a569bb3c1631ad3171d2f83bf01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/protocol-http" + } + ] + }, + { + "type": "library", + "name": "smithy-client", + "group": "@smithy", + "version": "3.1.1", + "bom-ref": "@smithy/smithy-client@3.1.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/smithy-client@3.1.1#packages/smithy-client", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/smithy-client", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/smithy-client", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63e0abbb329cd947c72656e3dc49bacb155c66a6d5a4b6624cc124ffb8812ae2c6ab69b11d17c09b99075807bb89fd7e7542ad846309d1b284bb85d47807bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/smithy-client" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/types@3.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/types@3.0.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/types/-/types-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "56f5ae424d91285b8eafdf201618dc6bb7e4052fb12cb5114fc6d48e4e5742857464b9bb58fc163cf637fc0c334cbb940437a82830ad85f7b502c4d459a48487" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/types" + } + ] + }, + { + "type": "library", + "name": "url-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/url-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/url-parser@3.0.0#packages/url-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/url-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/url-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d972dacc5814bbe60e187b568a10771522c07c251a8d57cd05718662339a54a8cb02e031c77a52058de10602f3220075ee169fe7d80e1b78a62aa4f2f2672b8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/url-parser" + } + ] + }, + { + "type": "library", + "name": "util-base64", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-base64@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A Base64 <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-base64@3.0.0#packages/util-base64", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-base64", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-base64", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-base64/-/util-base64-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b1be887942db74083b1f6a3899382a49c60b4f1d738ac2633e672e30683e3752810c03ea8fc716bdf1a13fed985d9c115915730e881479c5b71a3212edce741" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-base64" + } + ] + }, + { + "type": "library", + "name": "util-body-length-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in browsers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-browser@3.0.0#packages/util-body-length-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-browser/-/util-body-length-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71b8c9b3603598b626aa6c9597cd2ea0b4c984071fccc3b23e08f0018bac58a31d2de36dce6333f58c4d977fe344ba31492df092a91fd23c0d76d5d6b7210169" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-browser" + } + ] + }, + { + "type": "library", + "name": "util-body-length-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-node@3.0.0#packages/util-body-length-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-node/-/util-body-length-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3ee96786d49683543fa3f3c2137b2b7f3ab664a61044fd42d420d1381d34e9f1859bc2b2c1e38bea194d422ecf110245f1bcadd9b63ccc3658216ce9e21890" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-node" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-browser", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-browser@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-browser@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc314e3766ef5c902e9097bea8580f57fae8ac6ed90f79b88230971c3d55e73fed80a429e4c09308b9edaddebcead5fab63f14962de579f59726e74d8395a608" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-browser" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-node", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-node@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-node@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f46fc1895de713d346daa124372227aede4de667b198f30d739a0f29768818ac6bd625e2dc21c96a93681b906e0ad03681196aceeafeabdb48b02057c362b98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-node" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@smithy", + "version": "2.0.1", + "bom-ref": "@smithy/util-endpoints@2.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-endpoints@2.0.1#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6514f45423a72a556885fa0004c73c956790a3f24416e3d672d7cd4578131dbc8e56cb0c38b60550d5ae931c621d119502157e9f773490f5becd4a9c92354f10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-middleware", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-middleware@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-middleware@3.0.0#packages/util-middleware", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-middleware", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-middleware", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab921374e9d5da95c74950e7296af08123530c100c1cba6d144d3bb9aff94f2e56275d5bbebd2f9366bb6a0bbba9186b085450967a39bb70a7794e4410b2be0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-middleware" + } + ] + }, + { + "type": "library", + "name": "util-retry", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-retry@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared retry utilities to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-retry@3.0.0#packages/util-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9caf7d6ef262ce21affd438a2650ef145e39174d1680f2ca5481947c02be98387354dda16ff4b7dee5b64e5860e4f541a2a63bb4356a2f4ce6bb83b1007828f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-retry" + } + ] + }, + { + "type": "library", + "name": "util-utf8", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-utf8@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-utf8@3.0.0#packages/util-utf8", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-utf8", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-utf8", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad4793d766f1167a656037bcd791976eafe88b11061df44516d71317761d0e2fc968434833a6926182c9c9d1bcdd43732d77912392bc69b61dffc4a9fd033490" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-utf8" + } + ] + }, + { + "type": "library", + "name": "signature-v4", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/signature-v4@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A standalone implementation of the AWS Signature V4 request signing algorithm", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/signature-v4@3.0.0#packages/signature-v4", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/signature-v4", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/signature-v4", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91714e90d5fe0501dedaa9cbc693046824466a9f49ead5062f373703d8dd9fe9c3e0974cc0229327ecc5c10db41a463e9805c66adc93c371dca14951dfd1f098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/signature-v4" + } + ] + }, + { + "type": "library", + "name": "is-array-buffer", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/is-array-buffer@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a function for detecting if an argument is an ArrayBuffer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/is-array-buffer@3.0.0#packages/is-array-buffer", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/is-array-buffer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/is-array-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f85b2ee90e82e114898b2f3563c780a63101e6056d33ea052937df83e8d2bb0b6fa26249ae150906edb34bcc235d2807fe0d4c2845abcf20a14c17ba7256f915" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/is-array-buffer" + } + ] + }, + { + "type": "library", + "name": "util-hex-encoding", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-hex-encoding@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Converts binary buffers to and from lowercase hexadecimal encoding", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-hex-encoding@3.0.0#packages/util-hex-encoding", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-hex-encoding", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-hex-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-hex-encoding/-/util-hex-encoding-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7859dd8755842b960c518bf2de53e5566618fdf65c404d43f2849fe3521ddaf09e2242895cf7180c2643fb8fb156223a6f55d277bb44face40997cf3e6295a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-hex-encoding" + } + ] + }, + { + "type": "library", + "name": "util-uri-escape", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-uri-escape@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-uri-escape@3.0.0#packages/util-uri-escape", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-uri-escape", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-uri-escape", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-uri-escape/-/util-uri-escape-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2ea47ba982e06530fb9d62c179c522e1aaa8970f0c8736bd02ba4d110f3cd4c249214dac13988708ae93772aaacdc0cbcb438f7b5d086384fc72d55db729ee6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-uri-escape" + } + ] + }, + { + "type": "library", + "name": "strnum", + "version": "1.0.5", + "bom-ref": "strnum@1.0.5", + "author": "Amit Gupta", + "description": "Parse String to Number based on configuration", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strnum@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/strnum.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27c6db37228a5e5e6a61c477e9320ef16de6546547ae69b1b1de4f008b46926cb3c09bf26e2c36215ab99ea7748b82d2352901fecc7d5479656df15dafd93524" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strnum" + } + ] + }, + { + "type": "library", + "name": "property-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/property-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/property-provider@3.1.0#packages/property-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/property-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/property-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3dfea1586a75981e9a30a25a31650037e1bcb1780bfb8a0ee2a8effb6512c450f7edde982ade476c67763f7bd104914ac882114f21656dfff0942efa7e70e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/property-provider" + } + ] + }, + { + "type": "library", + "name": "util-stream", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/util-stream@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-stream@3.0.1#packages/util-stream", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5ed534d840b1f31103c23df3a61d398e5f134fd3d7f663145e8e2ecaa4bd054d3f7bd9feccd80df182ca985bee2a00d3daf7d8aff4a9b4857cd154ebc692cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-stream" + } + ] + }, + { + "type": "library", + "name": "credential-provider-imds", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/credential-provider-imds@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/credential-provider-imds@3.1.0#packages/credential-provider-imds", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/credential-provider-imds", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/credential-provider-imds", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab8038777f2ff296189ac7aefe34d2dd9e48df35e510e7b939b8be109ade54a8125725941ce77bff26950a29c2eb4406e0c4720acf7cb5cc411f520c0b46eeed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/credential-provider-imds" + } + ] + }, + { + "type": "library", + "name": "shared-ini-file-loader", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/shared-ini-file-loader@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/shared-ini-file-loader@3.1.0#packages/shared-ini-file-loader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/shared-ini-file-loader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/shared-ini-file-loader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74033bc125f4351dea4cdc8654dfe7c30a440f37d5f53ff700dd9e0011315a675ae55a99292b2394836aa263b98634161aff88224a177ecdeedaf192373f3e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/shared-ini-file-loader" + } + ] + }, + { + "type": "library", + "name": "util-config-provider", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-config-provider@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities package for configuration providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-config-provider@3.0.0#packages/util-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-config-provider/-/util-config-provider-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5b8e4e2cd1fc2adc38bf00d2feac2bc930a3396f3010744e52ffa44be4d5e0304c45022e9481030f3a6e723da2163e9afe10e5ca5d1a27277168c4a7f898225" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-config-provider" + } + ] + }, + { + "type": "library", + "name": "bowser", + "version": "2.11.0", + "bom-ref": "bowser@2.11.0", + "author": "Dustin Diaz", + "description": "Lightweight browser detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bowser@2.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/lancedikson/bowser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lancedikson/bowser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lancedikson/bowser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bowser/-/bowser-2.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02571a2418bfa6aa8904843c53d31ca5cf62f00ab19fcf1292fe5dfb1057d34e81639bbc3779862c76b92e0a696bb2ff1dfc20c0b819e8d62cf8083ab9498944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bowser" + } + ] + }, + { + "type": "library", + "name": "querystring-builder", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-builder@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-builder@3.0.0#packages/querystring-builder", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d6f058b4373c9f904d13990a610d7af50260436cad35700e02d59ee0830300539443cf9000bff2a6a11c334004b49315cd7ff0f600b4c48302b45367382ed46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-builder" + } + ] + }, + { + "type": "library", + "name": "util-buffer-from", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-buffer-from@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-buffer-from@3.0.0#packages/util-buffer-from", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-buffer-from", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-buffer-from", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6843870a0ab945615b3fe5033ef3e8b76e842478ce0be6d182c7b903c5771524a1a9de44e54378a9cef3930b2f24f3c056c7fbdd0c18707375fe0b7faed2f040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-buffer-from" + } + ] + }, + { + "type": "library", + "name": "service-error-classification", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/service-error-classification@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/service-error-classification@3.0.0#packages/service-error-classification", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/service-error-classification", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/service-error-classification", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc1b01b4e52dd86b277375f6ddec3eaf633bd56c2da477c40c684760748383aab5b7c16b5a1d798d3db90cb6a3155d47f8fa71009ea0a9ef7261e454b2649d14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/service-error-classification" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "9.0.1", + "bom-ref": "uuid@9.0.1", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@9.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fed5e24e96c47d2bc1c9a68c3d3a4ddf896396488708cd7a1dbefd2b42356839536958ca717f5c19369b78cbd875d2874236baa7629d4e073464b5c9017b7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "querystring-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-parser@3.0.0#packages/querystring-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5331f0b6193450471c578747ccfc929c1cb7e005b0dd5f6522a513c66a3343ec0f0c03bd72c09631f38b7bb57d0366a0358cbbc44f8f6f44ba2bf276dc94b37d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-parser" + } + ] + }, + { + "type": "library", + "name": "client-securityhub", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-securityhub@3.590.0#clients/client-securityhub", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-securityhub", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-securityhub", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cc0da783606c03b91489ecb6ea697c41b66088bb51a013b0e30dcec6364162dfcd31500d89bb9108bf63959a057c2f7b3f54f245c9baebdde57ee35adba1f92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/token-providers" + } + ] + } + ] + }, + { + "type": "library", + "name": "xlsx", + "group": "@e965", + "version": "0.20.1", + "bom-ref": "@e965/xlsx@0.20.1", + "author": "sheetjs", + "description": "SheetJS Spreadsheet data parser and writer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40e965/xlsx@0.20.1", + "externalReferences": [ + { + "url": "git+https://github.com/e965/sheetjs-npm-publisher.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://git.sheetjs.com/SheetJS/sheetjs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@e965/xlsx/-/xlsx-0.20.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd1bfc34b0751fa6aa43266ddff80b8ddd31919b07fbf588462e181c0c359281123533cf9b35c96cfa8ed8730dec3641d6f9c5d5448ac50f59bd2d12f4baa66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@e965/xlsx" + } + ] + }, + { + "type": "library", + "name": "emass_client", + "group": "@mitre", + "version": "3.10.0", + "bom-ref": "@mitre/emass_client@3.10.0", + "author": "OpenAPI-Generator Contributors", + "description": "OpenAPI client for @mitre/emass_client", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/emass_client@3.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/emass_client.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/emass_client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/emass_client/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/emass_client/-/emass_client-3.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e10952e45a11106c15df5d35d150ad7a8e7d7a76cf08d11405e99a1331c422a5284f08bf4b64a4f7c4d429d31838c0a53f826d363e984cfaad76ae2fe821e705" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client" + } + ], + "components": [ + { + "type": "library", + "name": "axios", + "version": "0.21.4", + "bom-ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@0.21.4", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bade6f7b0922bbc8e318176aa4ce385f18ee0a3abd2c029e1d59a855f1d5cf2f1e1e0c71abc49b01540da2f0c0f26562d3990fd046bf9ff5337121dc4c941f36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client/node_modules/axios" + } + ] + } + ] + }, + { + "type": "library", + "name": "follow-redirects", + "version": "1.15.6", + "bom-ref": "follow-redirects@1.15.6", + "author": "Ruben Verborgh", + "description": "HTTP and HTTPS modules that follow redirects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/follow-redirects@1.15.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/follow-redirects/follow-redirects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1637ad9821311a3a948ae7ce0465725a7c7d401a93bc45580495f92e5db4ceacf5f87c87cec84a56fc2b2235df09758ac0a0ebda7d14ce127bec3befaa0aa14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/follow-redirects" + } + ] + }, + { + "type": "library", + "name": "hdf-converters", + "group": "@mitre", + "version": "2.10.8", + "bom-ref": "@mitre/hdf-converters@2.10.8", + "description": "Converter util library used to transform various scan results into HDF format", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/hdf-converters@2.10.8", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/hdf-converters" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@mdi", + "version": "7.4.47", + "bom-ref": "@mdi/js@7.4.47", + "author": "Austin Andrews", + "description": "Dist for Material Design Icons for JS/TypeScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mdi/js@7.4.47", + "externalReferences": [ + { + "url": "git+https://github.com/Templarian/MaterialDesign-JS.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mdi/js/-/js-7.4.47.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28f9cd3ad9b98b6a4c69ba99c69533ee241ffa67eb619c8a099f10373f39733804b7b72e1dc1a8ad67ddcd4316600d120fe6ba1e7e05989f98873cf38e44d9ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mdi/js" + } + ] + }, + { + "type": "library", + "name": "jsonix", + "group": "@mitre", + "version": "3.0.7", + "bom-ref": "@mitre/jsonix@3.0.7", + "author": "Alexey Valikov", + "description": "Jsonix (JSON interfaces for XML) is a JavaScript library which allows converting between XML and JSON structures.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause", + "url": "http://github.com/highsource/jsonix/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/%40mitre/jsonix@3.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mitre/jsonix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/mitre/jsonix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/mitre/jsonix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/jsonix/-/jsonix-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f1a0cd2f6bf46f606a68e8bedc77fdfc4b8d914315cc53d83aeb0bc7d318fcacbd2cbcf60f90718062fcfa1e669d8a53887c859271a6e16aff3059b3ee81cb63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/jsonix" + } + ] + }, + { + "type": "library", + "name": "xmldom", + "group": "@xmldom", + "version": "0.8.10", + "bom-ref": "@xmldom/xmldom@0.8.10", + "description": "A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40xmldom/xmldom@0.8.10", + "externalReferences": [ + { + "url": "git://github.com/xmldom/xmldom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xmldom/xmldom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xmldom/xmldom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9600b7d3978c68d9290609846deab0d315f93d475733981bd4432d7680ad8ab91288a5612171b6f3cbc1195edcff8e446a1d7f1b14473a142d478d7e1351663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@xmldom/xmldom" + } + ] + }, + { + "type": "library", + "name": "amdefine", + "version": "0.0.4", + "bom-ref": "amdefine@0.0.4", + "author": "James Burke", + "description": "Provide AMD's define() API for declaring modules in the AMD format", + "licenses": [ + { + "license": { + "name": "BSD", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/amdefine@0.0.4", + "externalReferences": [ + { + "url": "http://github.com/jrburke/amdefine.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://registry.npmjs.org/amdefine/-/amdefine-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbdb8d95aaa6f246746d80ee845b759aa3682ccd88e00b12781fba75d74d8927e6465251ab7f0852e36d503e3ec4eccea0f96d387cd2be795282c70c7e99c30e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/amdefine" + } + ] + }, + { + "type": "library", + "name": "xmlhttprequest", + "version": "1.8.0", + "bom-ref": "xmlhttprequest@1.8.0", + "author": "Dan DeFelippi", + "description": "XMLHttpRequest for Node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlhttprequest@1.8.0", + "externalReferences": [ + { + "url": "git://github.com/driverdan/node-XMLHttpRequest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/driverdan/node-XMLHttpRequest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/driverdan/node-XMLHttpRequest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c226fd4d2695504b337f0d7598c7ca1b8cb42a9aeb5e3af64d983ff01a3dbbc2a15f5a4065296c9063d50466db2b518954010ff7ecc3b2f66c9183550b3004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlhttprequest" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "group": "@types", + "version": "1.4.5", + "bom-ref": "@types/csv2json@1.4.5", + "description": "TypeScript definitions for csv2json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/csv2json@1.4.5#types/csv2json", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/csv2json", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/csv2json/-/csv2json-1.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d79d88c649cffcca76149023a6968d23036bdae7d65ed55c6cd814fb651371ac12af61569ea85a4e4dac2153a6967b4503226b19d3400acdc0ccacf9808a4d38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/csv2json" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "group": "@types", + "version": "1.4.4", + "bom-ref": "@types/pumpify@1.4.4", + "description": "TypeScript definitions for pumpify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pumpify@1.4.4#types/pumpify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pumpify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pumpify/-/pumpify-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9c59b41479c0f4e0c41892334184f99c5083f7ebc6a5a189aa9be22674c280f2b329c51340859003ea0223fac0154c5d43962aab4ffa94a7a686362ffd537b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "group": "@types", + "version": "3.6.4", + "bom-ref": "@types/duplexify@3.6.4", + "description": "TypeScript definitions for duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/duplexify@3.6.4#types/duplexify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/duplexify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/duplexify/-/duplexify-3.6.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e6a154fb1df9dcb708be85ba003325cc68ada5a15208591844099ecd644ca7c25d6289e621bf564681d39c1156b0ca1df3852aa6f45f491787dd5e13df5166" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/duplexify" + } + ] + }, + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.14.1", + "bom-ref": "@types/node@20.14.1", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.14.1#types/node", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f633348612efb2b01fc59167ea9a15773cbc90968c1da6d9a6803db40ba431b12f059afe528e96756b25da102d12db5fe1e5427d880e96ff9bd2354e65d3438" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "ms", + "group": "@types", + "version": "0.7.34", + "bom-ref": "@types/ms@0.7.34", + "description": "TypeScript definitions for ms", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/ms@0.7.34#types/ms", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/ms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/ms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c6f7a1b75a9e9a73202026a19ab233836fe69cac8eca96d3e2471cc73d79cfdcd808dbc6e940346fe77a256ea1976df7201796a288798edf1a701294b92ddf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "group": "@types", + "version": "4.2.5", + "bom-ref": "@types/mustache@4.2.5", + "description": "TypeScript definitions for mustache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mustache@4.2.5#types/mustache", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mustache", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mustache", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3cbc2256f4c1839f6d1852fff15a5c1afa8ebb72f83aebde36f3e2d0461b59c85174454ffbec9151724f165f82029284ab5df4d7bff835feda439953b4750db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "group": "@types", + "version": "5.3.14", + "bom-ref": "@types/papaparse@5.3.14", + "description": "TypeScript definitions for papaparse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/papaparse@5.3.14#types/papaparse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/papaparse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/papaparse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/papaparse/-/papaparse-5.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f127888415ca6a73a3044f0a7d7fa055e9555ce379ba31f1f456a168b07beb5207d78857bac30ed1de2b64390f9308ae98f88bfff919e7bed4599e473929cf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "group": "@types", + "version": "0.3.12", + "bom-ref": "@types/revalidator@0.3.12", + "description": "TypeScript definitions for revalidator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/revalidator@0.3.12#types/revalidator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/revalidator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/revalidator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/revalidator/-/revalidator-0.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ec0368c77f3ef725a211395a0c0ddff1ee75565c19847434a85c1e324250f3bff342064158d9f30793213a0c6aefa282c30057b9408ea5f56ab44e0768a4cb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/revalidator" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/triple-beam@1.3.5", + "description": "TypeScript definitions for triple-beam", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/triple-beam@1.3.5#types/triple-beam", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/triple-beam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/triple-beam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/triple-beam/-/triple-beam-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e966987ac4e144c0a5d7d8abc8c60feffc76395802b5b2157e50c61695a76fd8ab5c8dd48d8138033998ba250a635009b2d1a28e863e32052cccc811c4861363" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/triple-beam" + } + ] + }, + { + "type": "library", + "name": "validator", + "group": "@types", + "version": "13.12.0", + "bom-ref": "@types/validator@13.12.0", + "description": "TypeScript definitions for validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/validator@13.12.0#types/validator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/validator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/validator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c7e392e4ee83c8275455385e8980523a0f2d10a47133ab841e71986f82ec583c3c13f1cf77a6b08ca80b6222db66dfdbe867e0c347eaa436732926630146a6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/validator" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "group": "@types", + "version": "0.4.14", + "bom-ref": "@types/xml2js@0.4.14", + "description": "TypeScript definitions for xml2js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/xml2js@0.4.14#types/xml2js", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/xml2js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e189eb45e9814a15913b6423bd48a7f04480e35ac7fbd9d018b506655ff5203862dd22fd3a1769342fccaee9535aea6d5cac21c7f683c44eeda15d1fff2a485d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/xml2js" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "1.7.2", + "bom-ref": "axios@1.7.2", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@1.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80f1084e32b6e89a50ee88b78af5789b201cee1de45caaa34e1e9d02ca9e44a09d4814387e5d91f703a0645edbf42b880518223463804cec1d703848b446683" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "compare-versions", + "version": "6.1.0", + "bom-ref": "compare-versions@6.1.0", + "author": "Ole Michelsen", + "description": "Compare semver version strings to find greater, equal or lesser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/compare-versions@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/omichelsen/compare-versions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd6505e1a94bea513a2da59d34a8b49a89fcb76f85450f9f3c691afc30a170e02314afdf32b73096e700c7e6ac7f0c46399020d771b711b82a8bd2ccc47f6b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/compare-versions" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "version": "2.0.2", + "bom-ref": "csv2json@2.0.2", + "author": "Julien Fontanet", + "description": "Stream and CLI to convert CSV to JSON", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/csv2json@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/julien-f/csv2json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/julien-f/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/julien-f/csv2json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv2json/-/csv2json-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61567bd8e7a14acf7e8f694c135d28b2624d1de23475c1e55fea8dabcc5c4744fe46df1668e09c84a884545dc6b0ae0e7f7cff2c4eb8c746dad5ca542e601c97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv2json" + } + ] + }, + { + "type": "library", + "name": "csv-parser", + "version": "2.3.5", + "bom-ref": "csv-parser@2.3.5", + "author": "mafintosh", + "description": "Streaming CSV parser that aims for maximum speed as well as compatibility with the csv-spectrum test suite", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parser@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/csv-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parser/-/csv-parser-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c21e8942e0094dc0bfb912e0f92c7d9554d2a90fc422c595b6cf32b55e6ad56146ac945638739068a0444738222e6c6f62bff0c0c858ece31d07bd6359bb25a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parser" + } + ] + }, + { + "type": "library", + "name": "minimist", + "version": "1.2.8", + "bom-ref": "minimist@1.2.8", + "author": "James Halliday", + "description": "parse argument options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minimist@1.2.8", + "externalReferences": [ + { + "url": "git://github.com/minimistjs/minimist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/minimistjs/minimist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/minimistjs/minimist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db2c8047ca8190ddd8ba17896a7529582e54ddb6f9a2c0f2c0d07c4730d5943c031dba1c009bdeaaa8f5bbcf92543ee39164f8cafb070a95aaa96a80c5bd3308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimist" + } + ] + }, + { + "type": "library", + "name": "through2", + "version": "3.0.2", + "bom-ref": "through2@3.0.2", + "author": "Rod Vagg", + "description": "A tiny wrapper around Node.js streams.Transform (Streams2/3) to avoid explicit subclassing noise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through2@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/rvagg/through2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/rvagg/through2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/rvagg/through2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through2/-/through2-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a7683438314c8fd96e99c93e84b0ccea04f65a33f6af83c8aea3e976777402b3427ee916aa90757fdbf94ec034ee7811de27fd8b1bd96b2d6ddde6b58fb9cb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through2" + } + ] + }, + { + "type": "library", + "name": "exec-promise", + "version": "0.7.0", + "bom-ref": "exec-promise@0.7.0", + "author": "Julien Fontanet", + "description": "Testable CLIs with promises", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/exec-promise@0.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/exec-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exec-promise/-/exec-promise-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6b817e065a23cdb0f42b28227c5f754e6ec89d6afe89ad61853209a95362bd4d202ee90f3d27ec98ea4a7fa2d85845727852199e3bc8c18f8e99411af9e1780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exec-promise" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "1.0.2", + "bom-ref": "log-symbols@1.0.2", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: ✔︎ success", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a63eb5b4161d9fc4ecdd05b16fe20d66ea947bda16852cf2761b94891042dfd72fa2690ac31ba71608f8f2e7844761b640b7b5fe96cebdd0ac3ad807565c1cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "1.1.3", + "bom-ref": "log-symbols@1.0.2|chalk@1.1.3", + "description": "Terminal string styling done right. Much color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53795154b31296c09f8ea60f6cbc95bf5d4cf423d6e08ef6f1de9308a300389b9e11e07dffca3e792b0c9f13c90fe43e2bdd3db1d11283b0beb489281faa27d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "2.2.1", + "bom-ref": "log-symbols@1.0.2|ansi-styles@2.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "92609ebc582146258cec7079cd33d42e5e2bf5b5454968f3eb6321aa2cc3194aead8d5ae34c432bafe2d1c7a0a247b3af4cfcc17ae2511c1dd608a1cadd59060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "561ba64926c1a834cff29d992ca8f8d148c1095e3ebfc6d4484a546f82a34605a4f696ea185e111058fa2846a089d6f67ff33a0330b41261720cd19ac3d382ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "log-symbols@1.0.2|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "2.0.0", + "bom-ref": "log-symbols@1.0.2|supports-color@2.0.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28a355b5dea909880f20a538729dbbdf71d6602a6995085d7592c152bc9a007a2eef6df1f854734390dff36e058fe232cae8904d1a2e6f84a72057c872ba7bd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "has-ansi", + "version": "2.0.0", + "bom-ref": "has-ansi@2.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string has ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-ansi@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0bcbc127c0f0502c75f6f866eeeae14ee52caf8fc8c8fea5e15ccd403bfeaf21d039b5b74d34e9f7207af16a588117b66db686b99fec7bbe08a857959cc9cb66" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "has-ansi@2.0.0|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi/node_modules/ansi-regex" + } + ] + } + ] + }, + { + "type": "library", + "name": "promise-toolbox", + "version": "0.14.0", + "bom-ref": "promise-toolbox@0.14.0", + "author": "Julien Fontanet", + "description": "Essential utils for promises", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-toolbox@0.14.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/promise-toolbox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/promise-toolbox/-/promise-toolbox-0.14.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "555e655cae255da3c1f6804ee74a297b5a9dd0028df0dde72b5e2362f57dfea1667d95b63f1fdb2633d90678868d770825fe89e58fdca0d809b4f1c3ca2515fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/promise-toolbox" + } + ] + }, + { + "type": "library", + "name": "make-error", + "version": "1.3.6", + "bom-ref": "make-error@1.3.6", + "author": "Julien Fontanet", + "description": "Make your own error types!", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-error@1.3.6", + "externalReferences": [ + { + "url": "git://github.com/JsCommunity/make-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/make-error", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/make-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b3c52194d7bbbcf2a8990842d6a15e94ca24aff49cdc080d6eca379fbe2654f0392d3670901f4d9577f85cf6a62f1244f21d2087bdeb33de31bf0453d825489f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-error" + } + ] + }, + { + "type": "library", + "name": "pump", + "version": "3.0.0", + "bom-ref": "pump@3.0.0", + "author": "Mathias Buus Madsen", + "description": "pipe streams together and close all of them if one of them closes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pump@3.0.0", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pump.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pump#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pump/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f0672fa9dd216cd4fcad77f8d872de30a6fe3d1e2602a9df5195ce5955d93457ef18cefea34790659374d198f2f57edebd4f13f420c64627e58f154d81161c3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pump" + } + ] + }, + { + "type": "library", + "name": "end-of-stream", + "version": "1.4.4", + "bom-ref": "end-of-stream@1.4.4", + "author": "Mathias Buus", + "description": "Call a callback when a readable/writable/duplex stream has completed or failed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/end-of-stream@1.4.4", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/end-of-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faec358a720754f428695b87cd1c97776d6270cf9c9ede02cc3e6b5be342d708ce5124ceb3e4deec53afec084deef4bdc7fa08ca12cfe4f4751fea614001eee5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/end-of-stream" + } + ] + }, + { + "type": "library", + "name": "once", + "version": "1.4.0", + "bom-ref": "once@1.4.0", + "author": "Isaac Z. Schlueter", + "description": "Run a function exactly one time", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/once@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/once.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/once#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/once/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94d689808fb643951140191c7042874d038f697754c67659125413658d0c15402e684a9ed44f8dcaf81dcff688c8d8ba67d3333b976fd47f27e7cfc610ba77fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/once" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "version": "2.0.1", + "bom-ref": "pumpify@2.0.1", + "author": "Mathias Buus", + "description": "Combine an array of streams into a single duplex stream using pump and duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pumpify@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pumpify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pumpify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pumpify/-/pumpify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9bb28e8deee3671ae6bad6a79644b575a8f5752eb3e8182c97339799c484a48942c4cdd5247ee51b940b79c93fea1805e85e1cac57f4d54b5098db097f079303" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "version": "4.1.3", + "bom-ref": "duplexify@4.1.3", + "author": "Mathias Buus", + "description": "Turn a writable and readable stream into a streams2 duplex stream with support for async initialization and streams1/streams2 input", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/duplexify@4.1.3", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/duplexify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/duplexify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/duplexify/-/duplexify-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "337066061c09459b12c77f25672844e770ac75d83397947bc4624d93b09575d643e82726c0c087f09fbb029ac8ad0287ed3a272b16828dcbf6ed099ffac43ea0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/duplexify" + } + ] + }, + { + "type": "library", + "name": "inherits", + "version": "2.0.4", + "bom-ref": "inherits@2.0.4", + "description": "Browser-friendly inheritance fully compatible with standard node.js inherits()", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inherits@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/inherits.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inherits#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inherits/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93fbc6697e3f6256b75b3c8c0af4d039761e207bea38ab67a8176ecd31e9ce9419cc0b2428c859d8af849c189233dcc64a820578ca572b16b8758799210a9ec1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inherits" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "3.6.2", + "bom-ref": "readable-stream@3.6.2", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@3.6.2", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f6efec9e20ab6370f959db04447cc71381b66025eaa06e454c7522082e1221bafa5dc2d9058d39c9af442a361e93d3b9c4e0308c6abed497460404bb43d49ca0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "stream-shift", + "version": "1.0.3", + "bom-ref": "stream-shift@1.0.3", + "author": "Mathias Buus", + "description": "Returns the next buffer/object in a stream's readable queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-shift@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/stream-shift.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efa3914740ced68d6194ac136e2fc33371175867f764960ef1c5d7e512709ee9760c4836a32a19ca32cda1033c5acbd988528245f0b53b427b882be27b745999" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-shift" + } + ] + }, + { + "type": "library", + "name": "strip-bom-stream", + "version": "4.0.0", + "bom-ref": "strip-bom-stream@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-stream@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-stream/-/strip-bom-stream-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d00a4ade20241efe966e02c80b0fc9e278701de0d9b01c4822c383fa01e064808be92789d12f5ffd666a7a691af5c8e44f230de6078877a7bc5395861409f771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-stream" + } + ] + }, + { + "type": "library", + "name": "first-chunk-stream", + "version": "3.0.0", + "bom-ref": "first-chunk-stream@3.0.0", + "author": "Sindre Sorhus", + "description": "Transform the first chunk in a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/first-chunk-stream@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/first-chunk-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/first-chunk-stream/-/first-chunk-stream-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd46f47886bfd2f1c5d7908639a538153fb2f7b6ae8b95859c83d9d606e5bba3534cc4a668ea83956bfe8621e90c188d08c3bb82f875a298c7bdbbf54078aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/first-chunk-stream" + } + ] + }, + { + "type": "library", + "name": "strip-bom-buf", + "version": "2.0.0", + "bom-ref": "strip-bom-buf@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-buf@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-buf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-buf/-/strip-bom-buf-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80b14d1ee71dea0cdbf2332c9794266774209d4266a7baa7e2e5121cdc045ee980a7b622ce8198c35f595157eeab868139052dca7da4f17fc2c33581ef75b695" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-buf" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "acc60f62f0b3b17cb022c95d80b692a0f970e4f7e807fb2cafb858e292df72876b03933f780af36b56bd5664e234804d323386af53b0f664f2536a3af54e94f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.4.0", + "bom-ref": "fast-xml-parser@4.4.0", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90b6378c5970218c01343a237252ac3400b5dac7c3e8dc16ef8401d82a0d18fbed5718e58987a156e9c1dc7632362fa7e13b75740720c18be6285fd9d7c7e5aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "html-entities", + "version": "2.5.2", + "bom-ref": "html-entities@2.5.2", + "author": "Marat Dulin", + "description": "Fastest HTML entities encode/decode library.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-entities@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mdevils/html-entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mdevils/html-entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdevils/html-entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-entities/-/html-entities-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bffcf491310938159efc2b26aefa666eac79f7147d15c2bf87dfa784d2b3db798911462f58c5c7983e1b8deb45305a8af1c8a1e1aa800997638529ae0156d68" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-entities" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "9.1.0", + "bom-ref": "htmlparser2@9.1.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@9.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e737e0ea61d4a1a7abffded3c671a9c666d1ef326d3f021814c67f1f9b9c4e53d984abedba6d39ca23cadcc81a8b76b40f2571bfba98aa8c1e6847769eb610cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "inspecjs", + "version": "2.10.8", + "bom-ref": "inspecjs@2.10.8", + "description": "Schema definitions, classes on top, and utilities to deal with HDF files", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/inspecjs@2.10.8", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inspecjs/-/inspecjs-2.10.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7254873aba523f31f309f195a81cf5f5fa6162c37032af4b2383ed3d690a45521ee79e1bb2a255b7f49f665859d4be7919ac4ff7e3e49d8b026984338d276109" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inspecjs" + } + ] + }, + { + "type": "library", + "name": "lodash", + "version": "4.17.21", + "bom-ref": "lodash@4.17.21", + "author": "John-David Dalton", + "description": "Lodash modular utilities.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash@4.17.21", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf690311ee7b95e713ba568322e3533f2dd1cb880b189e99d4edef13592b81764daec43e2c54c61d5c558dc5cfb35ecb85b65519e74026ff17675b6f8f916f4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash" + } + ] + }, + { + "type": "library", + "name": "moment", + "version": "2.30.1", + "bom-ref": "moment@2.30.1", + "author": "Iskren Ivov Chernev", + "description": "Parse, validate, manipulate, and display dates", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/moment@2.30.1", + "externalReferences": [ + { + "url": "git+https://github.com/moment/moment.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://momentjs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moment/moment/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/moment/-/moment-2.30.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b849ad3616c33ab58f152fa176314205fcbd7f6628cb3469c1c97e0eaa42ead697db5173b132d055b315fd6ecfccd497eb1fdb842d73037736510e4dcc7ea1a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/moment" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e85973b9b4cb646dc9d9afcd542025784863ceae68c601f268253dc985ef70bb2fa1568726afece715c8ebf5d73fab73ed1f7100eb479d23bfb57b45dd645394" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "version": "4.2.0", + "bom-ref": "mustache@4.2.0", + "author": "mustache.js Authors", + "description": "Logic-less {{mustache}} templates with JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mustache@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/janl/mustache.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/janl/mustache.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/janl/mustache.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef58a9a52cb0ab961beffb5563219b9018206d4f07deee51cf9e9f1fad2318582bf2e1f0c6cf9a48a7aa9a5b885733349b4901ef1423292eaa3df7746f6668a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "version": "5.4.1", + "bom-ref": "papaparse@5.4.1", + "author": "Matthew Holt", + "description": "Fast and powerful CSV parser for the browser that supports web workers and streaming large files. Converts CSV to JSON and JSON to CSV.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/papaparse@5.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/mholt/PapaParse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://papaparse.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mholt/PapaParse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e2a4cb2026466ef1baf6de95b5e6ebe8eac89beb09deff8c282d93e515fdeba43c8c7bdcb011752cb83efee8af4f464265553e758ffb023980ca1864b7649af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "version": "0.3.1", + "bom-ref": "revalidator@0.3.1", + "author": "Charlie Robbins", + "description": "A cross-browser / node.js validator powered by JSON Schema", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/revalidator@0.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/flatiron/revalidator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flatiron/revalidator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flatiron/revalidator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/revalidator/-/revalidator-0.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2babe370f95e690e9430184b8dda7d40809fb403c5aa8451cab792a09317c0a3050a80ed42595df6211dd3341e20f7f157de026df6a0493bc0d8970a279c1d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/revalidator" + } + ] + }, + { + "type": "library", + "name": "run-script-os", + "version": "1.1.6", + "bom-ref": "run-script-os@1.1.6", + "author": "Charlie Guse", + "description": "run-script-os is a tool that will let you use generic npm script commands that will pass through to os specific commands.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-script-os@1.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/charlesguse/run-script-os.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-script-os/-/run-script-os-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa5e8fd8bce10534c37f32adb3e428e07f785542a9c4a0c5cfa431c7069464dd26c2f8bb2f7969388ec1a8f0aaee58038775cb974769797c1f715222b65ad8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-script-os" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-7.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d0080560b1f6a7118681dc81c27482f53b48dd65614d995ee49f974e1b482e4ea6f0c71722428dd347a263d7c6342508153aed85bae0fcd8eff548107ec5db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.4.3", + "bom-ref": "tailwindcss@3.4.3", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bb31424fe7dfdec19b1e091db271fe248e3afe46f882377f59292e963641e52fe4370f75c4ec60b96eb197ead4db611d2d5cd5c668c859a691ec75af391ed0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "group": "@alloc", + "version": "5.2.0", + "bom-ref": "@alloc/quick-lru@5.2.0", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40alloc/quick-lru@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@alloc/quick-lru/-/quick-lru-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52b700041fb86d4ac5001c1b96e4c8044ad7c2f6ec53f57b4d959f99b8097db930881bb3892f60c5d383532ba279c7dd190f398e094c5ba8ee4b7fb3e53b0a2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@alloc/quick-lru" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "5.0.2", + "bom-ref": "arg@5.0.2", + "author": "Josh Junon", + "description": "Unopinionated, no-frills CLI argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@5.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d88f214e2ca43dcb9ec9bd0e902e8f1d02036ab3087c33544c25875076e4fac5b59280adfa3ff67fbfea7cf3ca4cebd8cc31f4bc5ddf05e88d6443f23d1d41a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "chokidar", + "version": "3.5.3", + "bom-ref": "chokidar@3.5.3", + "author": "Paul Miller", + "description": "Minimal and efficient cross-platform file watching library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chokidar@3.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/paulmillr/chokidar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/chokidar", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/chokidar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ebdec7ca44fea84dc8dfd8999498525f79532f5c175e83107489543979bd95d74b852540804bc381c9975503255bf315cdcf71a38d3823f642d6b194ea13a93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar" + } + ], + "components": [ + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "chokidar@3.5.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar/node_modules/glob-parent" + } + ] + } + ] + }, + { + "type": "library", + "name": "didyoumean", + "version": "1.2.2", + "bom-ref": "didyoumean@1.2.2", + "author": "Dave Porter", + "description": "Match human-quality input to potential matches by edit distance.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/didyoumean@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/dcporter/didyoumean.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/didyoumean/-/didyoumean-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "831b727ea320ec62b285099bd39e8aeccdf1b33cbf9b21fcc3e078453f905c142cbc039d7375f29aa0c33c7c750603e0b1d000e522227e89daf3d62d4404c3cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/didyoumean" + } + ] + }, + { + "type": "library", + "name": "dlv", + "version": "1.1.3", + "bom-ref": "dlv@1.1.3", + "author": "Jason Miller", + "description": "Safely get a dot-notated property within an object.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dlv@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/developit/dlv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/developit/dlv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/developit/dlv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dlv/-/dlv-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87972b728e53ca9c81bc5ee446f16be604ff31b3c3fbd72f9228a4ba6575a81202ee78fc6d0e8504887ed691d78f5ab439241a44e9aa15a9f65f2544248d7c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dlv" + } + ] + }, + { + "type": "library", + "name": "fast-glob", + "version": "3.3.2", + "bom-ref": "fast-glob@3.3.2", + "author": "Denis Malinochkin", + "description": "It's a very fast and efficient glob library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-glob@3.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/mrmlnc/fast-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a17dabb80150c1ffceae3f26ef7ed8e5a7710d03b42c007bfd2e4c9f109d4cd0dde29e81b32215b2ff4942c0136d34aaf0a1d1a4bc081db56550d6adc5dfb53b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob" + } + ], + "components": [ + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob/node_modules/glob-parent" + } + ] + } + ] + }, + { + "type": "library", + "name": "fs.stat", + "group": "@nodelib", + "version": "2.0.5", + "bom-ref": "@nodelib/fs.stat@2.0.5", + "description": "Get the status of a file with some features", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.stat@2.0.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "46484f3e9db3aea0c0400ff68cd867ced70f025bfae17761229edaef8e78039a2f23b06e93182decc5fbb9dc00bb7ce0d437293d4d2bcf7555d5279aaaf638f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.stat" + } + ] + }, + { + "type": "library", + "name": "fs.walk", + "group": "@nodelib", + "version": "1.2.8", + "bom-ref": "@nodelib/fs.walk@1.2.8", + "description": "A library for efficiently walking a directory recursively", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.walk@1.2.8#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0607e53196059c810920c28f067041b07a6a1316ddc520ef5a6da6c199a1b05c8a01299f864f2d293f5f396de1a0ecb96287f3521d25765c0b35967ce7a1c4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.walk" + } + ] + }, + { + "type": "library", + "name": "is-glob", + "version": "4.0.3", + "bom-ref": "is-glob@4.0.3", + "author": "Jon Schlinkert", + "description": "Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-glob@4.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/is-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/is-glob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/is-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e9526b21c7dfa66013b6568658bba56df884d6cd97c3a3bf92959a4243e2105d0f7b61f137e4f6f61ab0b33e99758e6611648197f184b4a7af046be1e9524a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-glob" + } + ] + }, + { + "type": "library", + "name": "merge2", + "version": "1.4.1", + "bom-ref": "merge2@1.4.1", + "description": "Merge multiple streams into one stream in sequence or parallel.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge2@1.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/teambition/merge2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/teambition/merge2", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/teambition/merge2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2aed51203095b827cb5c7d53f2f20d3d35c43065d6f0144aa17bf5999282338e7ff74c60f0b4e098b571b10373bcb4fce97330820e0bfe3f63f9cb4d1924e3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge2" + } + ] + }, + { + "type": "library", + "name": "micromatch", + "version": "4.0.5", + "bom-ref": "micromatch@4.0.5", + "author": "Jon Schlinkert", + "description": "Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/micromatch@4.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/micromatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/micromatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/micromatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0cccbe1117045b6abc6763e8f96357bb0ddce586944858c03b91ac26a7c497b523bed22e14a3ba66b2af708b5dcbdf1dc05236375b60df334874a6904fe68d74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/micromatch" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "6.0.2", + "bom-ref": "glob-parent@6.0.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@6.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f1c08f043a1550816a7a8832feddbd2bf3a7f877a017eb3494e791df078c9d084b972d773915c61e3aefa79c67ed4b84c48eeff5d6bb782893d33206df9afe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "jiti", + "version": "1.21.0", + "bom-ref": "jiti@1.21.0", + "description": "Runtime typescript and ESM support for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jiti@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/unjs/jiti.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/unjs/jiti#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/unjs/jiti/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jiti/-/jiti-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "805a8021bb8acb2b28ff71b6aa188ed8e33ab2163a10f3ff474fa69036f2b29c4a6b387c0570c2e45885b148e573381d373fef7eb6b475adb2f9a1ebbac2c6fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jiti" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "2.1.0", + "bom-ref": "lilconfig@2.1.0", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad58eb7f187cee5319cb2b107a764f3546839ea0d78781bad78ae1a4e32c85e6a951cfe888556bb9e84d9fa861c5ad7cf440d5212c1ffc9caaaf447eba24a19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "braces", + "version": "3.0.2", + "bom-ref": "braces@3.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/braces@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/braces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/braces", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/braces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fcba6f8bd51cccdd60d2cef866ea0233d727d36c1b7a61395c10a02fb26a82659170e3acfadba9558fd8f5c843d6df71f91fe94142964c3f593c97eefc1dad0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/braces" + } + ] + }, + { + "type": "library", + "name": "picomatch", + "version": "2.3.1", + "bom-ref": "picomatch@2.3.1", + "author": "Jon Schlinkert", + "description": "Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/picomatch@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/picomatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/picomatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/picomatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "254ded7874cd8e6136542185cee63c117cc20d5c04a81d9af1fb08bf0692b4784058911e55dd68d500fcd0253af997445d748b6d2b2e2f0263902056a9141454" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picomatch" + } + ] + }, + { + "type": "library", + "name": "normalize-path", + "version": "3.0.0", + "bom-ref": "normalize-path@3.0.0", + "author": "Jon Schlinkert", + "description": "Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-path@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/normalize-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9e66ce4bb375ad0a2b075a9f52d86532f1daa4a468b80554b3dc66aa884e9ecee6f4e75d844b3b57530501e82e8829b4246363e76ff983e166288c24707302c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-path" + } + ] + }, + { + "type": "library", + "name": "object-hash", + "version": "3.0.0", + "bom-ref": "object-hash@3.0.0", + "author": "Scott Puleo", + "description": "Generate hashes from javascript objects in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-hash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/puleos/object-hash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/puleos/object-hash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/puleos/object-hash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4529fd17af0f8c7f47aad96db129ea602d575e859ef418eee7edb5dd1f7c70d1adb5a83dabdc80393cdd6ecaaf21aeda366e567df059169598af6696ae495603" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-hash" + } + ] + }, + { + "type": "library", + "name": "picocolors", + "version": "1.0.0", + "bom-ref": "picocolors@1.0.0", + "author": "Alexey Raspopov", + "description": "The tiniest and the fastest library for terminal output formatting with ANSI colors", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/picocolors@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexeyraspopov/picocolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5fca0ae84cb947bbaeb38b6e95a130eff324609b415c71e72cb2da3e321b19d03fc3196dac9bc13c0235bb354e5555346de46c5b799e6a06e26bf87c8b6248d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picocolors" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "15.1.0", + "bom-ref": "postcss-import@15.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@15.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-15.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "869afe274e41d855585005c778ad58c88dbaec9fdd0c384c53a07a722be6f21498d636099c15f1cca0ca0ecc33266b4b1ebcab8e19c38eaaa9ff8f6df0500b7b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-value-parser", + "version": "4.2.0", + "bom-ref": "postcss-value-parser@4.2.0", + "author": "Bogdan Chadkin", + "description": "Transforms css values and at-rule params into the tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-value-parser@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/postcss-value-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4d342b3abaeadf9156de5c6e12f09153f6dd7d9b8e480a789ff3358b779a0f499e74427c0c7caf87de3bf8d3c7788f0ffb06db6fe5ac52e48887a0b69534779" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-value-parser" + } + ] + }, + { + "type": "library", + "name": "postcss", + "version": "8.4.38", + "bom-ref": "postcss@8.4.38", + "author": "Andrey Sitnik", + "description": "Tool for transforming styles with JS plugins", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss@8.4.38", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://postcss.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a0969764d370527d7907a106b76ffa2e96ba2d024c2b94b0d148e6fd0f46cdf3a15d47213d969a52a77dda1cd3e005ad09282a01f9dac52d9910a1145869ee4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss" + } + ] + }, + { + "type": "library", + "name": "read-cache", + "version": "1.0.0", + "bom-ref": "read-cache@1.0.0", + "author": "Bogdan Chadkin", + "description": "Reads and caches the entire contents of a file until it is modified", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-cache@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/read-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/read-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/read-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-cache/-/read-cache-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b076ffc5b7b2233a09bf8b4c6f3436752eb4403517dec386f6a6b1773963102f12dfbb76d2f055610acad208c2b8951e7a63dc9af804e1a13a43093c429a944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-cache" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9d82c018f9f4e7befee423b69ac5bab058d6f4007881d2a04ef3d3d928f9284e618e81d6eb1c3283fb40765f8b937c9fc54f5474f6bf604ec8d48cd268b6ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "resolve", + "version": "1.22.8", + "bom-ref": "resolve@1.22.8", + "author": "James Halliday", + "description": "resolve like require.resolve() on behalf of files asynchronously and synchronously", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve@1.22.8", + "externalReferences": [ + { + "url": "git://github.com/browserify/resolve.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserify/resolve#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserify/resolve/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a59e3c2c6aa5de8594bbc6575554d31edb90f9a608da25c738cc7f835cce80e741c216ac017e70fb599f98ba9fe45f0f677d8b4b73a4a9c6e98935ebcc88cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve" + } + ] + }, + { + "type": "library", + "name": "postcss-js", + "version": "4.0.1", + "bom-ref": "postcss-js@4.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS for CSS-in-JS and styles in JS objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-js@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-js/-/postcss-js-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7432c5f2910ed7dd6124cb651c53d16bcc6c8b31da33cd8c2df364507754b55115ded813a79a23fbca9b12a60ce7b48b7dcef82926f0fffe1278999ad8b45523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-js" + } + ] + }, + { + "type": "library", + "name": "camelcase-css", + "version": "2.0.1", + "bom-ref": "camelcase-css@2.0.1", + "author": "Steven Vachon", + "description": "Convert a kebab-cased CSS property into a camelCased DOM property.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase-css@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/stevenvachon/camelcase-css.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40e4af7af86c9628e0630471e91bfbcca74c17c95b466c7eb901b1dbebc373e288fde067b32f648ade5a8f6dc0806bb7a5ae2df408306e75d6a92fa2398fb668" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase-css" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "4.0.2", + "bom-ref": "postcss-load-config@4.0.2", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2561c8918bd34c0c5683d4cc05409db1285b2a91c648efeb8b54978dbb48a9cfac436daba849c14a23ae8333d9507e43579d9a2e087eb00fa5a9a2e5556031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config" + } + ], + "components": [ + { + "type": "library", + "name": "lilconfig", + "version": "3.1.1", + "bom-ref": "postcss-load-config@4.0.2|lilconfig@3.1.1", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5f297fb9f2bc74dc92e9cf5825755d4357535a62bb4d72d9bec04c9d29a6452493ca1ca95581ad88c9042c070e30ff65671fcab0343f880a8735868b910835" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config/node_modules/lilconfig" + } + ] + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "10.9.2", + "bom-ref": "ts-node@10.9.2", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@10.9.2", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://typestrong.org/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f4145a4875c1e09fccdc3d26dfd5d45ebf0b74e3b60c9da889337bb6c3645ec2b07e7e86ffcde3d972b3b24282cc30eeda04875d2dc40810ae5d62390b9c6ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node" + } + ], + "components": [ + { + "type": "library", + "name": "arg", + "version": "4.1.3", + "bom-ref": "ts-node@10.9.2|arg@4.1.3", + "author": "Josh Junon", + "description": "Another simple argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@4.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c4bd403a86d17c76ed8c0f4adf5f2718af8d8978df6602c1f0cc7d9fbbd5102a52b65e7fb2eb2906772c72cec024b814b341a653f9df7671f3de5278e087bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node/node_modules/arg" + } + ] + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "2.4.3", + "bom-ref": "yaml@2.4.3", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b27b609b18fca3b0c4ee0fd08bad1caa92c10371c6dd24dc0c0d243be59f074e6310a85931b63bba6366dab06942fb26675ebf94f5c22465b6ebbd9d80e524ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.1", + "bom-ref": "postcss-nested@6.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "984a78c4f322e5b49688c6ec8283df70fef896c58b1e441b65cdec63e8d661deb9094c17ad4693a747e63696b4d597044ca94881474537f3294b6c59b6a2fd75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03445526b5fe21491565b5b70a5ae8456bab7ab70586279ebc7077f2caf6fa5f5e50294caa899edcb9849a7865372fb932bd8460de81d8a6b0f7061d77e5478b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-selector-parser" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd36ff25c8cad75d67352706a1be4c36db27b4d3356823540e2a41fd39306458720ebac4e3b48ec7fd7cc05d9b6e381cdd9cc248a5b54f99ede446c5a00cff56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cssesc" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f0f9ab5b97c85c49a42acb9c27359c79eade039ae83641a1c008888d93692080ed5089d5424331a802cc891736c5187c3d5d68afff2d3110f318886eb1ed73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/util-deprecate" + } + ] + }, + { + "type": "library", + "name": "nanoid", + "version": "3.3.7", + "bom-ref": "nanoid@3.3.7", + "author": "Andrey Sitnik", + "description": "A tiny (116 bytes), secure URL-friendly unique string ID generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nanoid@3.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/ai/nanoid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ai/nanoid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ai/nanoid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "792469a6370f21ab5120c0b553a52780ff1715ccfc31058641db75313050ecd6809af5c37ef3716ef595df1db2e8274451c8824ac0c70d065b858681f10128da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nanoid" + } + ] + }, + { + "type": "library", + "name": "source-map-js", + "version": "1.2.0", + "bom-ref": "source-map-js@1.2.0", + "author": "Valentin 7rulnik Semirulnik", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map-js@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/7rulnik/source-map-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad256f25bd20344d71298624686b0b0292c9e57fc4b2be617322196da801e5b9777cf2990277e7172551d30f0742af4233c29b529b4df9207424b54bb541432" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-js" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "847ac88ef66c7ed3acbca4a7d9345897adf3bf1b201342bed2660ca07ea00f8a264792160762b29e2bc141cce8dfec05d5c0a48f3be9b6723d434b0f53aea297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-core-module" + } + ] + }, + { + "type": "library", + "name": "path-parse", + "version": "1.0.7", + "bom-ref": "path-parse@1.0.7", + "author": "Javier Blanco", + "description": "Node.js path.parse() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-parse@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jbgutierrez/path-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c32733d510410f47ecb8f33f7703411dd325dbf29001c865a8fe4e5861d620a58dbfd84b0eb24b09aeaee5387c6bcab54e9f57a31baa00a7c6a1bce2100fcb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-parse" + } + ] + }, + { + "type": "library", + "name": "supports-preserve-symlinks-flag", + "version": "1.0.0", + "bom-ref": "supports-preserve-symlinks-flag@1.0.0", + "author": "Jordan Harband", + "description": "Determine if the current node version supports the `--preserve-symlinks` flag.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/node-supports-preserve-symlinks-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2dd169d74bd7e076480871e3dee911cd935580f3e9ae3dae9c4a3791dd5f0adbbabd041d6b4c4dd1d69ec7bf4cf567201cf2ce95beff0323259febcd4c02dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-preserve-symlinks-flag" + } + ] + }, + { + "type": "library", + "name": "sucrase", + "version": "3.35.0", + "bom-ref": "sucrase@3.35.0", + "author": "Alan Pierce", + "description": "Super-fast alternative to Babel for when you can target modern JS runtimes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sucrase@3.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/alangpierce/sucrase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alangpierce/sucrase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alangpierce/sucrase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sucrase/-/sucrase-3.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f046d50e2bbd88dfe7112c31792c4329ed1dba7b5ad463a51ee7e64925f1303db3dbfb4c6690cca6f5d01ac73e6a31a8f32dae6149a2c5a49151cfd03e843418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase" + } + ], + "components": [ + { + "type": "library", + "name": "commander", + "version": "4.1.1", + "bom-ref": "sucrase@3.35.0|commander@4.1.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e2a6f31864cc08f3171f01dafe4e0074febb9a5141cd9409ad95abd8d82ffdf5a36c22f66c4103b2c816cdec5795520b8f73ea91217db3142ef4a12a3dba58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "sucrase@3.35.0|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "sucrase@3.35.0|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "gen-mapping", + "group": "@jridgewell", + "version": "0.3.5", + "bom-ref": "@jridgewell/gen-mapping@0.3.5", + "author": "Justin Ridgewell", + "description": "Generate source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/gen-mapping@0.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/gen-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2332fc66810320145613394271184e682ba963237981d20af90e9f6c574f0e0e87a97ea3a6422d9fb0c52295bd2d0cd71ba0dff6c03bf8e2a7ab4aa5cff19a42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/gen-mapping" + } + ] + }, + { + "type": "library", + "name": "set-array", + "group": "@jridgewell", + "version": "1.2.1", + "bom-ref": "@jridgewell/set-array@1.2.1", + "author": "Justin Ridgewell", + "description": "Like a Set, but provides the index of the `key` in the backing array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/set-array@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/set-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/set-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/set-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47c80b45365eca9d37ca6ccfffa2e297fdbcb46786133871d6ada4ef4dca19644023555dbcf217746ef4549736a40330dcd03a24a2f986116ed6c257d0c9e7fc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/set-array" + } + ] + }, + { + "type": "library", + "name": "sourcemap-codec", + "group": "@jridgewell", + "version": "1.4.15", + "bom-ref": "@jridgewell/sourcemap-codec@1.4.15", + "author": "Rich Harris", + "description": "Encode/decode sourcemap mappings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/sourcemap-codec@1.4.15", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/sourcemap-codec.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "785dabc4246e9442971d34620eb0f2e9eacc616a8dc382cf750f14400e21baec5a42c55e44f165da833ca031b130584951665ff4c7292ed25ab030d96ff0697a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/sourcemap-codec" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.25", + "bom-ref": "@jridgewell/trace-mapping@0.3.25", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.25", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bcd93a684c326c6b5ac169b2fcfcf09c60ce8c290b5920f6c2abe3186020380c02196c926177d8a31b74d082644c5fbc2dbe7b0f039bdc06b4a3d080a5ea6261" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cc28352722d7ba6df6f99d6bfb57f71a235ebd38782fc236fb5785a4794bdb410763af9ad62aa1c588a59bfdf70ec01f82cc14fea9b5a3be3f8357046c92922" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child" + } + ], + "components": [ + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "foreground-child@3.1.1|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child/node_modules/signal-exit" + } + ] + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8910cf24a50f544343edd1cf3bcae46ce9cfa720f281c0c5b568e9796342832f163f6ad77315cbf13b2445e425e8eac1d86efe509ada82cd6ad7916e75cec6eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cross-spawn" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "377c824bf35e82c381a2473c18074cf147267ec2a2492f1c8a985e0ff9e2bf3afbd341fe9ec30ec498d09efc0e711615b8591d1f4c0652f5b659b5c69ab6466d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jackspeak" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc8dc8da6d76a578e1bd0d0d3e0115d66414df9cfe16340ab3ba224aee5978e009b118abff2763384cf8f18d8df39c109fbc15c5cee726d6dc1dc85c9b16a10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e72ce091def8dc63c6dea0d2ed723679fe7c67d9a7e6304ea586b0eb79ba24a8c6a9f976de5bc9fd4d7a4f0cea9d18ae6a708de84f418a4d6eb00bb10c895a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f5f03689b17494936fb8da9bfc98bb398c94f686a164144e23db5c0e9a06d4aac67684bef636c514efce60f515e0a37b3464d815978d93887a7766d3affd5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8aae9e55523ae274104d162ad8ab44836776b94ecb125853270b07e18cc81d9b21c658199acff021ce15a03413946fc8bd522b04a1b4e82ad99e9d2abfb86471" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f933ce797ca6f64ac7cc222145a15ac0047242f10b47c15c7e98758fdd0704a811d889e9e3e5d1d28236f1b42d161195d8b78c1c0faceb4049433e116e6607c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b22ed0588eb350cab9e9b11216f6a0b66ccc7463ada317d1f927b3d753286df73bb66f9591472493d6d6d9479f7d319551b3a4b31992c34000da0b3c83bd4d09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cdefdf2015f417faf8b0dd1ef2ac6591aa7acdda84641245238e5e09367e04f06c716e3b46dc56eb108218de5f3f86bc14c0878266f8b842e3933f8304ad5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-styles" + } + ] + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width-cjs" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3128d8cdc58d380d1ec001e9cf4331a5816fc20eb28f2d4d1b7c6d7a8ab3eb8e150a8fd13e09ebd7f186b7e89cde2253cd0f04bb74dd335e126b09d5526184e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf29a6e7ebbeb02b125b20fda8d69e8d5dc316f84229c94a762cd868952e1c0f3744b8dbee74ae1a775d0871afd2193e298ec130096c59e2b851e83a115e9742" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23cf1361959cf578981d1438ff7739ae38df8248e12f25b696e18885e18445b350e8e63bc93c9b6a74a90d765af32ed550ff589837186be7b2ab871aee22ea58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eastasianwidth" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aae2505e54d25062f62c7f52517a3c570b18e2ca1a9e1828e8b3529bce04d4b05c13cb373b4c29762473c91f73fd9649325316bf7eea38e6fda5d26531410a15" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdb07dac22404f5adb8e25436f686a2851cd60bc60b64f0d511c59dc86700f717a36dc5b5d94029e74a2d4b931f880e885d3e5169db6db05402c885e64941212" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb55648dd0f44012cfa1d1ab2547aa6ab1fc54022f40e0c86f087d5e93f94b28ac7fb628420b0928f345a2aa8b425bbe550fed552b21311ea5a0f327f14f9d3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@pkgjs/parseargs" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2aa5a1f957217f170c3510098e3dad9ec48974d6c7b1582790185336b5bb023568e8ebcbb71c3ccdf4fda0bc35252a21945cc9f230a84e06a85ef27e907b7a7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.10.2", + "bom-ref": "path-scurry@1.10.2", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef14dabcdcb94505e7b2300dbd5bcc9048ef9683a29e4023bff67a225773f6fd918a767848129358539545b685f29d2fa479f28d5fd4c0d0dd2ae52fe8ce6a70" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry" + } + ], + "components": [ + { + "type": "library", + "name": "lru-cache", + "version": "10.2.0", + "bom-ref": "path-scurry@1.10.2|lru-cache@10.2.0", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9b20cf31f9501fe894f86ca0258d2d6a51680cb2a6513c6252e8549a84830f56f72d70d872569ec026eeeabb1396f63c24af205178a658e6d639258bf69ffed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "path-scurry@1.10.2|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "lines-and-columns", + "version": "1.2.4", + "bom-ref": "lines-and-columns@1.2.4", + "author": "Brian Donovan", + "description": "Maps lines and columns to character offsets and back.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lines-and-columns@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/eventualbuddha/lines-and-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef297295eb1943f3d5dbd8e110397751f8e8e995fb802a89af917b3caaea73ddefedfcd2ca6b75069c0453c9c0517b3cab3cefaa16e384ae50660e8cb7f1e406" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lines-and-columns" + } + ] + }, + { + "type": "library", + "name": "mz", + "version": "2.7.0", + "bom-ref": "mz@2.7.0", + "author": "Jonathan Ong", + "description": "modernize node.js to current ECMAScript standards", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mz@2.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/normalize/mz.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/normalize/mz#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/normalize/mz/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfcd4634eee79d830486b1a1f4b7b29a8138f98af45a7e4c70721930ae5c7d00a5f8d0d7d3cb0266051cf7fe8c1e78bd216b852e6d59dc74c25eedb3f5f37ad9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mz" + } + ] + }, + { + "type": "library", + "name": "any-promise", + "version": "1.3.0", + "bom-ref": "any-promise@1.3.0", + "author": "Kevin Beaty", + "description": "Resolve any installed ES6 compatible promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/any-promise@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevinbeaty/any-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/kevinbeaty/any-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevinbeaty/any-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed4be629a95646dd708232f546b1b1a12256ff44191487a0a5e1af646f648e9f2fad1bb9e574c76f09eaab61a95e6f6e2db72e8719b722a5fd381e0c651d5bd8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/any-promise" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.1.1", + "bom-ref": "object-assign@4.1.1", + "author": "Sindre Sorhus", + "description": "ES2015 `Object.assign()` ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac98134279149c7d6c170f324fa552537cc3dec5a6bbab19848b1e63c557f8646edcfe85ec5bbe24d0e85df9251256cb2529dcdc55101d57b8714e618fe05c52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "thenify-all", + "version": "1.6.0", + "bom-ref": "thenify-all@1.6.0", + "author": "Jonathan Ong", + "description": "Promisifies all the selected functions in an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify-all@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify-all.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify-all#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify-all/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44dc501ffa88f3fb77b615c90f072cb543b8cdeaa8eb8f94cbffac355441c785e7d8e5fe399f683fe8899cd16aa6516b6b665455e28249ada85568b74f8b9598" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify-all" + } + ] + }, + { + "type": "library", + "name": "thenify", + "version": "3.3.1", + "bom-ref": "thenify@3.3.1", + "author": "Jonathan Ong", + "description": "Promisify a callback-based function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "455652215e481b5d079377a7a2dae1bf3d13f5e9ba7321c12e41ff60066e2aa77c85190a8527c218870fd8a518d043f19ddcc034198d965cd63f06a4f9b85e4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify" + } + ] + }, + { + "type": "library", + "name": "pirates", + "version": "4.0.6", + "bom-ref": "pirates@4.0.6", + "author": "Ari Porad", + "description": "Properly hijack require, i.e., properly define require hooks and customizations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pirates@4.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/danez/pirates.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/danez/pirates#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/danez/pirates/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1a2ec1fb59e6183e20f6e4b0ee2d1458fe2fba1da3d8afa1b539494ddfda2dce4493c4a9ee6d1f514f14b7fca939d2cd60d894e01705900d0ca9942e7f48766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pirates" + } + ] + }, + { + "type": "library", + "name": "ts-interface-checker", + "version": "0.1.13", + "bom-ref": "ts-interface-checker@0.1.13", + "author": "Dmitry S, Grist Labs", + "description": "Runtime library to validate data against TypeScript interfaces", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ts-interface-checker@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/gristlabs/ts-interface-checker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-interface-checker/-/ts-interface-checker-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63f6abbdb9feaebcf72422a5f42e2454d7d37d29b6fe6129e454b3e44b194803463d2950ae9448e4ce0f285fa6267139da338ef743e73d273752bddb4d0c3480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-interface-checker" + } + ] + }, + { + "type": "library", + "name": "tw-elements", + "version": "1.1.0", + "bom-ref": "tw-elements@1.1.0", + "author": "MDBootstrap", + "licenses": [ + { + "license": { + "name": "AGPL" + } + } + ], + "purl": "pkg:npm/tw-elements@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/Tailwind-Elements.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwind-elements.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/Tailwind-Elements/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tw-elements/-/tw-elements-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "214afd616da5f7da13559c6e563420eaba6e0a9a3a559a9b68a19899950d555b2849553f9633e9909018d8f9ff9a8ae55f028f84ff4c4cf3503255a8b2a1cbe3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements" + } + ], + "components": [ + { + "type": "library", + "name": "tailwindcss", + "version": "3.3.0", + "bom-ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e5e5171f98724949f245e20807e4fc5332af83e6f5c938efb1b49bfbacdb7e3856e8f7e79229a040c1e5498602c4a94c19abfb86618f35b4e09b855e46ff7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "14.1.0", + "bom-ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@14.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-14.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e5c08f95826e1212539b1553e94c84fb494ed1dea9362fb3f276e31ca2489a54ab96bfd77f53e1a6fd001df0d0cbbb291359391cae339e0f63e9d6b31e0531b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "3.1.4", + "bom-ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e8388ce04eefe1ca13138bb303c53ffd686d3f0ca18a29b77b28c43050a7529cdbae42bdc091e02834f6991f876ed4ab77f36e6d56984cea52a63525f0d41e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "tw-elements@1.1.0|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.0", + "bom-ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0391a9aaacf7269010ec2e7faf40322bb6449b364bf9003fccdf6db24a8f64a85902218925ca6db11265a4c28f98dffa99a37e2dcc43cd530e32ef230276fe7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-nested" + } + ] + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@popperjs", + "version": "2.11.8", + "bom-ref": "@popperjs/core@2.11.8", + "author": "Federico Zivolo", + "description": "Tooltip and Popover Positioning Engine", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40popperjs/core@2.11.8", + "externalReferences": [ + { + "url": "git+https://github.com/popperjs/popper-core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/popperjs/popper-core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/popperjs/popper-core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f5b2dd1a92c0ab9fdb06661a7c18c63006742c6ef016b19017e38a1734dbcb1c6a8039ca15c668d98a886cb7043b4aa2a76d1e3b6a474d8beba57960fcfa0e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@popperjs/core" + } + ] + }, + { + "type": "library", + "name": "chart.js", + "version": "3.9.1", + "bom-ref": "chart.js@3.9.1", + "description": "Simple HTML5 charts using the canvas element.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chart.js@3.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/Chart.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.chartjs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/Chart.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chart.js/-/chart.js-3.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "468d896cb9af83cde05c5e45e2c9e2690fa54db4afd7c13e4c87f670e7a21f522a7763c614eb5e9be0d4b9f319b02270144ef2c0f3a97d7141c114c6abb761eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chart.js" + } + ] + }, + { + "type": "library", + "name": "chartjs-plugin-datalabels", + "version": "2.2.0", + "bom-ref": "chartjs-plugin-datalabels@2.2.0", + "description": "Chart.js plugin to display labels on data elements", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chartjs-plugin-datalabels@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/chartjs-plugin-datalabels.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://chartjs-plugin-datalabels.netlify.app", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/chartjs-plugin-datalabels/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chartjs-plugin-datalabels/-/chartjs-plugin-datalabels-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d78654df4947ee7f3da2af80e1b59a24f9c01bc6bb65393b74a7f8f1803332f26342d8eb820e43a64f5ff8b6e3085e9ba71dd10064de2f5dc85e929063246f97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chartjs-plugin-datalabels" + } + ] + }, + { + "type": "library", + "name": "deepmerge", + "version": "4.3.1", + "bom-ref": "deepmerge@4.3.1", + "description": "A library for deep (recursive) merging of Javascript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deepmerge@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/TehShrike/deepmerge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dec52a6cc11cefb5eaa5d34eec547246883e796de987e19809b8feacafae63244cbb0b15cb4acc895b4f9fe40994a16f58fff53d8a5aa6a627d0c7b6927167f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deepmerge" + } + ] + }, + { + "type": "library", + "name": "detect-autofill", + "version": "1.1.4", + "bom-ref": "detect-autofill@1.1.4", + "author": "Matteo Badini", + "description": "Small javascript library to detect and even prevent browsers autofill of form elements. Usefull for implementing floating labels or applying custom logics/styles.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-autofill@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/matteobad/detect-autofill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-autofill/-/detect-autofill-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad081430091fdb7929c00d09810bb0b8b53b9e0419180a5e964a97c652460a3bff8cccfc6a6068fa1b832f1f370a987d600932be56e9d7daf69a82f9115cfbc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-autofill" + } + ] + }, + { + "type": "library", + "name": "custom-event-polyfill", + "version": "1.0.7", + "bom-ref": "custom-event-polyfill@1.0.7", + "author": "Evan Krambuhl", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/custom-event-polyfill@1.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumarharsh/custom-event-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/custom-event-polyfill/-/custom-event-polyfill-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c30e47790e4699c5914cf29fb5237c8096f337ad2af5c1bace9621b8c898b08a731937ccff8862fb05394392b25c6139a05126f8cb054273765a52d3ad0bbeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/custom-event-polyfill" + } + ] + }, + { + "type": "library", + "name": "perfect-scrollbar", + "version": "1.5.5", + "bom-ref": "perfect-scrollbar@1.5.5", + "author": "Hyunje Jun", + "description": "Minimalistic but perfect custom scrollbar plugin", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/perfect-scrollbar@1.5.5", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/perfect-scrollbar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://perfectscrollbar.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/perfect-scrollbar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/perfect-scrollbar/-/perfect-scrollbar-1.5.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7736a57eeb723f77bf14ea5d96156bc8de002795c355ab955b1c9b4a42d999a905136b12df2de97382674a9af0f2d1a61ef91a1b911daf94fb2c14d9f96594da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/perfect-scrollbar" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74ecbedc0b96ddadb035b64722e319a537208c6b8b53fb812ffb9b71917d3976c3a3c7dfe0ef32569e417f479f4bcb84a18a39ab8171edd63d3a04065e002c40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "version": "5.1.1", + "bom-ref": "quick-lru@5.1.1", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/quick-lru@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5aec802d18d63c31adb7fc3326269d3b901763ef2167cd215697ba3328af82b691116ef9d57dd26e146f1b778b28e60dfbc544bea2dc7f7c1d9ede386784b848" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/quick-lru" + } + ] + }, + { + "type": "library", + "name": "validator", + "version": "13.12.0", + "bom-ref": "validator@13.12.0", + "author": "Chris O'Hara", + "description": "String validation and sanitization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/validator@13.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/validatorjs/validator.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/validatorjs/validator.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/validatorjs/validator.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73543498288f960753555548248ac1bb136271813eb7fee829e23d3162e3ddf87fbaad8fc61ff779e59b559e0e7065b54d47f9dc0b749e31f0e5231d037b6632" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validator" + } + ] + }, + { + "type": "library", + "name": "winston", + "version": "3.13.0", + "bom-ref": "winston@3.13.0", + "author": "Charlie Robbins", + "description": "A logger for just about everything.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston@3.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/winston.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af089d980d70dd21388f413932e22e7c587224f0431bb36eef5464668af5a76faa1ef25267d1980c0f3503295e41c65b87ff95e878de05d7e74d9266f6b49e41" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston" + } + ] + }, + { + "type": "library", + "name": "xml-formatter", + "version": "3.6.2", + "bom-ref": "xml-formatter@3.6.2", + "author": "Chris Bottin", + "description": "Converts a XML string into a human readable format (pretty print) while respecting the xml:space attribute", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-formatter@3.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-formatter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-formatter/-/xml-formatter-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a75a17af64d3b07df645521ce5d5631c85af2514b654809ecdcc5b39520e193850a8361786617cf527d233fdef9c4e7f6b0a4b93d46c1369ccfe6259851ce1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-formatter" + } + ] + }, + { + "type": "library", + "name": "xml-parser-xo", + "version": "4.1.1", + "bom-ref": "xml-parser-xo@4.1.1", + "author": "Chris Bottin", + "description": "Parse a XML string into a proprietary syntax tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-parser-xo@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-parser-xo/-/xml-parser-xo-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a07f6cbdd3e63a7bd20ae61a0fb9e99b547274dcf84349d8657449a0cdb8a1ceef64d17068d2c7dc1716928b85b53e5512488d6893e309d09097527f94e0897" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-parser-xo" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "version": "0.6.2", + "bom-ref": "xml2js@0.6.2", + "author": "Marek Kubica", + "description": "Simple XML to JavaScript object converter.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml2js@0.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/Leonidas-from-XIV/node-xml2js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f8ae2787682d445dc112d0ac718f825681a5101c393eab01dc60e0851df8b02b3eed3953cbabb1e3abd74cd5608c87296a3047cfee131c3880a1be8b6265e80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml2js" + } + ] + }, + { + "type": "library", + "name": "heimdall-lite", + "group": "@mitre", + "version": "2.10.9", + "bom-ref": "@mitre/heimdall-lite@2.10.9", + "description": "Heimdall-Lite 2 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load locally or from S3 and other data sources.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/heimdall-lite@2.10.9", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/heimdall-lite/-/heimdall-lite-2.10.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2461c6dd654cc64d0fe72259a9ce9c523f6cc15b5f4dab68a0b6408109cca569420a5f72a47f4d15c350a49f04c5300a91b4c4aa9d260f00155d13e8d4cec663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/heimdall-lite" + } + ] + }, + { + "type": "library", + "name": "express", + "version": "4.19.2", + "bom-ref": "express@4.19.2", + "author": "TJ Holowaychuk", + "description": "Fast, unopinionated, minimalist web framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/express@4.19.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/express.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://expressjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/express/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e53ea7863b13f8438ccee724f098c11c04531df321b743cece503ad16576a4c0f78325f0d8b66767eb9e19d3711bed1c6a538971629ba4572eccb67dd585aaf5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "express@4.19.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "express@4.19.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "inspec-objects", + "group": "@mitre", + "version": "1.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1", + "author": "The MITRE Security Automation Framework", + "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/inspec-objects@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/ts-inspec-objects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/inspec-objects/-/inspec-objects-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a7136eb75cf5d4548971c289f5e7466f82a8cf013f3f797022b0b49b04307009b52f45647794525979c232788ae0db3f437334472066b39cea8733e4fcd8038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects" + } + ], + "components": [ + { + "type": "library", + "name": "fast-xml-parser", + "version": "3.21.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "author": "Amit Gupta", + "description": "Validate XML or Parse XML to JS/JSON very fast without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@3.21.1", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1531558d8a013994c97a4894b1ac06b12615f502f403ecc3602463ef2df820ee8983ed8831812d41af9b6e272da5da55f1d1f15f2c2a53b0b48110c4385b4116" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "7.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@7.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fb308980e0c4ba730ee76f2511b4b3ced539acec2e47eb4d8b4444eff79cf53313bfec23fbac355139e85461e60151810e37de0d5d70c43e666eabe857e2ca2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "4.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1abc28c5837eb969733bcba1517465d0ffa41c4e06b553df63354b714c4f2fb28d7472a3ebabef9618b07881ea6185d6970f93f222cca78d8b9baee0870e1631" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "2.8.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@2.8.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de828e87e9ef63392088698e0a1b06299811fa0f8f1d55c740525fd3f7d1605d656d9620a5344f505dd24cf678d67d8a48ca8076c4c8ac7c041e87d4bde1dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "1.4.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@1.4.1", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-renderer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "547c01dca7eb70e3a47a5106d9939fc6a2d975f92297c3ed262e0ff0dd8c317b9c66adb22e9ef90a5562525395c32a071038d8538df702afb9cd63fad7e4466a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer" + } + ], + "components": [ + { + "type": "library", + "name": "entities", + "version": "2.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@2.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7dda27f9373eb5f48d30f9a909acb647d0c5f43dbe435f7f573b0413b5749d41039a607d374b5b88429e2684e66d017af1ab85623baed84e22c1a36eb7f28f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer/node_modules/entities" + } + ] + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "3.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a2c81aa8a26af031d146d5ed24aaf01261f9e56f4969f0ce68e45c36385ab584d671c5c364f089345e6ecbc73061ba2767641fd4b41a950a0533de404e3f9d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@28.1.3#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "378193e689fc5246601f43b92d46af3115751031213532f42847d198321e647495ee9d9780ba18f6df550d480bea8fb27dd8181d5c6ecfcd46f2807d546e6ec8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@28.1.3#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "088281ae568a3b303b606d7d044a82c3748b22c1308d991e2737f96dda285675b86c7e5c92da9edc95fe1b6615d5a2b9bcff0df676b5206585cd8693a7a93a34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@28.1.3#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40f0243f913029d2bf6f122be82d48e15b34ae6da71e200dce3fd9e57d89424ad9a3a22abc2e25759f4af79b45d0776276103c068e9e8314b35053d829c1172f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@28.1.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4728e2c8c519acacff73ece53053b5a66ef40dc225493f007964e4a147597af7b0e38c1c359407b0454e88256d8159e51450fcd853da5f2732b39f1c7f69ae55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@28.1.3#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c5767f487b06ede7be7328f7f5dbce87b7d10fa099984fb3f4918f9189b7986765ed3abe77a432c41684d65db7758782621a25a94c10bce1f73cc4c5d031bee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@28.1.3#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dda9fa47c29712464a3f0b7e6e2d814cd9e991025b4820a66227d7809a18ec8f40aa64c6b4a7589bd11e5f588a86867d5ad74dc379b4dba6a21a3f5a8243ab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@28.1.3#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26e032ef093141954d53f57a83dc4acc2182e4b557c7d14370004ab125e9e4c88a3c4136d78e1afef5d3103a32ce352964a7d5c29d3c5aa83903859f4cc0338e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@28.1.3#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "919024c67484f85a84f188d6f2036ea159240bd23b4b5aa67a797cb0670338bae8a4048ff8191c18ac215e8caa42e18e19e618d32fe2c63addfe2111a445c736" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@28.1.3#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb9753e5d8bea0523a85f70b38719301f994c4546b8cafaf9da3f4924568c3d31dfcced5fccc6a40c3b3fd5576e5464ef29cde03d3e37d3a4ebba043bb048f40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@28.1.3#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aa440db6d1857fea30a8f155af02dd4a2b1e9e7a4d5520730f78b11ba5c7d27e411e5b204da69ca733fa3aabe5a6c3eb0e868b369a5df8c196d25f71b5dfffe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "1.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@1.9.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012141ba9d0ccf5bb28888c035a9f58f32d06a68bdcf53e86126428a2616d857333db7a75dce3915974164bcce4feafafa2722b8432876d982b62fa18da024d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@28.1.3#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd2f914160d771c5c32925a79076bf74fc2dfb6ab003c089cd1eb5c37168602be8a373e7f2dbc6732b26305d018f4117e5162f008d8422f0b9ece9a8b5f76d28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@28.0.2#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2cd08832348cb4cbd14af9c8e8558a316a64fb65ea3b321cea446c7b6036266909f5c2e718f6ba2d886901cf370c5d3b63ac200ffdfedff84d05efe7f13cd77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@28.1.3#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ac68e7d45895e4da77d9b7d48fc82f2003590d7dd28b9105b2cec325aaaf26b184a534a7e66717d18199f809de0c195505fbbbfa741b347794ce00a6bb88888" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@28.1.3#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "306dc836307227427802c3419bb4f786cbb1290a85222468fc052a6f5abd2d1288e5453a01aafd2476ebf48be7d535707d40fd2a2ad1a0cfd3eaef1795c40f1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@28.1.3#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34830f12aa9ae7d3169c38b592f5d7a586eab1f426489b086e777ce667551a48837d0f564104d738bb2f21251fa279a7053fb0f395848277828a01047470c5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@28.1.3#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a951a3ce116324ddc597d0cfec3ef0871c27bd7cc1406bff615c480a3fc9c57cd97f8e51a413db9cabd36a9191972c376e089612d14bd294f5300b44beac7e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@28.1.3#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "719f9e4b9cdcefd301c2df88850862129d0e78175da5cd67f0c068d67301f00ee83cc2843be4ab7bec0768b25ec50523f586bff0d3816344444948188c1e9fa3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@28.1.3#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5b7f8d1c3054c490ac847f9f3947d233d566b20e31e81eabedb345c5604ab228cddc1560e978ca2a28a4c017d2d261032874f52587c14aa6da0cd9870c5805c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@28.1.3#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97373c0a951b4a813876a4f453e835a8e0d08c14473e908f5e2b2c5c3e264bdfac5907669a9789f73487d6b4b51c492bb0c3747dbee72ab27d822011d5ddf007" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@28.1.3#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "784874c67f0796cb8e07116022cb3eda65fce55012e10cb739292357bae5056963b40e28587dfb825546c8e65266f12b0d3ff2072c1974f1b0097b93bd21bce6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@28.1.3#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e25ccc82d88d95cdc353ff2565f9aac4ddc0603e8618b6e5fbbdab741a57bdc57ec215fb983ad113390f769d919e67c8896060d586ee15291776e17625c69f26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "0.7.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "author": "Desmond Brand", + "description": "An ES6 string tag that strips indentation from multi-line strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@0.7.0", + "externalReferences": [ + { + "url": "git://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "43a7ca50faa7007032862520154ec15332e2bf491df2c687f5a97bb67bb943fa248fa767ba9c724e01480635732404dd7c8026f4d02cbd73738da29af9bc55c8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@28.1.3#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ab4f5cf8b20db2001539ba880e6d53ef4a548c4250c0e3ca30c74ec10cf0226ac5b4c98a581d83a8e071cbcfdab4055cc3554e2120b163cc9c344a8f5a08bfe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@28.0.2#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a88f6c3dfc3c526077ce9b994928275c0263c9cd05e66ccfd4ae5deb865821acfbd3dedb7eedaffea1773d6b390a98bbe88978ed57cddb116aa2fafb399e53c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@28.1.3#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2015bfd3a343a6c4747df994dbd780dfdaf371746097f20d71586513a94c394e266f7107f9b0728e6dde5470fc8b2f2a303700c03131775d6386d41ea6c65d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@28.1.3#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "910789eea1de98a7dbccaa068c71eb44a1fa6ad831324f049e493688f4375f03baa04fca603f253183b388291e481f46e1a74f3389d1d4313c4dfe497961fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@28.1.3#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354fbcf3549c05040b7352471b9789194ed48b790b2ab9b008f3ed62c26d072922c6b3363a15509693261562633320df7641a004c3635c2181fde6f3b2034643" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@28.1.3#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba03fa5ce844a6300484662fa795e3f7cf67b39701d4ae99763058b92df4ba64f80901044dac5288f719fc4d64164b57e0692b70ce2abb4ec82250d85f5829f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@28.1.3#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ffc0e90bd8f387bf9da1fa89393a3ff580e1bd1d2cb07683ed16c44252694220b5cd9f97885a67277770c88969499e91af42d99a8ea04ff79122d048a6c5f2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@28.1.3#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a372768ebe9d30c598547e0b87f34a9835dda2caec2608b802f892f285cbba3723a423016f514cb1b9439ce5ca64a7d28872f162e6f5792d081ee457b22a3d78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@28.1.3#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6755b7b538c4e9068d23dd2aa3f049a5f9efa71b5a153170e420e0c29c84fcacfc53fd3a3751e37f889af6ab94842877f6a206585d59bb1162062250c1211829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@28.1.3#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a4330e03ff451277ad8e54ed281208e7db74ccf9825ad94d96bb9cf3f71b1007533158a0ce96b9f290fc6732c374b6726595f2cf8a71d391aeb5bb44216b104" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@28.1.3#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4996ce181584b1a4f104608ea6c45695796f364bd3918d17c517e1ef3626bddf2e2f9433ca0d021c05e25ca44e7e587cd35aae03afbf0ec4f83830ed84e0bf38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@28.1.3#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9ad103b64345f342834fa2e31b09cec1bedb1e9bc7908153cd9309fd2e74be4769fc0da5433cbfd4d609e00b42d39754585c9534b896b604c0b60db4df16b1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "1.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "author": "Luke Edwards", + "description": "A tiny (813b), correct, general-purpose, and configurable \"exports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcdb691cd0cdee35a101a43d06f054619e984d7b110607ea58558fec16416a83093bf2371b9385cef4ee58d9590b768f8e29ecd45f9336b2cab066c7e2b7ec45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6884ea3b09cb6a7a472cd5d924435b3a08d405e1e8703fb1b1226636b8e8bca056e476d2a56dddd69125b3b18540f5165e2c06f7ed0fe06b477c4a82ff833423" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@28.1.1#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df06b2055362398c7473001b97daf09b990a14ff321c7dddfdf90468bd3634f4e40e88cfb6178607b1d9485638c335fe0f1cabbe15f3d0a482564b260a49c2b8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@28.1.3#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58554986742c88ab43128e651b698cd2fe344169c133eccc7471f226cf00599ec9d106494b9f4cb3229e2475a1a416411f7d92e3c14e56f1b23854f58740e5a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@28.1.3#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b78a9caa3f61cdefa3be214f50ddd802d0047859ebfdacc84d740430045fe5c330298d923014670904d72e2c53976d0e47a98b87d28b32b8152602484b29bed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "9.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@9.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04f4b8ca7256fe8f763d4478c20ae2cf651de60a524f9bf3e8641f322c440cad19f19094bf633b4a404bca41f9e93fbe5ecfbc967f734c66cebcd1887b4dbf8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "1.8.6", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@1.8.6", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2f9790092a3d94a6dcd2c17949e0efb101425ddc99e2612136861dd607f248d507e6ae9f74b85c146d8b6cedd7b9adb7498850388dc587a8266e9dad5bc125" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@28.1.3#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c55383f8a61cabc825eed696dca8c3b419241c61ed48b1a958083cd137285eb727b2c4c708c5ad75a8f343a5534b7ab7ad22d36a126618427d54633ff9c7534" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "28.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@28.1.2#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "715f0bc7705e4ad25bf22a4f1e7a95c3f20cd9508c58eddcad6673628752224c579d1717262a42771d4908ad0ae4cb09268b994131fbde6cdfe2f83145a1fdc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@28.1.3#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2f6e2f4b52b1c92e7dcd9435bac05da1bc832d77825497640d56b8eaf880521e2ae07eb477a3d46756dc7374418eda7f49c885b01e72df6f2e4acea04683660" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@28.1.3#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f11a8fd41fce5f38e34d692a317ebb8aa830055251802c8a0f72fd9eafba66a24c76f8c4f1180792da99ea336b91d313f9d26e60d237ae1429c5acfb76b2477f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@28.1.1#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "154d2215a1ff136ddaf9aef5f25f106bfd7d6c5f69d3a9201342a2a4c38c69dc1add28e768494accf6940b4be789bb3afc1ffd9e2f7bb3ad6671e8e4f16d5f43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@28.1.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe5fd55ac76dfda057823b212d6385c85b77215758ca9bb9cb65a7dab38ed6e9fa9e4a889fc48b5f38083185c5c98b11583c85e44b6198a24c21d26f934f20ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.24.51", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.24.51", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4fd4e44e9bfaddb9b3f96850d265020b534beb2c22787ef1ede84a2a1c433ed83fc6e4c2b76c86b299428b8adf09b3d81b9ece54c899e43ff4d944e2f0e2d50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@28.1.3#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae863792faefe7b0339f5c8f81d4de6cf017bdd476c5f7b368a298cd5c59e88b7fe4d0b1cc9ca6ead508e4fd7391d5a17d4624c4423db9959c41d6852e8f2625" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "28.0.8", + "bom-ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@28.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-28.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45686d255e644fcc0a62c7ca051bc44a8c0cf87a1b66f3230a393cb91d7ddf63a5bc926bceae6718d212831255b9d85268bfe7258546eb280aa87e78f89974e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@28.1.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fe7eea49be55801db41f9fbe1ca0d5f7cdfeb42d7309b1eccdbefc7c78887b88e47596e275a68c5881093517c3d8b4dabfe903830c70aab129d3152582e3dd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@28.1.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cded50a0267e79115293dda5af7c798ac04749d5fac4855196441ae43611b15dd72e1238bb43e500cd1c0abe6dbf5af9b6d7bd8402e1bf880ff4c720c714e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "4.9.5", + "bom-ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@4.9.5", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d455e4f44d879be433650ef3f8c7098872f8356d45d84cccbbd36af62df301a1aa89b69fa98c02554e96c9602ec90451cce971a2ef31652c972c437ca0a8f6e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yaml" + } + ] + } + ] + }, + { + "type": "library", + "name": "flat", + "group": "@types", + "version": "5.0.5", + "bom-ref": "@types/flat@5.0.5", + "description": "TypeScript definitions for flat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/flat@5.0.5#types/flat", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/flat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/flat/-/flat-5.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cf2e58d940a4a769ce77283503ceecdd45f188d130dbe6a3eb6fe4ab43237732d750ace9c6b0a9e21cdd62619b0910121542f7bde18ea0373db6b2021266af9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "group": "@types", + "version": "1.2.3", + "bom-ref": "@types/he@1.2.3", + "description": "TypeScript definitions for he", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/he@1.2.3#types/he", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/he", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/he/-/he-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abaeffab09716e50f3103bf31e1564c1cd60cd55b168dc5ec87501178c4496bbe32f5d4ef98b737bed5f1a904796bfc7f66ca20546945cd9cd3e6047c717c070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/he" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "group": "@types", + "version": "0.7.0", + "bom-ref": "@types/json-diff@0.7.0", + "description": "TypeScript definitions for json-diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-diff@0.7.0#types/json-diff", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-diff/-/json-diff-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db4209aaea461f2c2d21a13a7d2df48b2821ddd56a55dce6b27ad89ff545b916902b12f1fd1187e4af618427dcb55c6037b2b32659c3ee060500eacdc220a0b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-diff" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/jstoxml@2.0.4", + "description": "TypeScript definitions for jstoxml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jstoxml@2.0.4#types/jstoxml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jstoxml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jstoxml/-/jstoxml-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c750ca76b7c09f254b0ab7caa396ca595a59157af785836785fe4455f022a2350f8577798991f7b12035ed6449c6ff868965109534d9f8eb335d75254850dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jstoxml" + } + ] + }, + { + "type": "library", + "name": "lodash", + "group": "@types", + "version": "4.17.4", + "bom-ref": "@types/lodash@4.17.4", + "description": "TypeScript definitions for lodash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/lodash@4.17.4#types/lodash", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/lodash", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/lodash/-/lodash-4.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1808fdba64bc5a4f7477f6488ddbe1dc278913777535c1a23f718ee2bd662a14fea95b764da6f8ba59de8f1d9c7b4ffb7ccf4be5917320dd060b6bb0d9fc825" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/lodash" + } + ] + }, + { + "type": "library", + "name": "pretty", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/pretty@2.0.3", + "description": "TypeScript definitions for pretty", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pretty@2.0.3#types/pretty", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pretty", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pretty/-/pretty-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c51f7aa5284d96bc4b777819ab30a76da0266d88624588d6e750831637a4b597a6aa9059040024330c66e2006b6893ffc5280a72c4212d77655cec03356a3855" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pretty" + } + ] + }, + { + "type": "library", + "name": "flat", + "version": "5.0.2", + "bom-ref": "flat@5.0.2", + "author": "Hugh Kennedy", + "description": "Take a nested Javascript object and flatten it, or unflatten an object with delimited keys", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/flat@5.0.2", + "externalReferences": [ + { + "url": "git://github.com/hughsk/flat.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hughsk/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hughsk/flat/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fab2e103fb9ff7ad3a5405d1b582ea4897c30f14200c034417c269632e1bc250a714bdd138816932f73a6e1827171ceb33e09f703c6356aba38aa66233cf785" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "version": "1.2.0", + "bom-ref": "he@1.2.0", + "author": "Mathias Bynens", + "description": "A robust HTML entities encoder/decoder with full Unicode support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/he@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/he.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/he/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17fd439d418fa29391662d278be0afac28074391721001d12d2029b9858c9ab6d2c28376327ffb93e1a5dfc8099d1ef2c83664e962d7c221a877524e58d0ca1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/he" + } + ] + }, + { + "type": "library", + "name": "domelementtype", + "version": "2.3.0", + "bom-ref": "domelementtype@2.3.0", + "author": "Felix Boehm", + "description": "all the types of nodes in htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domelementtype@2.3.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domelementtype.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domelementtype#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domelementtype/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38b113063eb0d0eb1a801c1d5e73dd37472731f17da2937af5ca3eed9adb7cf1ab7693d5341523d36b298ba07537bc0284b4223e7e02487ff326f5f0e7a8261f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domelementtype" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "4.1.2", + "bom-ref": "chalk@4.1.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a9db845c91217a54b9ecfc881326c846b89db8f820e432ba173fc32f6463bfd654f73020ef5503aebc3eef1190eefed06efa48b44e7b2c3d0a9434eb58b898" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "chalk@4.1.2|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "3.0.0", + "bom-ref": "slash@3.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83d43585a79bcb7e8e492b706f89ed08618668ab1a5528d0ebc7c1c6841cbad9797d2d6fb98d7c1f7c12b778c5c85b6b931f8acf45751bce40e0cc80743322d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slash" + } + ] + }, + { + "type": "library", + "name": "v8-coverage", + "group": "@bcoe", + "version": "0.2.3", + "bom-ref": "@bcoe/v8-coverage@0.2.3", + "author": "Charles Samborski", + "description": "Helper functions for V8 coverage files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40bcoe/v8-coverage@0.2.3", + "externalReferences": [ + { + "url": "git://github.com/demurgos/v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://demurgos.github.io/v8-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/demurgos/v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21610f120780dbe73bd90786b174c1c6c046908e467316342237d2d562f2050769d25075bdb58a715ab88fad60c0488c626976b1f3744470bc6e49d9c63d9b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@bcoe/v8-coverage" + } + ] + }, + { + "type": "library", + "name": "collect-v8-coverage", + "version": "1.0.2", + "bom-ref": "collect-v8-coverage@1.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/collect-v8-coverage@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/SimenB/collect-v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "947978779fce3446cb949bda24db6c17f2f3f96bc1d3bbb6c9ca9361b76babb532a435da8a5112e2f6a561bd9e5a2245c599559a919e91faa8c50873c85753e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/collect-v8-coverage" + } + ] + }, + { + "type": "library", + "name": "exit", + "version": "0.1.2", + "bom-ref": "exit@0.1.2", + "author": "\"Cowboy\" Ben Alman", + "description": "A replacement for process.exit that ensures stdio are fully drained before exiting.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://github.com/cowboy/node-exit/blob/master/LICENSE-MIT" + } + } + ], + "purl": "pkg:npm/exit@0.1.2", + "externalReferences": [ + { + "url": "git://github.com/cowboy/node-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cowboy/node-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cowboy/node-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "664fde34a576cdb8e92b3aec43e9f51baa6855b12b4312742c13895da299d445622f31fe86b2eef5c757238cf0f5d05026c970044a5b4363f5a12ee70f1b3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exit" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "7.2.3", + "bom-ref": "glob@7.2.3", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@7.2.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c5474ccba54d9809a471c28089bcbe94bc21f6245c85548bf04cbb087f6d40b8794cb240358614dd93e2e5609b4e958b7dbfa76fb330f604646a04bfa240af5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "glob@7.2.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "glob@7.2.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45b279fe398570d342703579a3d7939c12c9fc7b33595d0fef76dcf857f89d2feb263f98692e881b288e2f45680585fe9755ab97793ade1fcaac7fa7849d17bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "version": "3.2.2", + "bom-ref": "istanbul-lib-coverage@3.2.2", + "author": "Krishnan Anantheswaran", + "description": "Data library for istanbul coverage objects", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-coverage@3.2.2#packages/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc769b05fabd1657ff0c35129f9e6aed09686e2a3c6bab6c3e8e9cc12f95192938b62de5569d63a6591c4595eb0938d99cfb02c01af29064439a9e4a342c54e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/core@7.24.4", + "author": "The Babel Team", + "description": "Babel compiler core.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/core@7.24.4#packages/babel-core", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20core%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3015653173fe924979dfde1104b4b1c64fe22d37951ae5d35777080d76af3e930caa74a7b7a6a92a06a7fd4f0edd44966425994ff4db81f12929ae2e3203780e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/core@7.24.4|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/parser@7.24.4", + "author": "The Babel Team", + "description": "A JavaScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/parser@7.24.4#packages/babel-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd3bc405c82199e0666bd4081ae9d67afbc1029e3f42ef4176afb69343ade1f54c0fabf776c0bd58e71148a93bb5147204cff9df228c264a3dc4e6ad1900304a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/parser" + } + ] + }, + { + "type": "library", + "name": "schema", + "group": "@istanbuljs", + "version": "0.1.3", + "bom-ref": "@istanbuljs/schema@0.1.3", + "author": "Corey Farrell", + "description": "Schemas describing various structures used by nyc and istanbuljs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/schema@0.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "657458e2336f56049543c0cbdcb4dc6a4680b57c13554c44f3586c96cc83d80b685d6ff05686f5d0790e2755ffa4095c23b0fed98a192a0e5da3c1bfc3a45880" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/schema" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "version": "3.0.1", + "bom-ref": "istanbul-lib-report@3.0.1", + "author": "Krishnan Anantheswaran", + "description": "Base reporting library for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-report@3.0.1#packages/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1827c4d66b6c1c63842c253c7bf67b616ce99b26ebc7ff9d4937cbaef63ca9199a63acd74ca5a7e964088da005c34ebd89c9ba19530d920bb437323888f65437" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-source-maps", + "version": "4.0.1", + "bom-ref": "istanbul-lib-source-maps@4.0.1", + "author": "Krishnan Anantheswaran", + "description": "Source maps support for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-source-maps@4.0.1#packages/istanbul-lib-source-maps", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-source-maps", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f7b3c13091d1482421b704f28162fb248171a8cbcf00473bde8248ad93ad0dc5177096d2ce4da1fb09488c457bf0628ae5d10ef5da212371607e7cafccad657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-source-maps" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "version": "3.1.7", + "bom-ref": "istanbul-reports@3.1.7", + "author": "Krishnan Anantheswaran", + "description": "istanbul reports", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-reports@3.1.7#packages/istanbul-reports", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05ec265172267ae464d986343d56f180a032b2f8513d4404d21e5044cfbe9d55b2b9b28657497ca90e68a7cf81d833a6c127badc98af8f406390f4157fc7cfe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "merge-stream", + "version": "2.0.0", + "bom-ref": "merge-stream@2.0.0", + "author": "Stephen Sugden", + "description": "Create a stream that emits events from multiple other streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-stream@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/grncdr/merge-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/grncdr/merge-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/grncdr/merge-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69bbffa8e72e3df9375113df0f39995352ca9aec3c913fb49c81ef2ab2a016bc227e897f76859c740e19aac590f0436b14a91debb31fa68fcba2f6c852c6eddf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-stream" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "8.1.1", + "bom-ref": "supports-color@8.1.1", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@8.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3295043763a876d533c6f29097bd9c505ed14391221ec1af4ac546d226bd73945b5862f6088e02ec4a4f4bc513048a659e5cd988db95e7ac3e16e371cb7b72d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "string-length", + "version": "4.0.2", + "bom-ref": "string-length@4.0.2", + "author": "Sindre Sorhus", + "description": "Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-length@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa5eab34de5f607361659cb8d515ec629b428c0d88826ab8106ee4640605408d44d554d76abafa64f5c183a7aaed8e9e2b8144858e80265cae1486ffbff4b455" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-length" + } + ] + }, + { + "type": "library", + "name": "terminal-link", + "version": "2.1.1", + "bom-ref": "terminal-link@2.1.1", + "author": "Sindre Sorhus", + "description": "Create clickable links in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/terminal-link@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/terminal-link.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d059a245440daf93c9ab2f643fb738d05e4139fa469584ebc689c30a111907ba7367144da7f6edfb29a2cbdfe7a705f26bd287f7d9c9fc65c522252460615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/terminal-link" + } + ] + }, + { + "type": "library", + "name": "ansi-escapes", + "version": "4.3.2", + "bom-ref": "ansi-escapes@4.3.2", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for manipulating the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-escapes@4.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ansi-escapes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80a5e3e402eb29640bb181bd8e54d1991ff12a5bb11d5f99f501303488027ccd7fbb03cc0aecd55678799b04ddf8eb8165cc1220c6eab2c356466d65139d5069" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-escapes" + } + ] + }, + { + "type": "library", + "name": "supports-hyperlinks", + "version": "2.3.0", + "bom-ref": "supports-hyperlinks@2.3.0", + "author": "James Talmage", + "description": "Detect if your terminal emulator supports hyperlinks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-hyperlinks@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/supports-hyperlinks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "469b00665a56703c0e3d0036d9a087e09d2decbf09980bec0b17ce484c26edc42cdcbb21377e9069393077bd039c13970d61acb30d9e52873c09a4564f45ee9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks" + } + ], + "components": [ + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "v8-to-istanbul", + "version": "9.2.0", + "bom-ref": "v8-to-istanbul@9.2.0", + "author": "Ben Coe", + "description": "convert from v8 coverage format to istanbul's format", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/v8-to-istanbul@9.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/v8-to-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fc41ffb03831536786c5a8ca7702c20e6438156abe9298b7b829811a9c35c49b67031123943f23f0f122196a4220c22cddc88d0201f47774d3262524633c998c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-to-istanbul" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "group": "@types", + "version": "2.0.6", + "bom-ref": "@types/istanbul-lib-coverage@2.0.6", + "description": "TypeScript definitions for istanbul-lib-coverage", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6#types/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9017fb7f6ae5a6d25b32f17b4a54f1b5f6fdec48e42525efd81d981f8dbfca0411ce19257e276abf4baef5adcabdb9306b2c05e6669a8989a41b313fb3354d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-istanbul", + "version": "6.1.1", + "bom-ref": "babel-plugin-istanbul@6.1.1", + "author": "Thai Pangsakulyanont @dtinth", + "description": "A babel plugin that adds istanbul instrumentation to ES6 code", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/babel-plugin-istanbul@6.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/babel-plugin-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635210a24f7cdb5702f689c2c79a2d8057d19bb2e6f88fb0c313b1ef7f0cfd62cf67d438da6e081b95b414d5fc58b2f6818319a37264b97207d833a958cfaac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul" + } + ], + "components": [ + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "fast-json-stable-stringify", + "version": "2.1.0", + "bom-ref": "fast-json-stable-stringify@2.1.0", + "author": "James Halliday", + "description": "deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-json-stable-stringify@2.1.0", + "externalReferences": [ + { + "url": "git://github.com/epoberezkin/fast-json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96177fc05f8b93df076684c2b6556b687b5f8795d88a32236a55dc93bb1a52db9a9d20f22ccc671e149710326a1f10fb9ac47c0f4b829aa964c23095f31bf01f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-json-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "4.0.2", + "bom-ref": "write-file-atomic@4.0.2", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecac5ab947419927569e6a5a18583ea69363285f2e34baf2f0bcb38dab900ce54e35f14b34aacabd03b167f56e4c8712fe081efd835a85fe512084164d26ab96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/write-file-atomic" + } + ] + }, + { + "type": "library", + "name": "execa", + "version": "5.1.1", + "bom-ref": "execa@5.1.1", + "author": "Sindre Sorhus", + "description": "Process execution for humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/execa@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/execa.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/execa#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/execa/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e4a9659a1c01944100f20420d263dcba3d1f21a2b6595ccdcdbb121e586288e3305327f321cc0cc6941c4d89a9fab4e43ff0b9cc08e091944725edd6f721ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/execa" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "3.1.0", + "bom-ref": "p-limit@3.1.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d839a9ccdf01b0346b193767154d83c0af0e39e319d78f9aa6585d5b12801ce3e714fe897b19587ba1d7af8e9d4534776e1dcdca64c70576ec54e5773ab8945" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "co", + "version": "4.6.0", + "bom-ref": "co@4.6.0", + "description": "generator async control flow goodness", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/co@4.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/tj/co.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/co#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/co/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4156f474ce47bc6fae6b18ad9bcc0e365ee396dc7c76a85f537dc372ab4e65c2d25482920c32c38bbfb42db00a8b223c843f6ee369b66315d290c1964e169e71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/co" + } + ] + }, + { + "type": "library", + "name": "is-generator-fn", + "version": "2.1.0", + "bom-ref": "is-generator-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if something is a generator function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-generator-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-generator-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "713201e323d82ff1abc3411a4b3012ce0e9b072f60a82a1fbd637ca244e1018231289642fae7654409866ccd172de9e21094acf2e1201cf1ae1d27b55ec38b49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-generator-fn" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "version": "2.0.6", + "bom-ref": "stack-utils@2.0.6", + "author": "James Talmage", + "description": "Captures and cleans stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-utils@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/stack-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/stack-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/stack-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5916bdf226e919ac5ad349c7ebaab4a2d2f1ea856f1520d19ccb5ea63471a132f65ee1aee5fc2298839e3b0b6afa0182a08247bd53a963bc31a5d885e27745" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "2.0.0", + "bom-ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "529cdc2c25e895459c36ee47b5530761d5c98c0ae3b05f42d1a367aae658638b96fd5bb49a2cb96285af6d5df8e476ae56f700527a51ba130c72a4dc18e636fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils/node_modules/escape-string-regexp" + } + ] + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "5.2.0", + "bom-ref": "parse-json@5.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b208abe6fe98421b13a461148233cda20f072df3f1289d2120092c56c43eef7ba8c7820b059787d955004f44d810a0a8ae57fa1d845ac6cd05d9c1b89f0bc46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "strip-json-comments", + "version": "3.1.1", + "bom-ref": "strip-json-comments@3.1.1", + "author": "Sindre Sorhus", + "description": "Strip comments from JSON. Lets you use comments in your JSON files!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-json-comments@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-json-comments.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9f3dcf91e22870a8fe8dfda22fd9fd60307f25395b56407a2a0b8c8aea8483555a1cba602c7c2aa39179ea89832198cc12fe61072e9ed57a196ddea97a9448a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-json-comments" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "group": "@types", + "version": "4.1.9", + "bom-ref": "@types/graceful-fs@4.1.9", + "description": "TypeScript definitions for graceful-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/graceful-fs@4.1.9#types/graceful-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/graceful-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/graceful-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a253f7b1dd6a3847b97574d2685bd01bed3655d45771dcad58b019b00ab53de714f2ea9002192b9db962ec36a08ed5ca5bf065ed825b52c6bc30f72e73c2c711" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "anymatch", + "version": "3.1.3", + "bom-ref": "anymatch@3.1.3", + "author": "Elan Shanker", + "description": "Matches strings against configurable strings, globs, regular expressions, and/or functions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/anymatch@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/anymatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/anymatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/anymatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28c45e154af4078b7e0fe381923477298aafa1ca765da4b33b9e54701ea681031ddca6dc13e9964f2bd557b0ffcec7446cd9d5e9a71952eb64887417bd3af547" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/anymatch" + } + ] + }, + { + "type": "library", + "name": "fb-watchman", + "version": "2.0.2", + "bom-ref": "fb-watchman@2.0.2", + "author": "Wez Furlong", + "description": "Bindings for the Watchman file watching service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/fb-watchman@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79d7ad41a9bb826929c1f2321bcd01ce96982c3e62b9ac95437c328ef75031b39342d6ebb71d1426eb0b7d71df7ff86b504083b9dc97465d7a320e94c0b2060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fb-watchman" + } + ] + }, + { + "type": "library", + "name": "fsevents", + "version": "2.3.3", + "bom-ref": "fsevents@2.3.3", + "description": "Native Access to MacOS FSEvents", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fsevents@2.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/fsevents/fsevents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fsevents/fsevents", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fsevents/fsevents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e71a037d7f9f2fb7da0139da82658fa5b16dc21fd1efb5a630caaa1c64bae42defbc1d181eb805f81d58999df8e35b4c8f99fade4d36d765cda09c339617df43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fsevents" + } + ] + }, + { + "type": "library", + "name": "walker", + "version": "1.0.8", + "bom-ref": "walker@1.0.8", + "author": "Naitik Shah", + "description": "A simple directory tree walker.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/walker@1.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-walker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6cffc13c9796fb918d2f9562dec0e9035cc98f74b7155781a63902f2c6e4acc0826cc1e78566d02c305ee4d4db33cfe4d8050ae56119b33a7af7f7ccb525e99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/walker" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/code-frame@7.24.2", + "author": "The Babel Team", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.24.2#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-code-frame", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb9fad2d0c95f298377ec8a59faec154b0f53f5dc4838961e515bd985d3352ebcbaeff6e210e0c08bf82453f854ec0650637086a7e8f1ac2dc04dd26dc2954c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/code-frame" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/stack-utils@2.0.3", + "description": "TypeScript definitions for stack-utils", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/stack-utils@2.0.3#types/stack-utils", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/stack-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/stack-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5a11b619dd36d83339cf75c76bdd2988acb5f00bf00a65741e09ff4f81aa3908a6fc0b21ee117e63cd63d392fade82f85124772944ee81168196f7271a3a463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/stack-utils" + } + ] + }, + { + "type": "library", + "name": "jest-pnp-resolver", + "version": "1.2.3", + "bom-ref": "jest-pnp-resolver@1.2.3", + "description": "plug'n'play resolver for Webpack", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-pnp-resolver@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/arcanis/jest-pnp-resolver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb7369c10127468201b71e1fca16e54033e0248d07d48108917ed284b5233c603b4ed513bc8d6888a8b7491e28051d21421411f349785807b946b5c1c16300f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-pnp-resolver" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "3.1.0", + "bom-ref": "detect-newline@3.1.0", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cbcfec7fbc45e6fd8ecfef09f510914d2f1629503e1380ca2cc58e9f0152549c931bba91c13a7731c96506f4ea53687f44043eee148e4b7c482630e739e03b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-newline" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "version": "0.5.13", + "bom-ref": "source-map-support@0.5.13", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/source-map-support@0.5.13", + "externalReferences": [ + { + "url": "git+https://github.com/evanw/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "48748a14769d8d5039a11e0f3ea86d01575c056c1161577a83a7005e721b4622307361213eb4ee29405d48bbe510ac883f71827fcf5f96dbdc6623fd30c140d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-support" + } + ] + }, + { + "type": "library", + "name": "type-detect", + "version": "4.0.8", + "bom-ref": "type-detect@4.0.8", + "author": "Jake Luer", + "description": "Improved typeof detection for node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-detect@4.0.8", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/type-detect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/type-detect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/type-detect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1faff9881f57653bec7b4e570ccbe6c80ea28fb30ffbd2d5727875bbf3b828423866a9a65ed74bb02ee8ee6caf6af4b83a162868d4a50a0d8cf467b93b839fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-detect" + } + ] + }, + { + "type": "library", + "name": "callsites", + "version": "3.1.0", + "bom-ref": "callsites@3.1.0", + "author": "Sindre Sorhus", + "description": "Get callsites from the V8 stack trace API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/callsites@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/callsites.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/callsites#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/callsites/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fc06302c5ef652f95203508d7584709012fef8613ebb6148b924914d588a8bdb7e6c0668d7e3eab1f4cbaf96ce62bf234435cb71e3ac502d0dda4ee13bb2c69" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/callsites" + } + ] + }, + { + "type": "library", + "name": "cjs-module-lexer", + "version": "1.2.3", + "bom-ref": "cjs-module-lexer@1.2.3", + "author": "Guy Bedford", + "description": "Lexes CommonJS modules, returning their named exports metadata", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cjs-module-lexer@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/cjs-module-lexer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d133621acb5b426085c2de1a9238c1839a4b4534b28ff3e4590d59a0edb39ed9a0f722ea491c7011ae2209f40b1a3aa18aa05f3896bb5bf13cc1f1ab4c39a565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cjs-module-lexer" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "4.0.0", + "bom-ref": "strip-bom@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df1bab16fe6d1208a2df7662f09b69e79c042082d1f5e877e05016d343d97fe2674ac4e657f8a87b04a0425f7b247be08e8446c0f4a1b169be21daf1077e5dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "generator", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/generator@7.24.4", + "author": "The Babel Team", + "description": "Turns an AST into code.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/generator@7.24.4#packages/babel-generator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ddebebfa4a78d6571fe7bacfb2d25d6cc4c39338c064c8be3e04875b00bc9ab509c07bf49156300d7833d2098697fa2d62266b8648a7f767e13e57fbdad47bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator" + } + ], + "components": [ + { + "type": "library", + "name": "jsesc", + "version": "2.5.2", + "bom-ref": "@babel/generator@7.24.4|jsesc@2.5.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "398bbb5c4ce39024370b93ecdd0219b107cda6aa09c99640f7dc1df5a59dd39342b42e6958e91284ada690be875d047afc2cb695b35d3e5641a6e4075c4eb780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator/node_modules/jsesc" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-typescript", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-typescript@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of TypeScript syntax", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-typescript@7.24.1#packages/babel-plugin-syntax-typescript", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-typescript", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6219e6bf2e476449c752dcba8befa071f1f5fe5ebc0079c8b451e7682bfa867f5d361d2142fbd026cc698b804c0453790cb78706eb9c4ffd038335e27ff3b247" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-typescript" + } + ] + }, + { + "type": "library", + "name": "traverse", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/traverse@7.24.1", + "author": "The Babel Team", + "description": "The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/traverse@7.24.1#packages/babel-traverse", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20traverse%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6e53aa3d9baf0a7aa65b42e0edd9370a4b1530fe6aecbdabe512a43595e67f07e0bdb64e84e2c456cbded669782fab913e9d4ddc5ccc6fdd628e09a9d530299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse" + } + ], + "components": [ + { + "type": "library", + "name": "globals", + "version": "11.12.0", + "bom-ref": "@babel/traverse@7.24.1|globals@11.12.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@11.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e069fc410652222c252a7bc1cbffcba30efa557d5289dc5aac6e15f9bc781c3358d8327c177a1b3f8878a43d8c29b28681fdf60d793374fe41a5471638b354" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse/node_modules/globals" + } + ] + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/types@7.24.0", + "author": "The Babel Team", + "description": "Babel Types is a Lodash-esque utility library for AST nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/types@7.24.0#packages/babel-types", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20types%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa3edae5cdb9dd17ca87c880041872c1cf0d49f3f92d445eed4878aa9b21ea373e68b260baf98850176349d10c42fd9b10dac247931f45d8c6a3bbf34bfa1bef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/types" + } + ] + }, + { + "type": "library", + "name": "babel__traverse", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__traverse@7.20.5", + "description": "TypeScript definitions for @babel/traverse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__traverse@7.20.5#types/babel__traverse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5970b239c46d1f7ec70149295e151db9ac5d9bcd9be064a5c93a9a8d7be237811f8ae3e0358475d3dc4c08abe997accf229b9ad031a53040c2abe83c11da2179" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__traverse" + } + ] + }, + { + "type": "library", + "name": "prettier", + "group": "@types", + "version": "2.7.3", + "bom-ref": "@types/prettier@2.7.3", + "description": "TypeScript definitions for prettier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prettier@2.7.3#types/prettier", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prettier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prettier", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbaf243fdcb3b382cca7b54d87c81dccc48f6452f8e0c2c6aa21d6bedb5825efbaaa7b95af8124f70481428bdea98febf8bc2309c536f643559227708a6fa460" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prettier" + } + ] + }, + { + "type": "library", + "name": "babel-preset-current-node-syntax", + "version": "1.0.1", + "bom-ref": "babel-preset-current-node-syntax@1.0.1", + "author": "Nicolò Ribaudo", + "description": "A Babel preset that enables parsing of proposals supported by the current Node.js version.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-current-node-syntax@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "33b2d0d1bc5aae4c50a0dfafcf96893ec2c19fbee7f10813166a3c58ad3fe386ae2b6c65097ad8714c47171814eea5b9633c3f0a398b44adae27368277b2efa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-current-node-syntax" + } + ] + }, + { + "type": "library", + "name": "natural-compare", + "version": "1.4.0", + "bom-ref": "natural-compare@1.4.0", + "author": "Lauri Rooden", + "description": "Compare strings containing a mix of letters and numbers in the way a human being would in sort order.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-compare@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/litejs/natural-compare-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "396343f1e8b756d342f61ed5eb4a9f7f7495a1b1ebf7de824f0831b9b832418129836f7487d2746eec8408d3497b19059b9b0e6a38791b5d7a45803573c64c4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-compare" + } + ] + }, + { + "type": "library", + "name": "leven", + "version": "3.1.0", + "bom-ref": "leven@3.1.0", + "author": "Sindre Sorhus", + "description": "Measure the difference between two strings using the fastest JS implementation of the Levenshtein distance algorithm", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/leven@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/leven.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/leven#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/leven/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aac75af87f234da51a37fc79bf35b6af373ef11c384c043fe0a8c1e3a2302b9547f8895579e7a37bf128651a625ef22a8c580af3841f7ea3f3b462375412c6d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/leven" + } + ] + }, + { + "type": "library", + "name": "react-is", + "version": "18.2.0", + "bom-ref": "react-is@18.2.0", + "description": "Brand checking of React Elements.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/react-is@18.2.0#packages/react-is", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/react.git#packages/react-is", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://reactjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/react/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c56183216eb1f76d71b733e486250bb6d8491e826f05b177ab6e9fce5a0f08ad21b2fc6d3d57a5bdfb70df38db1d64a4476926f59fb8bb16c30caffa670f41f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/react-is" + } + ] + }, + { + "type": "library", + "name": "rimraf", + "version": "3.0.2", + "bom-ref": "rimraf@3.0.2", + "author": "Isaac Z. Schlueter", + "description": "A deep deletion module for node (like `rm -rf`)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/rimraf@3.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/rimraf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/rimraf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/rimraf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "25990931990018514f3f662a5d95cf6cc94c060b31cc4f082ece253085ffda8d0bf54070f4efd8de8eb0170fe2f582daa5c5095b0a9b8b791dc483dd0bad9320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rimraf" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "group": "@types", + "version": "3.0.4", + "bom-ref": "@types/istanbul-reports@3.0.4", + "description": "TypeScript definitions for istanbul-reports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-reports@3.0.4#types/istanbul-reports", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-reports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a64d81d4d59a945f6da0246eea08c1cd1ebdb321633f839df164405fed2699ff6502309189c2ce59cf99af1647c7fd17463a2d82417db7a89a309f9a5dc39d65" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "yargs", + "group": "@types", + "version": "17.0.32", + "bom-ref": "@types/yargs@17.0.32", + "description": "TypeScript definitions for yargs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs@17.0.32#types/yargs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.32.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c50ebb61cfe568e1b9b8c7d7ff4f77311946182201cd931aad56be81f34a271580220ca462954690175ba84cc60c37c2ad5523e8789f7f8993679040e93980a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs" + } + ] + }, + { + "type": "library", + "name": "import-local", + "version": "3.1.0", + "bom-ref": "import-local@3.1.0", + "author": "Sindre Sorhus", + "description": "Let a globally installed package use a locally installed version of itself if available", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-local@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-local.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-local#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-local/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012074eee2ed9c3b35a3a1078caa57df804a6034aa9c57ab7d33892f61ef32a17bd0b9f1a639330c1f09e38a13f69bb800c3e44307fc8e5eacce0bcd776b5122" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-local" + } + ] + }, + { + "type": "library", + "name": "prompts", + "version": "2.4.2", + "bom-ref": "prompts@2.4.2", + "author": "Terkel Gjervig", + "description": "Lightweight, beautiful and user-friendly prompts", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompts@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/prompts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/prompts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/prompts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37136ffe42e0b8203ba778c4f282f668406cac95a001a901a609a02ba9693d657e5ae3a663aaf6ff36c05673fe4fc6d0940d27cc75d2252256d07abbca5683d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompts" + } + ] + }, + { + "type": "library", + "name": "kleur", + "version": "3.0.3", + "bom-ref": "kleur@3.0.3", + "author": "Luke Edwards", + "description": "The fastest Node.js library for formatting terminal text with ANSI colors~!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kleur@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/kleur.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/kleur#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/kleur/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "793233955392511f89c5d0c57a911870132d67d42a75e7feae7cd675166e31b3b2c2ee6d3b6c3637baea8e800d67993dbf2c212fa06bd55463508813431e04f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kleur" + } + ] + }, + { + "type": "library", + "name": "sisteransi", + "version": "1.0.5", + "bom-ref": "sisteransi@1.0.5", + "author": "Terkel Gjervig", + "description": "ANSI escape codes for some terminal swag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sisteransi@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/sisteransi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/sisteransi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/sisteransi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cb186951d50c417329e7d9de589835f83068e566fcb631104344d1cb27c548ea5ebef45522c9314d27422f78e48fd1b7178150cf45c7c6a80d298daa94a5f56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sisteransi" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "17.7.2", + "bom-ref": "yargs@17.7.2", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@17.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd4b3cd143ef822a7348fe4aca9d8455ec928a3d45cc121eb5b286872a0f66ad6121cc55a1167c4fc4697eebd703d4ebbadc2d773543c29e621caefa82b8ceb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs" + } + ], + "components": [ + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "yargs@17.7.2|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs/node_modules/yargs-parser" + } + ] + } + ] + }, + { + "type": "library", + "name": "json-diff", + "version": "0.9.1", + "bom-ref": "json-diff@0.9.1", + "author": "Andrey Tarantsov", + "description": "JSON diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-diff@0.9.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/andreyvit/json-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/json-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-diff/-/json-diff-0.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67778c83a91b55306bde0fc8a6617acf6f322f6b2a8b89242252560d04add1ab905b6cb4405bb746648a8b3be3f3cd04fc453235a9ef598de88bf4f967b640d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-diff" + } + ] + }, + { + "type": "library", + "name": "cli-color", + "version": "2.0.4", + "bom-ref": "cli-color@2.0.4", + "author": "Mariusz Nowak", + "description": "Colors, formatting and other tools for the console", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-color@2.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/cli-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/cli-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/cli-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-color/-/cli-color-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce59e98348cd7226cdaceec61bd21e1c7ee669615e0b3f896b5c31ffbb59354e4049249267efea65c88cd3f2c7098c5276abf9876b1d6d0fcf5d874eb9eb57bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-color" + } + ] + }, + { + "type": "library", + "name": "d", + "version": "1.0.2", + "bom-ref": "d@1.0.2", + "author": "Mariusz Nowak", + "description": "Property descriptor factory", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/d@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/d.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/d#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/d/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/d/-/d-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30ea87bcc585f7ff4c5fa9f36b42a0bc51f81e9314d04179b940d7a97fc1b71b54f0d7c1d10cd1b49f0e7bfe92b92e246e1cb3549c2377dec40383caaf327c6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/d" + } + ] + }, + { + "type": "library", + "name": "es5-ext", + "version": "0.10.64", + "bom-ref": "es5-ext@0.10.64", + "author": "Mariusz Nowak", + "description": "ECMAScript extensions and shims", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es5-ext@0.10.64", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.64.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a76b270e188b6977ba75a86cb352dd771a849be4a4b83bd5f1d9c8406d0c5a3c87a5c30d7d728f13efc2734cbe3e1c495f7038c4635e1428f9a1cd01521e9d7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es5-ext" + } + ] + }, + { + "type": "library", + "name": "type", + "version": "2.7.2", + "bom-ref": "type@2.7.2", + "author": "Mariusz Nowak", + "description": "Runtime validation and processing of JavaScript types", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/type@2.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type/-/type-2.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77396f94d96de805d4ec40527e902c732750ee05c1fa93c6b0f9df26766988d2410e3ec8689cd094165819d122e11f4798f741bf65e6589e9852da136bb9660b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type" + } + ] + }, + { + "type": "library", + "name": "es6-iterator", + "version": "2.0.3", + "bom-ref": "es6-iterator@2.0.3", + "author": "Mariusz Nowak", + "description": "Iterator abstraction based on ES6 specification", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es6-iterator@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-iterator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf0e12473a1491df9c97e668135e40f68d6841df76d016f488e24c4244219778cd734dd8a958c0846eec71ff42e4a59153f475dceadfe7cf2e082eb9db9a34da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-iterator" + } + ] + }, + { + "type": "library", + "name": "es6-symbol", + "version": "3.1.4", + "bom-ref": "es6-symbol@3.1.4", + "author": "Mariusz Nowak", + "description": "ECMAScript 6 Symbol polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-symbol@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es6-symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d6c51635fcb458804e0b64275ce0db9f8abe2217a6046f4474bcb1abb719f855cd385142b39e92c3de4f40565b630d66cd4e1162750cf5ce40c9f428a464be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-symbol" + } + ] + }, + { + "type": "library", + "name": "ext", + "version": "1.7.0", + "bom-ref": "ext@1.7.0", + "author": "Mariusz Nowak", + "description": "JavaScript utilities with respect to emerging standard", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ext@1.7.0#ext", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git#ext", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/tree/ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ea1c5e25868bd75d1af5be531094a3d20a23c87400980d9c8793acfb2482880d5019d4baf7b5d6635a73b2b4a3a80f4b0c4120741fcaca9225479f5170bb8763" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ext" + } + ] + }, + { + "type": "library", + "name": "esniff", + "version": "2.0.1", + "bom-ref": "esniff@2.0.1", + "author": "Mariusz Nowak", + "description": "Low footprint ECMAScript source code parser", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/esniff@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/esniff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/esniff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/esniff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esniff/-/esniff-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91350818a43f9833c5a09d2855f726c899f88810d1a6d8cd548cf020547bb6a59775523dc5f03644cc18fe06d2a491b79647563448cb6a9fcda951d9889b1d7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esniff" + } + ] + }, + { + "type": "library", + "name": "event-emitter", + "version": "0.3.5", + "bom-ref": "event-emitter@0.3.5", + "author": "Mariusz Nowak", + "description": "Environment agnostic event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/event-emitter@0.3.5", + "externalReferences": [ + { + "url": "git://github.com/medikoo/event-emitter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/event-emitter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/event-emitter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fdad19fdcbb90b3e727e84cabb4bf9e1be82b0c2f5496a1062d813e6c776ef6ec11d2b75bd8a2f1c0521a33feef6fcb9cce27e9fa37f9d9025f915e4d0aee5c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/event-emitter" + } + ] + }, + { + "type": "library", + "name": "next-tick", + "version": "1.1.0", + "bom-ref": "next-tick@1.1.0", + "author": "Mariusz Nowak", + "description": "Environment agnostic nextTick polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/next-tick@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/next-tick.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/next-tick#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/next-tick/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977548897a66ec363b93a10bf16b23d917d56a86dee17b0b2fcb6b0e59a7cbbe2d9ac1f963f66382e9b1c8839d28ad7f0826f58a63dc1843fcc1da4a203ec95" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/next-tick" + } + ] + }, + { + "type": "library", + "name": "memoizee", + "version": "0.4.15", + "bom-ref": "memoizee@0.4.15", + "author": "Mariusz Nowak", + "description": "Memoize/cache function results", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/memoizee@0.4.15", + "externalReferences": [ + { + "url": "git://github.com/medikoo/memoizee.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/memoizee#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/memoizee/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5015a62692d97794933e6ecf31494ec3f4d2cbdef633ecfc81cc90e6f78e9d20d1444cffd1b9a9c937cab77ff9d4384406a099427d6e74cff97e57123d886475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/memoizee" + } + ] + }, + { + "type": "library", + "name": "es6-weak-map", + "version": "2.0.3", + "bom-ref": "es6-weak-map@2.0.3", + "author": "Mariusz Nowak", + "description": "ECMAScript6 WeakMap polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-weak-map@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-weak-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79ba6df61ce4ced643fec3b3d19c1fb9950e3767a9aeb8cb8831f7ef0cdf1907819c9e32c157acc64ada5b01220c9380c202f11a6a685edb387209bfd05d7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-weak-map" + } + ] + }, + { + "type": "library", + "name": "is-promise", + "version": "2.2.2", + "bom-ref": "is-promise@2.2.2", + "author": "ForbesLindesay", + "description": "Test whether an object looks like a promises-a+ promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-promise@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/then/is-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/then/is-promise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/then/is-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa53f8ffa94a5017d08d9da97714e166f2d401a7e665bf0e03115bf175ed890992df920d82bf3985d386a04b35db87b3d450a7649b7a8dabbf4fe6a5879f1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-promise" + } + ] + }, + { + "type": "library", + "name": "lru-queue", + "version": "0.1.0", + "bom-ref": "lru-queue@0.1.0", + "author": "Mariusz Nowak", + "description": "LRU Queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lru-queue@0.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/lru-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/lru-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/lru-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06975892df44bc697c39f5870d03c8495a5c979c59b616fe5cfb1b10b8f90105f1202f08ae20d92106230493c49b9ad2e36d2c8d9d132c4cd172ae4a741858ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-queue" + } + ] + }, + { + "type": "library", + "name": "timers-ext", + "version": "0.1.7", + "bom-ref": "timers-ext@0.1.7", + "author": "Mariusz Nowak", + "description": "Timers extensions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/timers-ext@0.1.7", + "externalReferences": [ + { + "url": "git://github.com/medikoo/timers-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/timers-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/timers-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fce4d50dcd349da1d4a14c86e4cba645d367bc493b5555f0fe7eee1a5d74a11042e9a331fe6c2a492d830f65bb0004ddb00c7edf269a88a17c49a736dfd0da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/timers-ext" + } + ] + }, + { + "type": "library", + "name": "difflib", + "version": "0.2.4", + "bom-ref": "difflib@0.2.4", + "author": "Xueqiao Xu", + "description": "text diff library ported from Python's difflib module", + "licenses": [ + { + "license": { + "name": "PSF", + "url": "http://docs.python.org/license.html" + } + } + ], + "purl": "pkg:npm/difflib@0.2.4", + "externalReferences": [ + { + "url": "git://github.com/qiao/difflib.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/difflib.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/difflib.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/difflib/-/difflib-0.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5857098c6f4c101d036be49f66e814a3e9f938a5f1884c640e3acf83f4597e20d38358539fbe1214d6136fe86811d510680bff4d25cc2eefbcd2871574913ef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/difflib" + } + ] + }, + { + "type": "library", + "name": "heap", + "version": "0.2.7", + "bom-ref": "heap@0.2.7", + "author": "Xueqiao Xu", + "description": "binary heap (priority queue) algorithms (ported from Python's heapq module)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/heap@0.2.7", + "externalReferences": [ + { + "url": "git://github.com/qiao/heap.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/heap.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/heap.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/heap/-/heap-0.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9bb1e8189241cefa1ffd3066e7e8a59c138e5c1d980f00da392d717b12f59d4f4c93d8482e4953b59c3814e5cf3e64e3f0a76bcc35aed816c26155c0d1f5276" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/heap" + } + ] + }, + { + "type": "library", + "name": "dreamopt", + "version": "0.8.0", + "bom-ref": "dreamopt@0.8.0", + "author": "Andrey Tarantsov", + "description": "Command-line parser with readable syntax from your sweetest dreams", + "purl": "pkg:npm/dreamopt@0.8.0", + "externalReferences": [ + { + "url": "git://github.com/andreyvit/dreamopt.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dreamopt/-/dreamopt-0.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf2253a7cfa60be1bee5d7e0b18fabddc931973f90317e345633d0b19739831540c4b9a2eb84c1a1590fe7803fa51017317b1bbb618c301ad93f136fdb7c1a32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dreamopt" + } + ] + }, + { + "type": "library", + "name": "wordwrap", + "version": "1.0.0", + "bom-ref": "wordwrap@1.0.0", + "author": "James Halliday", + "description": "Wrap those words. Show them at what columns to start and stop.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wordwrap@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/substack/node-wordwrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-wordwrap#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-wordwrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "82f57324594fc9c29ce5d64de323e43fcc3b0dcdfb06d3f5c9ccc49de39be2eab7e295d972faed45399657c5be5267be5c2c4a81b8ccfa77af93214f3326dde1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wordwrap" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "version": "3.2.10", + "bom-ref": "jstoxml@3.2.10", + "author": "David Calhoun", + "description": "Converts JavaScript/JSON to XML (for RSS, Podcasts, AMP, etc.)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jstoxml@3.2.10", + "externalReferences": [ + { + "url": "git://github.com/davidcalhoun/jstoxml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/davidcalhoun/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davidcalhoun/jstoxml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jstoxml/-/jstoxml-3.2.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "735bf6085c4aae120f5abf9c3ab04e2569029646b945f5161b5d98d60ab2143e1dcca4e5c646ab9e2925c0e4ffeb047565f97ec76655223448411f431621b5ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jstoxml" + } + ] + }, + { + "type": "library", + "name": "pretty", + "version": "2.0.0", + "bom-ref": "pretty@2.0.0", + "author": "Jon Schlinkert", + "description": "Some tweaks for beautifying HTML with js-beautify according to my preferences.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/pretty.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty/-/pretty-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bdc54721813122369a2b99d60197e3e16b9d20394a2f4f5f08bc07bb118319d7f7fd5bf59630f467fb123af325cd3149374171c3c28ff5c15ff835e8d535ed7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty" + } + ] + }, + { + "type": "library", + "name": "condense-newlines", + "version": "0.2.1", + "bom-ref": "condense-newlines@0.2.1", + "author": "Jon Schlinkert", + "description": "Replace extraneous newlines with a single newline, or pass a specified number of newlines to use.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/condense-newlines@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/condense-newlines.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/condense-newlines/-/condense-newlines-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fb5fe40bf476fd07f73c1c8e411452a68e006ed97a50b85f7c599f5790ef9d046824e57830890cfba354a6a6094d588777e7cd54712d1214059fa0884c1cf7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/condense-newlines" + } + ] + }, + { + "type": "library", + "name": "extend-shallow", + "version": "2.0.1", + "bom-ref": "extend-shallow@2.0.1", + "author": "Jon Schlinkert", + "description": "Extend an object with the properties of additional objects. node.js/javascript util.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/extend-shallow@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/extend-shallow.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc29d3b65c4da0088373782a636698016171ed759689ab2e1762bc31ee566cdf28b4729350a0708cfb4da51b3fadb5199bb2b158068d8fb3f56bfa79d866d5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/extend-shallow" + } + ] + }, + { + "type": "library", + "name": "is-whitespace", + "version": "0.3.0", + "bom-ref": "is-whitespace@0.3.0", + "author": "Jon Schlinkert", + "description": "Returns true if the value passed is all whitespace.", + "purl": "pkg:npm/is-whitespace@0.3.0", + "externalReferences": [ + { + "url": "git://github.com/jonschlinkert/is-whitespace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-whitespace/-/is-whitespace-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47274f865e12e89c00ca3d09263b215891051ba84dc9ede964505165a4d47d9170187c73a6935a34e56042e4bf13f4a586b029b8c5eba672b51042177dda370e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-whitespace" + } + ] + }, + { + "type": "library", + "name": "kind-of", + "version": "3.2.2", + "bom-ref": "kind-of@3.2.2", + "author": "Jon Schlinkert", + "description": "Get the native type of a value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kind-of@3.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/kind-of.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e5bd4105cca191a0fe8aa754da0d4d320510889dd7adbb5827df50124474cc58029abb98d13b0a9cee7083dcf99420db93e17a3ec8252997de13bea1b94eb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kind-of" + } + ] + }, + { + "type": "library", + "name": "is-buffer", + "version": "1.1.6", + "bom-ref": "is-buffer@1.1.6", + "author": "Feross Aboukhadijeh", + "description": "Determine if an object is a Buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-buffer@1.1.6", + "externalReferences": [ + { + "url": "git://github.com/feross/is-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/is-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/is-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35c7402f0a579139b966fbdb93ba303944af56f04a0e028fe7f7b07d71339e64057ece194666a739e2814e34558e46b7405a0de9727ef45dd44aa7c7a93694e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-buffer" + } + ] + }, + { + "type": "library", + "name": "is-extendable", + "version": "0.1.1", + "bom-ref": "is-extendable@0.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a value is any of the object types: array, regexp, plain object, function or date. This is useful for determining if a value can be extended, e.g. \"can the value have keys?\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extendable@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extendable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e413142cda1bd6f8055fa123430e62cd60f1ade7162bd00cef6aee80daf44c595d30e8b47e3e8993ecde288b74c468f87047d0209b61e30dce296389e1ff8017" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extendable" + } + ] + }, + { + "type": "library", + "name": "js-beautify", + "version": "1.15.1", + "bom-ref": "js-beautify@1.15.1", + "author": "Einar Lielmanis", + "description": "beautifier.io for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-beautify@1.15.1", + "externalReferences": [ + { + "url": "git://github.com/beautifier/js-beautify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://beautifier.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beautifier/js-beautify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.15.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1128cdcd296dfec584f2c722647f24045f013e5c173f0851ea958a030f1bc380708fe899727296e8e35652eb49ede39bb81650a6221bf12ece62ca56acab7bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify" + } + ], + "components": [ + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "js-beautify@1.15.1|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "js-beautify@1.15.1|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/minipass" + } + ] + } + ] + }, + { + "type": "library", + "name": "config-chain", + "version": "1.1.13", + "bom-ref": "config-chain@1.1.13", + "author": "Dominic Tarr", + "description": "HANDLE CONFIGURATION ONCE AND FOR ALL", + "purl": "pkg:npm/config-chain@1.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/config-chain.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/dominictarr/config-chain", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/config-chain/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa3f9ff003c04571eb33486b6aa5d86f6fdb395495e0fbc9425359fc3563d10ae634cdaad9eba2ce47ae55c910e7b27e5b49911fa1ef8be939d0ce09ba5d9545" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/config-chain" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "1.3.8", + "bom-ref": "ini@1.3.8", + "author": "Isaac Z. Schlueter", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@1.3.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "255ff2ba0576bb35b988c4528990320ed41dfa7c6d5278de2edd1a70d770f7c90a2ebbee455c81f34b6c444384ef2bc65606a5859e913570a61079142812b17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ini" + } + ] + }, + { + "type": "library", + "name": "proto-list", + "version": "1.2.4", + "bom-ref": "proto-list@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "A utility for managing a prototype chain", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proto-list@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/proto-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/proto-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/proto-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bed2bff786a4c6c4cc85ed3f71b7e947eb323eeb3372ec21a958c9ab6e82b8d0e01468faf36a1105738fe4c269bf6afb26d13c32c89ea4622abef3930709f6bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proto-list" + } + ] + }, + { + "type": "library", + "name": "editorconfig", + "version": "1.0.4", + "bom-ref": "editorconfig@1.0.4", + "author": "EditorConfig Team", + "description": "EditorConfig File Locator and Interpreter for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/editorconfig@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/editorconfig/editorconfig-core-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fd41ed3c2964e5a98315bcc71322f300765d5c0d4b9bcd13582fe59f0386cb0cc1dee277a62a4a666339339c4d45c0b2aed04126cbaa1b8102b3309ae0e31f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "9.0.1", + "bom-ref": "editorconfig@1.0.4|minimatch@9.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d235a12690ff31d84f5f03ee8919026df61f48aa76aa79f678e736efda88edffa8b25fe5fa9aca4abbe1835e7bcd262fc7fd679a09f636a753ea4d99ef3487f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig/node_modules/minimatch" + } + ] + } + ] + }, + { + "type": "library", + "name": "wasm", + "group": "@one-ini", + "version": "0.1.1", + "bom-ref": "@one-ini/wasm@0.1.1", + "description": "Parse EditorConfig-INI file contents into AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40one-ini/wasm@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/one-ini/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/one-ini/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/one-ini/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@one-ini/wasm/-/wasm-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eec921b5137f1849c489a0c96aa2f2ebbb829350d4a38154c88f287ba8c5fa68d3791d8e42b792e14497713bbf49b53cca7f357f6e75a9cfeceab98ac84acbf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@one-ini/wasm" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "10.0.1", + "bom-ref": "commander@10.0.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@10.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb8320dad5ec8699446d21b3c7b6a6ccfc0a28e086ba84913ff0a311dc3093414e1a551baba94aba8c83653359926c47749b69e7885d7d8fc952b74bed77ddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7008bd0f1e33e902e9a50bc7ac2e422c15b27cec8bd7775b1cd5dc5a564c6035f45eb6d64c1d6ec01c14a5e02941d95accbe998ea22f5b074f1584142cad0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "js-cookie", + "version": "3.0.5", + "bom-ref": "js-cookie@3.0.5", + "author": "Klaus Hartl", + "description": "A simple, lightweight JavaScript API for handling cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-cookie@3.0.5", + "externalReferences": [ + { + "url": "git://github.com/js-cookie/js-cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70488910012821b59f09960a5a157016ebcf5f58044d160fc3a2e56932a8c43decd80917ce40a39e9ea1d15efba33caa8f48da92d789e18a83253f37d3e9551b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-cookie" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.0", + "bom-ref": "nopt@7.2.0", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nopt/-/nopt-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0950edc02761608be703316827a349e9d5f7a206bdfc7c9c8900e71b5bd00e348b31e28b27803ddd9a98283ae0612af5141639fe13180bed950a2db8a60a6418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nopt" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/abbrev/-/abbrev-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ebf9a1d44daed98804b021dd634631e685beeb581953ed6f5daa221c7ae929eb9134d805bd2fbf8ebc07890841e5aa407f9a01ed407b135f689764762ca1fc85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/abbrev" + } + ] + }, + { + "type": "library", + "name": "babel__core", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__core@7.20.5", + "description": "TypeScript definitions for @babel/core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__core@7.20.5#types/babel__core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa8429ad9bf3e70405270303a9eb1e4575afdeba8cbe18296d715f5725a16f1f57e3b3ce200ea2ffe75779f12664aa0080e69375a22035232a30853ad72472cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__core" + } + ] + }, + { + "type": "library", + "name": "template", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/template@7.24.0", + "author": "The Babel Team", + "description": "Generate an AST from a string template.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/template@7.24.0#packages/babel-template", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20template%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0647f6abc94c074005a57d0d144a926f1d4e9131dfd1ffb48fcda6930f99a73067924edef50974f3dd6f95f822fa41f03a4f2d4238901e9aa1e0b6926b47ca10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/template" + } + ] + }, + { + "type": "library", + "name": "bs-logger", + "version": "0.2.6", + "bom-ref": "bs-logger@0.2.6", + "author": "Huafu Gandon", + "description": "Bare simple logger for NodeJS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bs-logger@0.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/huafu/bs-logger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/huafu/bs-logger#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/huafu/bs-logger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5df030a8c666e073b8723ca3afc6da8d7236283ac0013d075c0948c6a77778d95476097d4e46193603cee8aaabb9475924fbbea7b3166ea649b277e315b42a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bs-logger" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "2.2.3", + "bom-ref": "json5@2.2.3", + "author": "Aseem Kishore", + "description": "JSON for Humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@2.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e63967bb7b21d81f5e1c2dd54fa3283e18e1f7ad85fef8aa73af2949c125bdf2ddcd93e53c5ce97c15628e830b7375bf255c67facd8c035337873167f16acca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json5" + } + ] + }, + { + "type": "library", + "name": "lodash.memoize", + "version": "4.1.2", + "bom-ref": "lodash.memoize@4.1.2", + "author": "John-David Dalton", + "description": "The lodash method `_.memoize` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.memoize@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b8fe3739a09d0cd30185dcb0760b8229a5b4e5753171ed94e59fe868cbf4a8fc18ae45227c39268b71bdb3acf88bd5d7f0f3a34e3f7c219f2d5b3b6976f802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.memoize" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "3.26.9", + "bom-ref": "@oclif/core@3.26.9", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@3.26.9", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-3.26.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81e58c5deb60ec1eaa822bfeb42fc2221a94d1214e09f9fcc2a9f6cf462218139f9a81f37ade4a6968cf936eac8c05db27b7f3d03a7603f0186cd6ab94afa7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/core@3.26.9|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/core@3.26.9|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@oclif/core@3.26.9|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@oclif/core@3.26.9|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/sprintf-js" + } + ] + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "group": "@types", + "version": "3.11.5", + "bom-ref": "@types/cli-progress@3.11.5", + "description": "TypeScript definitions for cli-progress", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/cli-progress@3.11.5#types/cli-progress", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/cli-progress", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/cli-progress/-/cli-progress-3.11.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f83db3516ef88aca9a52e62bc11b214edbd3ce97248b980d87c94144e29e5019acc030cdc2c2429672f4e5f20bc4952bb1461e853ca2fc5e689d5fcef7a2ee2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/cli-progress" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.21.3", + "bom-ref": "type-fest@0.21.3", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.21.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b74af306af3b9b77d571db870d41612a6cb25fef5ea3a5908d9bdfe7511afccd10efe4f7ef8269d5a522c9497418ac69f0cfce113547483be69323e0bd7f97db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-fest" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4511023ec8fb8aeff16f9a0a61cb051d2a6914d9ec8ffe763954d129be333f9a275f0545df3566993a0d70e7c60be0910e97cafd4e7ce1f320dfc64709a12529" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "cardinal", + "version": "2.1.1", + "bom-ref": "cardinal@2.1.1", + "author": "Thorsten Lorenz", + "description": "Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cardinal@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/cardinal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/cardinal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/cardinal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cardinal/-/cardinal-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "252af978e8281329ad607063356ca3acca9eb7d026da68898657ca35da8ba7ace878087428de5d44073195e723e66009ae64289a088e063df9c472eb163a81a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cardinal" + } + ] + }, + { + "type": "library", + "name": "ansicolors", + "version": "0.3.2", + "bom-ref": "ansicolors@0.3.2", + "author": "Thorsten Lorenz", + "description": "Functions that surround a string with ansicolor codes so it prints in color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansicolors@0.3.2", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/ansicolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansicolors/-/ansicolors-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "417bbb04facfdbd565951c47f06c01ef1e625f9a9628000c2ea2901964de2d656534734ea55309f7576cc50008597a63b96e70aafc6edc977f9d18eb27ed29aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansicolors" + } + ] + }, + { + "type": "library", + "name": "redeyed", + "version": "2.1.1", + "bom-ref": "redeyed@2.1.1", + "author": "Thorsten Lorenz", + "description": "Takes JavaScript code, along with a config and returns the original code with tokens wrapped as configured.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/redeyed@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/redeyed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/redeyed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/redeyed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/redeyed/-/redeyed-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14da461a8d43c9c600767aca17108c98a620a3f9882c0aad4586e47500fc129fc79363d0e7e684004c7e214ef5dd14c39ae05a1f473c3f9668ceeacdbb939b45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/redeyed" + } + ] + }, + { + "type": "library", + "name": "esprima", + "version": "4.0.1", + "bom-ref": "esprima@4.0.1", + "author": "Ariya Hidayat", + "description": "ECMAScript parsing infrastructure for multipurpose analysis", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esprima@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jquery/esprima.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://esprima.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jquery/esprima/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "786b85170ed4a5d6be838a7e407be75b44724d7fd255e2410ccfe00ad30044ed1c2ee4f61dc10a9d33ef86357a6867aaac207fb1b368a742acce6d23b1a594e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esprima" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "4.0.0", + "bom-ref": "has-flag@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1329094ff4352a34d672da698080207d23b4b4a56e6548e180caf5ee4a93ba6325e807efdc421295e53ba99533a170c54c01d30c2e0d3a81bf67153712f94c3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "3.0.1", + "bom-ref": "clean-stack@3.0.1", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-stack/-/clean-stack-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "951f70362311715423481ddaef15c62eecf872be3026eb9795a0046d1bad1a8c104e6969ed1ef6fc33a0376d5ef237706e531697d50e24c2576ab5fde29cca76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-stack" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "4.0.0", + "bom-ref": "escape-string-regexp@4.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4eda5c349dd7033c771aaf2c591cc96956a346cd2e57103660091d6f58e6d9890fcf81ba7a05050320379f9bed10865e7cf93959ae145db2ae4b97ca90959d80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "version": "3.12.0", + "bom-ref": "cli-progress@3.12.0", + "author": "Andi Dittrich", + "description": "easy to use progress-bar for command-line/terminal applications", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-progress@3.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/npkgz/cli-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npkgz/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npkgz/cli-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-progress/-/cli-progress-3.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b51915dc7275012c26d7d4c78a22c85cb3bb226ef0953b8a9ef918693932a003de7ea8cd83b5bb0c7294946471cbdbf10ef6f2098424428cefa6db8c9060a0f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-progress" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "4.2.3", + "bom-ref": "color@4.2.3", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6b5deb94522186af2921f8278176ee487bb389c229c28106346dcec6091c72e71547cbe9a86aa9292ff8ea42ad0cb5039e61caea133e1a6dce5fd0ab54ed6e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-string", + "version": "1.9.1", + "bom-ref": "color-string@1.9.1", + "author": "Heather Arthur", + "description": "Parser and generator for CSS color strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-string@1.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-string/-/color-string-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21ad56b0405a239d9bfac4ce346a7c780a4a033fe7d9b30fd97ab10cb16fe9cb3b116c4969b0bfc30555bbab7131c70bac74d5c8de55e9ba1119933b3ca7912" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-string" + } + ] + }, + { + "type": "library", + "name": "simple-swizzle", + "version": "0.2.2", + "bom-ref": "simple-swizzle@0.2.2", + "author": "Qix", + "description": "Simply swizzle your arguments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/simple-swizzle@0.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-simple-swizzle.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "240fff910819b5bb98f379bec53fad5c9926267706313153f82fa0da1d91f6ec64608ac4db2cbdb2099c2e10a7c39eff5920fe121dc9f7b14f1031676d79c352" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle" + } + ], + "components": [ + { + "type": "library", + "name": "is-arrayish", + "version": "0.3.2", + "bom-ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "79546a0af56565bbb0dc6acceb7a2f352340780d4ad7a91a47f2d163ff76c34cf1439ff5633c1b9545fae768b85ecf51c001a35bd77dcba5fcf2df0e68025f59" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle/node_modules/is-arrayish" + } + ] + } + ] + }, + { + "type": "library", + "name": "ejs", + "version": "3.1.10", + "bom-ref": "ejs@3.1.10", + "author": "Matthew Eernisse", + "description": "Embedded JavaScript templates", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ejs@3.1.10", + "externalReferences": [ + { + "url": "git://github.com/mde/ejs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/ejs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/ejs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51e26615f3ab0104bc38958f678aad807c961316b4f3cfccb4ae54132a091851faedc0c45e4652be23a2291099e178a3d33c48dc9102818b37a0ac7e022cd004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ejs" + } + ] + }, + { + "type": "library", + "name": "jake", + "version": "10.8.7", + "bom-ref": "jake@10.8.7", + "author": "Matthew Eernisse", + "description": "JavaScript build tool, similar to Make or Rake", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/jake@10.8.7", + "externalReferences": [ + { + "url": "git://github.com/jakejs/jake.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jakejs/jake#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jakejs/jake/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6438b768ff9f1bf2dc87207350cf34e158dd767c1f49fb1d798930b7c35c6ca46fa38ac592386ce39ea22c59f79366545af35ee22e3c5800836f36bc7e1ab6fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "jake@10.8.7|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "jake@10.8.7|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "async", + "version": "3.2.5", + "bom-ref": "async@3.2.5", + "author": "Caolan McMahon", + "description": "Higher-order functions and common patterns for asynchronous code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async@3.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/caolan/async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://caolan.github.io/async/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caolan/async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da359caa69a2e1c8b54a9bf0e5bdd5b4e7531280ee9bf1e55f21ece5f44e4fa96c458332e6ff0427b445b8ccecad55bbab0c4af426500b12974e170bc4acbb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async" + } + ] + }, + { + "type": "library", + "name": "filelist", + "version": "1.0.4", + "bom-ref": "filelist@1.0.4", + "author": "Matthew Eernisse", + "description": "Lazy-evaluating list of files, based on globs or regex patterns", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/filelist@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/mde/filelist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/filelist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/filelist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c35704b9fdd2f83acb0902fb113ea4cfe82694975babd27bc970928cafce6423c0faa10dd56c85e1901fd186096b8fec84726b6b6b7f77fafc495e098bec7ef1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "5.1.6", + "bom-ref": "filelist@1.0.4|minimatch@5.1.6", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.1.6", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94ac15ff56eba46ea6054147b5becd526b400426f65996669b6c0d88e0398406fc55d092e01dddb4c5b2bdca1589c730016fc23844635cbb74ccfd735d4376ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist/node_modules/minimatch" + } + ] + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de849e50ed13315ebb84dd4099b5ec2b8c9aa94eed8e21e56f144364ea47d0a5bdf82797e1b440697d009f1b74b71d8cae94695b041a3f02252121098585393f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/balanced-match" + } + ] + }, + { + "type": "library", + "name": "concat-map", + "version": "0.0.1", + "bom-ref": "concat-map@0.0.1", + "author": "James Halliday", + "description": "concatenative mapdashery", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/concat-map@0.0.1", + "externalReferences": [ + { + "url": "git://github.com/substack/node-concat-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-concat-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-concat-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd2aefe1db30c903417e8846a73f68e986f71b3dd2ad40ea047e6b4ee84647b6a1b656d82a7571c366c214c4658da03b1171da5d9f30b07768745bdb9212a6aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/concat-map" + } + ] + }, + { + "type": "library", + "name": "get-package-type", + "version": "0.1.0", + "bom-ref": "get-package-type@0.1.0", + "author": "Corey Farrell", + "description": "Determine the `package.json#type` which applies to a location", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-package-type@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/cfware/get-package-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cfware/get-package-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cfware/get-package-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cee2ad63ae0661f5a2ccd009d1fafd56ab6d6643622b6892e37d0bb481f38c112be9b5fc026db39b8b16e11a39c23596e5c02544bd6a00c4dc5db8cd00ed9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-package-type" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "11.1.0", + "bom-ref": "globby@11.1.0", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e121768ecf2d6c6fc232a1c6abb964a7d538e69c156cf00ca1732f37ae6c4d27cab6b96282023dc29c963e2a91925c2b9e00f7348b4e6456f54ab4fd6df52de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globby" + } + ] + }, + { + "type": "library", + "name": "array-union", + "version": "2.1.0", + "bom-ref": "array-union@2.1.0", + "author": "Sindre Sorhus", + "description": "Create an array of unique values, in order, from the input arrays", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-union@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/array-union.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/array-union#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/array-union/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1c6cb1a0e4d853208ceacb547ba1098277781287b0008ef331d7ea3be9068e79599810f3fdc479a5ff2bfdc4785aaeb4b0bfe9d0891c8d41043f04b7185ac8cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-union" + } + ] + }, + { + "type": "library", + "name": "dir-glob", + "version": "3.0.1", + "bom-ref": "dir-glob@3.0.1", + "author": "Kevin Mårtensson", + "description": "Convert directories to glob compatible strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dir-glob@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/dir-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/dir-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/dir-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a4ad6a7d191e0a5df28663338b993b86562d545857f0b37efb9fd71ce79fed6fa0eeab217aa5c43901b88712c85a0e963dbfaa1a4abd9708389d1a633077320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dir-glob" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "4.0.0", + "bom-ref": "path-type@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80329bf1a64c0de0ffb595acf4febeab427d33091d97ac4c57c4e39c63f7a89549d3a6dd32091b0652d4f0875f3ac22c173d815b5acd553dd7b8d125f333c0bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.3.1", + "bom-ref": "ignore@5.3.1", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45cadcff22b68c8eaa707dddf891edbc3d354c8d98c91b630f9f9b7b384e1e50250d7fc0406bb6f95944bdfd0bebea6c0e412ecc93abddb0c9e8e617be4fc5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + }, + { + "type": "library", + "name": "hyperlinker", + "version": "1.0.0", + "bom-ref": "hyperlinker@1.0.0", + "author": "James Talmage", + "description": "Write hyperlinks in the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hyperlinker@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/hyperlinker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hyperlinker/-/hyperlinker-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f2f146e545614471f4ae21a6a3337e0b74f5c885bb356a3117fc104fbf6e09f9e9d255a11563adf143a9533bd551612e4b028821206d080c9fa9f883f329441" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hyperlinker" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11d0c366ee00d8ec882bb2ebff6cc6fb0e6399bba4d435419c4c11110bc1ceca412640846d16bc1b153596085871a1890a745689b8c35e5abbefd5f5ff2e71c2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/indent-string" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "2.2.0", + "bom-ref": "is-wsl@2.2.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cacc0adad2b18951407018180d90766e4e865c9fe4ed5c7a5e0a09a430930c631d6c40361a092ca32414826b69c7d431a6eecde7d68067a21a154c168decbc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "2.2.1", + "bom-ref": "is-docker@2.2.1", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17e8b604ab05ac7eba89a505734c280fcb0bcbc81eb64c13c2d3818efb39e82c780a024378a41ea9fcfcc0062249bf093a9ad68471f9a7becf6e6602bef52e5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "natural-orderby", + "version": "2.0.3", + "bom-ref": "natural-orderby@2.0.3", + "author": "Olaf Ennen", + "description": "Lightweight and performant natural sorting of arrays and collections by differentiating between unicode characters, numbers, dates, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-orderby@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/yobacca/natural-orderby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yobacca.github.io/natural-orderby", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yobacca/natural-orderby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-orderby/-/natural-orderby-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7b2931f1534094adc3977bad997eb6f9675de72ef3e149647fb28de416e954414d2c814965d99d0bc29b0b377e7578e383fa1446bbf17583eeb10df3de0fef9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-orderby" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "1.1.33", + "bom-ref": "object-treeify@1.1.33", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@1.1.33", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-1.1.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1055630187f35aa5ac04c4473cc0172c20c8267a4c85d580a91ef11ba33a6b672ce8f305a65ffe676d30f730d6e2f9313857dd75e8012aaf517a17746f1584ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "password-prompt", + "version": "1.1.3", + "bom-ref": "password-prompt@1.1.3", + "author": "Jeff Dickey @jdxcode", + "description": "cross-platform masked or hidden prompt", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/password-prompt@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/password-prompt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/password-prompt/-/password-prompt-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e4ae31b668996f174b7604c1f47b62c1fc41dfdcb72addf34ccf2e066077106e502f3a5f904238b52f1ed644132aa552bca7e291edb0a0ee8a80317b5d82acb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/password-prompt" + } + ] + }, + { + "type": "library", + "name": "slice-ansi", + "version": "4.0.0", + "bom-ref": "slice-ansi@4.0.0", + "description": "Slice a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slice-ansi@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/slice-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/slice-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/slice-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8c08c7e1634e347151d3e372bd045ca0a986d43c564a1ce83b2bbde6b5358945bf29c8fddfcdfe08c5de52cdd10943a311520fd606738bc60859b4a2aeac435" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slice-ansi" + } + ] + }, + { + "type": "library", + "name": "astral-regex", + "version": "2.0.0", + "bom-ref": "astral-regex@2.0.0", + "author": "Kevin Mårtensson", + "description": "Regular expression for matching astral symbols", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/astral-regex@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/astral-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/astral-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/astral-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67bb4cc35cad4d7b798ea31c38ff8e42d794d55b8d2bd634daeb89b4a4354afebd8d740a2a0e5c89b2f0189a30f32cd93fe780735f0498b18f6a5d1ba77eabbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/astral-regex" + } + ] + }, + { + "type": "library", + "name": "widest-line", + "version": "3.1.0", + "bom-ref": "widest-line@3.1.0", + "author": "Sindre Sorhus", + "description": "Get the visual width of the widest line in a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/widest-line@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/widest-line.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36c9a85da96c5950cc1aea71679474f246bd7e56638e22ef1d501660e2ad88a33cba3b595abf5c45f7da93eb92138f3e39bf0e6da957a70c9e522c830fa40582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/widest-line" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "plugin-help", + "group": "@oclif", + "version": "6.1.0", + "bom-ref": "@oclif/plugin-help@6.1.0", + "author": "Salesforce", + "description": "Standard help for oclif.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-help@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-help.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-help", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-help/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-help/-/plugin-help-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53e2cd28a69906ba07aa848622961b42691397c696d0d25c3bdb6bd3dd4b24e67be22a840e2ba97c14c232e9255bdb9365d585600a6a4e6b210ee07f238d63c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.13", + "bom-ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.13", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba0f02654089a6181eb5265581de07420c9ec256151861b52c87855c6c63818b2367f7f92379d20a3ef1a403040ea8d50ff970992ba3b55c1aeedbc480b1880b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-9.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54bfa536b128217c30d5ca0b3ce9a21262bfd2c1a2824a3908ec48d3d2b31dcd9525726c437ed4690fbcaaebb18c3780efe2a72c64d647239748b2d1d966f88f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/supports-color" + } + ] + } + ] + }, + { + "type": "library", + "name": "ansis", + "version": "3.2.0", + "bom-ref": "ansis@3.2.0", + "author": "webdiscus", + "description": "Colorize terminal with ANSI colors & styles", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ansis@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/webdiscus/ansis.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/webdiscus/ansis", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/webdiscus/ansis/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansis/-/ansis-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "624dc19071fd53ba0fc8237780be5373b0a96a11bff9416fffa506d370b7d75572f65cd1980e6ea310d3a54f423b7ac61cbe8acc9cffa5d0de5d9099e4cbbf4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansis" + } + ] + }, + { + "type": "library", + "name": "cli-spinners", + "version": "2.9.2", + "bom-ref": "cli-spinners@2.9.2", + "author": "Sindre Sorhus", + "description": "Spinners for use in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-spinners@2.9.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-spinners.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-spinners/-/cli-spinners-2.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb0a95fb9326c8be04ef26d780acace03ba065b5f4142e8b9f0ae18eeca42239caf64f0e41a710edac462a78c35d63619ecd31a2dddb648e61e791fcca8f5c26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-spinners" + } + ] + }, + { + "type": "library", + "name": "cosmiconfig", + "version": "9.0.0", + "bom-ref": "cosmiconfig@9.0.0", + "author": "Daniel Fischer", + "description": "Find and load configuration from a package.json property, rc file, TypeScript module, and more!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cosmiconfig@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/cosmiconfig/cosmiconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8adbcbe61f1111300298e4c573851f23207645f1078bbd40c7a13f3e2bd5c6af4db1e29b396a5ec8710e21b980c35aecf0093456eaec40dc30ee57fb62d530ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cosmiconfig" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa1d6590b2a164c4d88e8835544a49346ecd64959cb9cd830e4feab2a49345108e5e22e3790d5dd7fb9dad41a1a8cc5480097028d67471fdaea9a9f918bb92d8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/env-paths" + } + ] + }, + { + "type": "library", + "name": "import-fresh", + "version": "3.3.0", + "bom-ref": "import-fresh@3.3.0", + "author": "Sindre Sorhus", + "description": "Import a module while bypassing the cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-fresh@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bde6188506be0f54012b39ef8541f16fc7dac65af0527c6c78301b029e39ec4d302cd8a8d9b3922a78d80e1323f98880abad71acc1a1424f625d593917381033" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-fresh" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "4.1.0", + "bom-ref": "js-yaml@4.1.0", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c29c59b3d368c596891122462194f20c4698a65d0529203e141f5a262c9e98a84cc24c5083ade1e13d4a2605061e94ea3c33517269982ee82b46326506d5af44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.2", + "bom-ref": "error-ex@1.3.2", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd147366a9e15212dd9906c0ab8a8aca9e7dd9da98fe7ddf64988e90a16c38fff0cbfa270405f73453ba890a2b2aad3b0a4e3c387cd172da95bd3aa4ad0fce2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "2.3.1", + "bom-ref": "json-parse-even-better-errors@2.3.1", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c72170ca1ae8fc91287fa1a17b68b3d8d717a23dac96836c5abfd7b044432bfa223c27da36197938d7e9fa341d01945043420958dcc7f7321917b962f75921db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-parse-even-better-errors" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "5.1.6", + "bom-ref": "typescript@5.1.6", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@5.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cda582a33459e832c4580585ad50f3d47e85557cd449f4f2e4550c5ac42553c626e493fd78ee31913211385090be141feb5cfa3bf1baba0c374a0027bef9be1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d15851ee494dde0ed4093ef9cd63b25c91eb758f4b793ae3ac1733cfcec7a40f9d9997ca947c520f122b305ea22f1d61951ce817fbb1bfbc234d85e870c5f91" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-plugins", + "group": "@oclif", + "version": "5.2.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2", + "author": "Salesforce", + "description": "plugins plugin for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-plugins@5.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-plugins.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-plugins/-/plugin-plugins-5.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "054027977f9f374f1c7fb2ea9cb851bf991cf8758e2f3dd32eadedf407f6e5af100a9c5804a6339f283152ba08e744ccd34dbe8b49af8e4b518e0d9b1fd791ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "206374200c26843270cb5dd673c93ee0f11b4cf86926732d7d1e7765b3b28e4be611c2d2e270b0a7a9af3168d2e6c5237a25b79a9c7a7079ae84a12ef5799c43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-package-arg" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83cf8e9d4fcbdaffb0ca254af83e5f037e09ec41fc8d9f030e5bf085108cc66323ed4081bf188ed6619e37edfa25720a178cdebd4e2444177c955806f6f2de94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/proc-log" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a69c13b62259ab43bf6a2d33ef27ee76d069588a3133cc84ea71e2d57e3b785476116391a9f6eee829cf94db2378debcdde4f4a86e87fcfc9ff5f09cbe39e79d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path" + } + ], + "components": [ + { + "type": "library", + "name": "path-key", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85a444ca9abbc6433b12b7e0232034cfe063e0018a94c49d9501368ef268ea1b960f511d90a615f86fd3e27ab4604176be04d3f24a8c14aa35b879fde74af849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path/node_modules/path-key" + } + ] + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63ab60e6b1dfb1e7d291f2ae8efd92c07ba522744ecbfac22f9178c3440e5b1badf009f16317f46263614e1f7965fcb1a6cb9da3aeaeaa4bb1d000859f231281" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5698c846f4ec33f16022a12b3a65096049b6fc5971932b2fee1492b4d22471cfc99538998613bf7a9a39eefb1fb10e0cb492a2901414073a5bc538caabec72" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2e907fe7807eff627986a43b8a66477dd537d4e96042ac7b6627159649bd93383dff0f0628b11c15f265fedec30840ee78ec81003eb3082c133ba173b3436811" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "yarn", + "version": "1.22.22", + "bom-ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22", + "description": "📦🐈 Fast, reliable, and secure dependency management.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/yarn@1.22.22", + "externalReferences": [ + { + "url": "git+https://github.com/yarnpkg/yarn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yarnpkg/yarn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yarnpkg/yarn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yarn/-/yarn-1.22.22.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/yarn" + } + ] + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6e519014293e66f19cefb3bd975b2dc7b6f55b4d6963444eba70feb46f127302a7f60e0202a3b9584d8d881d498b9cda6362fc396ef9a81ef3dcd103b66badb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info" + } + ], + "components": [ + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "hosted-git-info@7.0.2|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f61a77569dbf845414888c0aa3c5c2785567ae0f0f9374d834f211eed2400ca8b961f705eef11a2bb6af1474e54b2de438a61a25069a95f128e98b9775c78139" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info/node_modules/lru-cache" + } + ] + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3a58cbad0f5241d394a93690c6a2f97447d95ab5c4c72c96b28cd89405856b03d536e0fcde2825eee243d914e434c6e7888620b7c97cd5e08918875017b6af2d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-name" + } + ] + }, + { + "type": "library", + "name": "npm", + "version": "10.8.0", + "bom-ref": "npm@10.8.0", + "author": "GitHub Inc.", + "description": "a package manager for JavaScript", + "licenses": [ + { + "license": { + "id": "Artistic-2.0" + } + } + ], + "purl": "pkg:npm/npm@10.8.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://docs.npmjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm/-/npm-10.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c21f77b91733829ec70e73cc88b5dc0a4bf685a81d252d3327d293ff7d5dd05a173f4dbeaa037600ec29696f397f14569229e5dab10b7cfc3e0a30575b8f3f8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm" + } + ], + "components": [ + { + "type": "library", + "name": "string-locale-compare", + "group": "@isaacs", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "author": "Isaac Z. Schlueter", + "description": "Compare strings with Intl.Collator if available, falling back to String.localeCompare otherwise", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/string-locale-compare@1.1.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/string-locale-compare.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/string-locale-compare.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/string-locale-compare" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arborist", + "group": "@npmcli", + "version": "7.5.2", + "bom-ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "author": "GitHub Inc.", + "description": "Manage node_modules trees", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/arborist@7.5.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/arborist", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/arborist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/arborist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs", + "group": "@npmcli", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "author": "GitHub Inc.", + "description": "filesystem utilities for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/fs@3.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "installed-package-contents", + "group": "@npmcli", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "author": "GitHub Inc.", + "description": "Get the list of files installed in a package in node_modules, including bundled dependencies", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/installed-package-contents@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/installed-package-contents.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/installed-package-contents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/installed-package-contents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/installed-package-contents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/installed-package-contents" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-bundled", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-bundled@3.0.1", + "author": "GitHub Inc.", + "description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-bundled@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-bundled.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-bundled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-bundled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-bundled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-bundled" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-normalize-package-bin", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "author": "GitHub Inc.", + "description": "Turn any flavor of allowable package.json bin into a normalized object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-normalize-package-bin@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-normalize-package-bin.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-normalize-package-bin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-normalize-package-bin" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "map-workspaces", + "group": "@npmcli", + "version": "3.0.6", + "bom-ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "author": "GitHub Inc.", + "description": "Retrieves a name:pathname Map for a given workspaces config", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/map-workspaces@3.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/map-workspaces.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/map-workspaces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/map-workspaces#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/map-workspaces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/map-workspaces" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "metavuln-calculator", + "group": "@npmcli", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "author": "GitHub Inc.", + "description": "Calculate meta-vulnerabilities from package security advisories", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/metavuln-calculator@7.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/metavuln-calculator.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/metavuln-calculator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/metavuln-calculator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacache", + "version": "18.0.3", + "bom-ref": "npm@10.8.0|cacache@18.0.3", + "author": "GitHub Inc.", + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cacache@18.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cacache.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cacache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cacache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cacache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cacache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "author": "GitHub Inc.", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/json-parse-even-better-errors.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-parse-even-better-errors" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pacote", + "version": "18.0.6", + "bom-ref": "npm@10.8.0|pacote@18.0.6", + "author": "GitHub Inc.", + "description": "JavaScript package downloader", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/pacote@18.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/pacote.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/pacote.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/pacote#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/pacote/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/pacote" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "npm@10.8.0|semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/semver" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "name-from-folder", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "author": "GitHub Inc.", + "description": "Get the package name from a folder path", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/name-from-folder@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/name-from-folder.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/name-from-folder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/name-from-folder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/name-from-folder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/name-from-folder" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "group": "@npmcli", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "author": "GitHub Inc.", + "description": "Tools for dealing with node-gyp packages", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/node-gyp@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-gyp.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "package-json", + "group": "@npmcli", + "version": "5.1.0", + "bom-ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "author": "GitHub Inc.", + "description": "Programmatic API to update package.json", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/package-json@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "query", + "group": "@npmcli", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|@npmcli/query@3.1.0", + "author": "GitHub Inc.", + "description": "npm query parser and tools", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/query@3.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/query.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/query.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/query#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/query/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/query" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16?vcs_url=git%2Bhttps%3A//github.com/postcss/postcss-selector-parser.git", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/postcss-selector-parser" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/cssesc.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cssesc" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2?vcs_url=git%3A//github.com/TooTallNate/util-deprecate.git", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/util-deprecate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "redact", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/redact@2.0.0", + "author": "GitHub Inc.", + "description": "Redact sensitive npm information from output", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/redact@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/redact.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/redact.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/redact#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/redact/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/redact" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "run-script", + "group": "@npmcli", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "author": "GitHub Inc.", + "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/run-script@8.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/run-script.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/run-script.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/run-script#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/run-script/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/run-script" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bin-links", + "version": "4.0.4", + "bom-ref": "npm@10.8.0|bin-links@4.0.4", + "author": "GitHub Inc.", + "description": "JavaScript package binary linker", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/bin-links@4.0.4?vcs_url=git%2Bhttps%3A//github.com/npm/bin-links.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/bin-links.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/bin-links#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/bin-links/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/bin-links" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cmd-shim", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|cmd-shim@6.0.3", + "author": "GitHub Inc.", + "description": "Used in npm for command line application support", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cmd-shim@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-cmd-shim", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|read-cmd-shim@4.0.0", + "author": "GitHub Inc.", + "description": "Figure out what a cmd-shim is pointing at. This acts as the equivalent of fs.readlink.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-cmd-shim@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/read-cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|write-file-atomic@5.0.1", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/write-file-atomic.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/write-file-atomic" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "common-ancestor-path", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|common-ancestor-path@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Find the common ancestor of 2 or more paths on Windows or Unix", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/common-ancestor-path@1.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/common-ancestor-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/common-ancestor-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/common-ancestor-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-nice", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|json-stringify-nice@1.1.4", + "author": "Isaac Z. Schlueter", + "description": "Stringify an object sorting scalars before objects, and defaulting to 2-space indent", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-nice@1.1.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/json-stringify-nice.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/json-stringify-nice.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-stringify-nice" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "npm@10.8.0|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2?vcs_url=git%3A//github.com/isaacs/node-lru-cache.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/lru-cache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "npm@10.8.0|minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4?vcs_url=git%3A//github.com/isaacs/minimatch.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.1", + "bom-ref": "npm@10.8.0|nopt@7.2.1", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.1?vcs_url=git%2Bhttps%3A//github.com/npm/nopt.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/nopt" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-install-checks", + "version": "6.3.0", + "bom-ref": "npm@10.8.0|npm-install-checks@6.3.0", + "author": "GitHub Inc.", + "description": "Check the engines and platform fields in package.json", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-install-checks@6.3.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-install-checks.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-install-checks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-install-checks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-install-checks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-install-checks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "npm@10.8.0|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-package-arg.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-package-arg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-pick-manifest", + "version": "9.0.1", + "bom-ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "author": "GitHub Inc.", + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-pick-manifest@9.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-pick-manifest.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-pick-manifest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-pick-manifest" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-registry-fetch", + "version": "17.0.1", + "bom-ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "author": "GitHub Inc.", + "description": "Fetch-based http client for use with npm registry APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-registry-fetch@17.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-registry-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-registry-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-registry-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-conflict-json", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "author": "GitHub Inc.", + "description": "Parse a JSON string that has git merge conflicts, resolving if possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/parse-conflict-json@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/parse-conflict-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/parse-conflict-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/parse-conflict-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proggy", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|proggy@2.0.0", + "author": "GitHub Inc.", + "description": "Progress bar updates at a distance", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proggy@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proggy.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proggy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proggy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proggy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proggy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-all-reject-late", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-all-reject-late@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like Promise.all, but save rejections until all promises are resolved", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-all-reject-late@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-all-reject-late" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-call-limit", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|promise-call-limit@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Call an array of promise-returning functions, restricting concurrency to a specified limit.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-call-limit@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/promise-call-limit.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/promise-call-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-call-limit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-package-json-fast", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "author": "GitHub Inc.", + "description": "Like read-package-json, but faster", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-package-json-fast@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/read-package-json-fast.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-package-json-fast.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-package-json-fast" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ssri", + "version": "10.0.6", + "bom-ref": "npm@10.8.0|ssri@10.0.6", + "author": "GitHub Inc.", + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ssri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ssri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ssri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ssri" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "treeverse", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|treeverse@3.0.0", + "author": "GitHub Inc.", + "description": "Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/treeverse@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/treeverse.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/treeverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/treeverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/treeverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/treeverse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "walk-up-path", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|walk-up-path@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Given a path string, return a generator that walks up the path, emitting each dirname.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/walk-up-path@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/walk-up-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/walk-up-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/walk-up-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config", + "group": "@npmcli", + "version": "8.3.2", + "bom-ref": "npm@10.8.0|@npmcli/config@8.3.2", + "author": "GitHub Inc.", + "description": "Configuration management for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/config@8.3.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/config", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/config" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0?vcs_url=git%2Bhttps%3A//github.com/watson/ci-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "4.1.2", + "bom-ref": "npm@10.8.0|ini@4.1.2", + "author": "GitHub Inc.", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@4.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/ini.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ini" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.15", + "bom-ref": "npm@10.8.0|glob@10.3.15", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.15?vcs_url=git%3A//github.com/isaacs/node-glob.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/glob" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git", + "group": "@npmcli", + "version": "5.0.7", + "bom-ref": "npm@10.8.0|@npmcli/git@5.0.7", + "author": "GitHub Inc.", + "description": "a util for spawning git from npm CLI contexts", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/git@5.0.7?vcs_url=git%2Bhttps%3A//github.com/npm/git.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/git.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/git#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/git/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/git" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-spawn", + "group": "@npmcli", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "author": "GitHub Inc.", + "description": "spawn processes the way the npm cli likes to do", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/promise-spawn@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promise-spawn.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promise-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promise-spawn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promise-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/promise-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-inflight", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-inflight@1.0.1", + "author": "Rebecca Turner", + "description": "One promise for multiple requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-inflight@1.0.1?vcs_url=git%2Bhttps%3A//github.com/iarna/promise-inflight.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/promise-inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/promise-inflight#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/promise-inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-inflight" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-retry", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|promise-retry@2.0.1", + "author": "IndigoUnited", + "description": "Retries a function that returns a promise, leveraging the power of the retry module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/promise-retry@2.0.1?vcs_url=git%3A//github.com/IndigoUnited/node-promise-retry.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/node-promise-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-which.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/normalize-package-data.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "version": "10.1.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0", + "author": "Nathan Rajlich", + "description": "Node.js native addon build tool", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-gyp@10.1.0?vcs_url=git%3A//github.com/nodejs/node-gyp.git", + "externalReferences": [ + { + "url": "git://github.com/nodejs/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "proc-log", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "tuf", + "group": "@sigstore", + "version": "2.3.3", + "bom-ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "author": "bdehamer@github.com", + "description": "Client for the Sigstore TUF repository", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/tuf@2.3.3?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/tuf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/tuf" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "protobuf-specs", + "group": "@sigstore", + "version": "0.3.2", + "bom-ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/protobuf-specs@0.3.2?vcs_url=git%2Bhttps%3A//github.com/sigstore/protobuf-specs.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/protobuf-specs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/protobuf-specs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf-js", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|tuf-js@2.2.1", + "author": "bdehamer@github.com", + "description": "JavaScript implementation of The Update Framework (TUF)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tuf-js@2.2.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tuf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "models", + "group": "@tufjs", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|@tufjs/models@2.0.1", + "author": "bdehamer@github.com", + "description": "TUF metadata models", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/models@2.0.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/models#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/models" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "canonical-json", + "group": "@tufjs", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "author": "bdehamer@github.com", + "description": "OLPC JSON canonicalization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/canonical-json@2.0.0?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/canonical-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/canonical-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "npm@10.8.0|debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4?vcs_url=git%3A//github.com/debug-js/debug.git", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2?vcs_url=git%2Bhttps%3A//github.com/zeit/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "make-fetch-happen", + "version": "13.0.1", + "bom-ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "author": "GitHub Inc.", + "description": "Opinionated, caching, retrying fetch client", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-fetch-happen@13.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/make-fetch-happen.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/make-fetch-happen.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/make-fetch-happen" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/abbrev-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/abbrev" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "archy", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|archy@1.0.0", + "author": "James Halliday", + "description": "render nested hierarchies `npm ls` style with unicode pipes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/archy@1.0.0?vcs_url=git%2Bssh%3A//git%40github.com/substack/node-archy.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/substack/node-archy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-archy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-archy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/archy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "3.0.3", + "bom-ref": "npm@10.8.0|fs-minipass@3.0.3", + "author": "GitHub Inc.", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@3.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-collect", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|minipass-collect@2.0.1", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that collects all the data into a single chunk", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-collect@2.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-collect.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-collect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-collect" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|minipass@7.1.1", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-flush", + "version": "1.0.5", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that calls a flush function before emitting 'end'", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-flush.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|yallist@4.0.0", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/yallist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-pipeline", + "version": "1.2.4", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "create a pipeline of streams using Minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-pipeline@1.2.4", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "p-map", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|p-map@4.0.0", + "author": "Sindre Sorhus", + "description": "Map over promises concurrently", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-map@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/p-map.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/p-map" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tar", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|tar@6.2.1", + "author": "GitHub Inc.", + "description": "tar for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-tar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-tar#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-tar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fs-minipass", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "author": "Isaac Z. Schlueter", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@5.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "unique-filename", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|unique-filename@3.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique filename for use in temporary directories or caches.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-filename@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-filename.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/unique-filename", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/unique-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-filename" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-slug", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|unique-slug@4.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique character string suitible for use in files and URLs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-slug@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-slug.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-slug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/unique-slug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/unique-slug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-slug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "npm@10.8.0|imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4?vcs_url=git%2Bhttps%3A//github.com/jensyt/imurmurhash-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/imurmurhash" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "5.3.0", + "bom-ref": "npm@10.8.0|chalk@5.3.0", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@5.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/chalk.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chalk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-columns", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|cli-columns@4.0.0", + "author": "Shannon Moeller", + "description": "Columnated lists for the CLI.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-columns@4.0.0?vcs_url=git%2Bhttps%3A//github.com/shannonmoeller/cli-columns.git", + "externalReferences": [ + { + "url": "git+https://github.com/shannonmoeller/cli-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cli-columns" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "npm@10.8.0|string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "npm@10.8.0|emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-fullwidth-code-point" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "npm@10.8.0|fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16?vcs_url=git%2Bhttps%3A//github.com/ka-weihe/fastest-levenshtein.git", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1?vcs_url=git%2Bhttps%3A//github.com/tapjs/foreground-child.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/foreground-child" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3?vcs_url=git%2Bssh%3A//git%40github.com/moxystudio/node-cross-spawn.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2?vcs_url=git%3A//github.com/isaacs/node-which.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-key.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-key" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0?vcs_url=git%2Bhttps%3A//github.com/kevva/shebang-command.git", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-command" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/shebang-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "npm@10.8.0|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0?vcs_url=git%2Bhttps%3A//github.com/tapjs/signal-exit.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "npm@10.8.0|jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/jackspeak.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jackspeak" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2?vcs_url=git%2Bhttps%3A//github.com/yargs/cliui.git", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0?vcs_url=git%3A//github.com/komagata/eastasianwidth.git", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/eastasianwidth" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1?vcs_url=git%2Bhttps%3A//github.com/Qix-/color-convert.git", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-convert" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4?vcs_url=git%2Bssh%3A//git%40github.com/colorjs/color-name.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0?vcs_url=git%2Bssh%3A//git%40github.com/pkgjs/parseargs.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@pkgjs/parseargs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.11.1", + "bom-ref": "npm@10.8.0|path-scurry@1.11.1", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.11.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/path-scurry.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-scurry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "npm@10.8.0|graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/graceful-fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "init-package-json", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|init-package-json@6.0.3", + "author": "GitHub Inc.", + "description": "A node module to get your node module started", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/init-package-json@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/init-package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/init-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/init-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/init-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/init-package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promzard", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|promzard@1.0.2", + "author": "GitHub Inc.", + "description": "prompting wizardly", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promzard@1.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promzard.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promzard.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promzard#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promzard/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promzard" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|read@3.0.1", + "author": "GitHub Inc.", + "description": "read(1) for node programs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/read.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-correct.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "npm@10.8.0|spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "npm@10.8.0|spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-license-ids.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/validate-npm-package-name.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-cidr", + "version": "5.0.5", + "bom-ref": "npm@10.8.0|is-cidr@5.0.5", + "author": "silverwind", + "description": "Check if a string is an IP address in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/is-cidr@5.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/is-cidr.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/is-cidr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/is-cidr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/is-cidr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-cidr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cidr-regex", + "version": "4.0.5", + "bom-ref": "npm@10.8.0|cidr-regex@4.0.5", + "author": "silverwind", + "description": "Regular expression for matching IP addresses in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/cidr-regex@4.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/cidr-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/cidr-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cidr-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-regex", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|ip-regex@5.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching IP addresses (IPv4 & IPv6)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-regex@5.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ip-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ip-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmaccess", + "version": "8.0.6", + "bom-ref": "npm@10.8.0|libnpmaccess@8.0.6", + "author": "GitHub Inc.", + "description": "programmatic library for `npm access` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmaccess@8.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmaccess", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmaccess", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmaccess", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmaccess/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmaccess" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmdiff", + "version": "6.1.2", + "bom-ref": "npm@10.8.0|libnpmdiff@6.1.2", + "author": "GitHub Inc.", + "description": "The registry diff", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmdiff@6.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmdiff", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmdiff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmdiff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/binary-extensions.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/binary-extensions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "npm@10.8.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0?vcs_url=git%3A//github.com/kpdecker/jsdiff.git", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmexec", + "version": "8.1.1", + "bom-ref": "npm@10.8.0|libnpmexec@8.1.1", + "author": "GitHub Inc.", + "description": "npm exec (npx) programmatic API", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmexec@8.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmexec", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmexec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmexec" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmfund", + "version": "5.0.10", + "bom-ref": "npm@10.8.0|libnpmfund@5.0.10", + "author": "GitHub Inc.", + "description": "Programmatic API for npm fund", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmfund@5.0.10?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmfund", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmfund", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmfund" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmhook", + "version": "10.0.5", + "bom-ref": "npm@10.8.0|libnpmhook@10.0.5", + "author": "GitHub Inc.", + "description": "programmatic API for managing npm registry hooks", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmhook@10.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmhook", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmhook", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmhook" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aproba", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|aproba@2.0.0", + "author": "Rebecca Turner", + "description": "A ridiculously light-weight argument validator (now browser friendly)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/aproba@2.0.0?vcs_url=git%2Bhttps%3A//github.com/iarna/aproba.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/aproba.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/aproba", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/aproba/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aproba" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmorg", + "version": "6.0.6", + "bom-ref": "npm@10.8.0|libnpmorg@6.0.6", + "author": "GitHub Inc.", + "description": "Programmatic api for `npm org` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmorg@6.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmorg", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmorg", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmorg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmorg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmorg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpack", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|libnpmpack@7.0.2", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm pack", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpack@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpack", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmpack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpublish", + "version": "9.0.8", + "bom-ref": "npm@10.8.0|libnpmpublish@9.0.8", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm publish and unpublish", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpublish@9.0.8?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpublish", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpublish", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpublish", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpublish" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sigstore", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|sigstore@2.3.0", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/sigstore@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sigstore" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bundle", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore bundle type", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/bundle@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/bundle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/bundle" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@sigstore", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@sigstore/core@1.1.0", + "author": "bdehamer@github.com", + "description": "Base library for Sigstore", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/core@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/core" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sign", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore signing library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/sign@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/sign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/sign" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "verify", + "group": "@sigstore", + "version": "1.2.0", + "bom-ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "author": "bdehamer@github.com", + "description": "Verification of Sigstore signatures", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/verify@1.2.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/verify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/verify" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmsearch", + "version": "7.0.5", + "bom-ref": "npm@10.8.0|libnpmsearch@7.0.5", + "author": "GitHub Inc.", + "description": "Programmatic API for searching in npm and compatible registries.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmsearch@7.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmsearch", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmsearch", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmsearch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmsearch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmsearch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmteam", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|libnpmteam@6.0.5", + "author": "GitHub Inc.", + "description": "npm Team management APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmteam@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmteam", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmteam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmteam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmteam" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmversion", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|libnpmversion@6.0.2", + "author": "GitHub Inc.", + "description": "library to do the things that 'npm version' does", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmversion@6.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmversion", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmversion", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmversion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent", + "group": "@npmcli", + "version": "2.2.2", + "bom-ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "author": "GitHub Inc.", + "description": "the http/https agent used by the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/agent@2.2.2?vcs_url=git%2Bhttps%3A//github.com/npm/agent.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent-base", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|agent-base@7.1.1", + "author": "Nathan Rajlich", + "description": "Turn a function into an `http.Agent` instance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/agent-base@7.1.1?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/agent-base" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-proxy-agent", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTP", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-proxy-agent@7.0.2?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "https-proxy-agent", + "version": "7.0.4", + "bom-ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/https-proxy-agent@7.0.4?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/https-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks-proxy-agent", + "version": "8.0.3", + "bom-ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "author": "Nathan Rajlich", + "description": "A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks-proxy-agent@8.0.3?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks", + "version": "2.8.3", + "bom-ref": "npm@10.8.0|socks@2.8.3", + "author": "Josh Glazebrook", + "description": "Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks@2.8.3?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/socks.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/socks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-address", + "version": "9.0.5", + "bom-ref": "npm@10.8.0|ip-address@9.0.5", + "author": "Beau Gunderson", + "description": "A library for parsing IPv4 and IPv6 IP addresses in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-address@9.0.5?vcs_url=git%3A//github.com/beaugunderson/ip-address.git", + "externalReferences": [ + { + "url": "git://github.com/beaugunderson/ip-address.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-address" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsbn", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|jsbn@1.1.0", + "author": "Tom Wu", + "description": "The jsbn library is a fast, portable implementation of large-number math in pure JavaScript, enabling public-key crypto and other applications on desktop and mobile browsers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsbn@1.1.0?vcs_url=git%2Bhttps%3A//github.com/andyperlitch/jsbn.git", + "externalReferences": [ + { + "url": "git+https://github.com/andyperlitch/jsbn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsbn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.1.3", + "bom-ref": "npm@10.8.0|sprintf-js@1.1.3", + "author": "Alexandru Mărășteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.1.3?vcs_url=git%2Bhttps%3A//github.com/alexei/sprintf.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "smart-buffer", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|smart-buffer@4.2.0", + "author": "Josh Glazebrook", + "description": "smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/smart-buffer@4.2.0?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/smart-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/smart-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/smart-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "npm@10.8.0|http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1?vcs_url=git%2Bhttps%3A//github.com/kornelski/http-cache-semantics.git", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-lambda", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|is-lambda@1.0.1", + "author": "Thomas Watson Steen", + "description": "Detect if your code is running on an AWS Lambda server", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-lambda@1.0.1?vcs_url=git%2Bhttps%3A//github.com/watson/is-lambda.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/is-lambda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/is-lambda", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/is-lambda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-lambda" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-fetch", + "version": "3.0.5", + "bom-ref": "npm@10.8.0|minipass-fetch@3.0.5", + "author": "GitHub Inc.", + "description": "An implementation of window.fetch in Node.js using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-fetch@3.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "encoding", + "version": "0.1.13", + "bom-ref": "npm@10.8.0|encoding@0.1.13", + "author": "Andris Reinman", + "description": "Convert encodings, uses iconv-lite", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encoding@0.1.13?vcs_url=git%2Bhttps%3A//github.com/andris9/encoding.git", + "externalReferences": [ + { + "url": "git+https://github.com/andris9/encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andris9/encoding#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andris9/encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/encoding" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|iconv-lite@0.6.3", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.6.3?vcs_url=git%3A//github.com/ashtuchkin/iconv-lite.git", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/iconv-lite" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2?vcs_url=git%2Bhttps%3A//github.com/ChALkeR/safer-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/safer-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-sized", + "version": "1.0.3", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that raises an error if you get a different number of bytes than expected", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-sized@1.0.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-sized.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-sized.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "minizlib", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|minizlib@2.1.2", + "author": "Isaac Z. Schlueter", + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minizlib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minizlib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minizlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3?vcs_url=git%2Bhttps%3A//github.com/jshttp/negotiator.git", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/negotiator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "err-code", + "version": "2.0.3", + "bom-ref": "npm@10.8.0|err-code@2.0.3", + "author": "IndigoUnited", + "description": "Create an error with a code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/err-code@2.0.3?vcs_url=git%3A//github.com/IndigoUnited/js-err-code.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/js-err-code.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/err-code" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|retry@0.12.0", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.12.0?vcs_url=git%3A//github.com/tim-kos/node-retry.git", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1?vcs_url=git%3A//github.com/juliangruber/brace-expansion.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2?vcs_url=git%3A//github.com/juliangruber/balanced-match.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/balanced-match" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "npm@10.8.0|ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3?vcs_url=git%2Bhttps%3A//github.com/vercel/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/env-paths.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/env-paths" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "exponential-backoff", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|exponential-backoff@3.1.1", + "author": "Sami Sayegh", + "description": "A utility that allows retrying a function with an exponential delay between attempts.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/exponential-backoff@3.1.1?vcs_url=git%2Bhttps%3A//github.com/coveo/exponential-backoff.git", + "externalReferences": [ + { + "url": "git+https://github.com/coveo/exponential-backoff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/exponential-backoff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "npm@10.8.0|is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1?vcs_url=git%2Bhttps%3A//github.com/inspect-js/is-core-module.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-core-module" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2?vcs_url=git%2Bhttps%3A//github.com/inspect-js/hasOwn.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hasown" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "npm@10.8.0|function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2?vcs_url=git%2Bhttps%3A//github.com/Raynos/function-bind.git", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/function-bind" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-audit-report", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|npm-audit-report@5.0.0", + "author": "GitHub Inc.", + "description": "Given a response from the npm security api, render it into a variety of security reports", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-audit-report@5.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-audit-report.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-audit-report.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-audit-report#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-audit-report/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-audit-report" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-profile", + "version": "10.0.0", + "bom-ref": "npm@10.8.0|npm-profile@10.0.0", + "author": "GitHub Inc.", + "description": "Library for updating an npmjs.com profile", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-profile@10.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-profile.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-profile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-profile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-profile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-profile" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-json-stream", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSONStream, but using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-json-stream@1.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-json-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-json-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "jsonparse", + "version": "1.3.1", + "bom-ref": "npm@10.8.0|jsonparse@1.3.1", + "author": "Tim Caswell", + "description": "This is a pure-js JSON streaming parser for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonparse@1.3.1?vcs_url=git%2Bssh%3A//git%40github.com/creationix/jsonparse.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/creationix/jsonparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/creationix/jsonparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/creationix/jsonparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsonparse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-user-validate", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|npm-user-validate@2.0.1", + "author": "GitHub Inc.", + "description": "User validations for npm", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-user-validate@2.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-user-validate.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-user-validate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-user-validate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-user-validate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-user-validate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aggregate-error", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|aggregate-error@3.1.0", + "author": "Sindre Sorhus", + "description": "Create an error from multiple errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/aggregate-error@3.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/aggregate-error.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/aggregate-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aggregate-error" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "2.2.0", + "bom-ref": "npm@10.8.0|clean-stack@2.2.0", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/clean-stack.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/clean-stack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/indent-string.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/indent-string" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-packlist", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|npm-packlist@8.0.2", + "author": "GitHub Inc.", + "description": "Get a list of the files to add from a folder into an npm package", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-packlist@8.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-packlist.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-packlist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-packlist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-packlist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-packlist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore-walk", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|ignore-walk@6.0.5", + "author": "GitHub Inc.", + "description": "Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ignore-walk@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/ignore-walk.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ignore-walk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ignore-walk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ignore-walk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ignore-walk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff-apply", + "version": "5.5.0", + "bom-ref": "npm@10.8.0|just-diff-apply@5.5.0", + "author": "Angus Croll", + "description": "Apply a diff to an object. Optionally supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff-apply@5.5.0?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff-apply" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|just-diff@6.0.2", + "author": "Angus Croll", + "description": "Return an object representing the diffs between two objects. Supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff@6.0.2?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "qrcode-terminal", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|qrcode-terminal@0.12.0", + "description": "QRCodes, in the terminal", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/qrcode-terminal@0.12.0?vcs_url=git%2Bhttps%3A//github.com/gtanner/qrcode-terminal.git", + "externalReferences": [ + { + "url": "git+https://github.com/gtanner/qrcode-terminal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/qrcode-terminal" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/mute-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@4.0.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "npm@10.8.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0?vcs_url=git%2Bhttps%3A//github.com/chalk/supports-color.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chownr", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|chownr@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "like `chown -R`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/chownr@2.0.0?vcs_url=git%3A//github.com/isaacs/chownr.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/chownr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/chownr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/chownr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chownr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "1.0.4", + "bom-ref": "npm@10.8.0|mkdirp@1.0.4", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@1.0.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-mkdirp.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0?vcs_url=git%3A//github.com/substack/text-table.git", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/text-table" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-relative-date", + "version": "1.3.0", + "bom-ref": "npm@10.8.0|tiny-relative-date@1.3.0", + "author": "Joseph Wynn", + "description": "Tiny function that provides relative, human-readable dates.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tiny-relative-date@1.3.0?vcs_url=git%2Bhttps%3A//github.com/wildlyinaccurate/relative-date.git", + "externalReferences": [ + { + "url": "git+https://github.com/wildlyinaccurate/relative-date.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tiny-relative-date" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-version", + "group": "@oclif", + "version": "2.2.2", + "bom-ref": "@oclif/plugin-version@2.2.2", + "author": "Salesforce", + "description": "A command that shows the CLI version", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-version@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-version.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-version", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-version/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-version/-/plugin-version-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1f8b742bb15567ea42c0b01cd3679965b18c816f58717f0b58c976317ccac5019f3eb98164b4e113621e6d1f4fbd10248c3af30a66d979625c0b1f7bb4767a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-version@2.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "plugin-warn-if-update-available", + "group": "@oclif", + "version": "3.1.4", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "author": "Salesforce", + "description": "warns if there is a newer version of CLI released", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-warn-if-update-available@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-warn-if-update-available.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c63eb3830bee105994ac76055c7a2a993a6f394b0482a5e2ca87fd3aa8e0955dd77813cdb109dbb96ff4f391c549606f2885500addb6b954556890b3de8ece0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "http-call", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "author": "Jeff Dickey @jdxcode", + "description": "make http requests", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/http-call@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/heroku/http-call.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heroku/http-call", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heroku/http-call/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-call/-/http-call-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a1c229ac0b6dc8084e243e5f714c18ca0788a76d169e2f265e46e9c2ff5272fd9e97f2dbf6d8c1008caf8a04e31254b6aa5cf4d399df3adfcc1a54828b1b1db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call" + } + ], + "components": [ + { + "type": "library", + "name": "parse-json", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "be35f5425be1f7f6c747184f98a788cb99477ee0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call/node_modules/parse-json" + } + ] + } + ] + }, + { + "type": "library", + "name": "is-retry-allowed", + "version": "1.1.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "author": "Vsevolod Strukchinsky", + "description": "My prime module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-retry-allowed@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/is-retry-allowed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "11a060568b67339444033d0125a61a20d564fb34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/is-retry-allowed" + } + ] + }, + { + "type": "library", + "name": "json-parse-better-errors", + "version": "1.0.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-better-errors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/zkat/json-parse-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9abab264a7d7e4484bee1bea715e961b5c988e78deb980f30e185c00052babc3e8f3934140124ff990d44fbe6a650f7c22452806a76413192e90e53b4ecdb0af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/json-parse-better-errors" + } + ] + }, + { + "type": "library", + "name": "tunnel-agent", + "version": "0.6.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "author": "Mikeal Rogers", + "description": "HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/tunnel-agent@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/mikeal/tunnel-agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "27a5dea06b36b04a0a9966774b290868f0fc40fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/tunnel-agent" + } + ] + } + ] + }, + { + "type": "library", + "name": "content-type", + "version": "1.0.5", + "bom-ref": "content-type@1.0.5", + "author": "Douglas Christopher Wilson", + "description": "Create and parse HTTP Content-Type header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-type@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d38ea7dc045122a4a7570afe180d05827e670b64a9bcd65745d29028a53bf2ac51956dc47a3ff54001de46ecdfb4b53afc42a894d2d15a743e852b836d27038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-type" + } + ] + }, + { + "type": "library", + "name": "is-stream", + "version": "2.0.1", + "bom-ref": "is-stream@2.0.1", + "author": "Sindre Sorhus", + "description": "Check if something is a Node.js stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-stream@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "845a222624e5eb79e7fa4b2d1c606d7b05922a740ba726f5e7928785e035977f6ebed3bd9d6228a75a77b9da8f71477fc5b17554b30ee27ece23aa7b45b9e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-stream" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf3d3a4bcb74a33a035cc1beb9b7b6eb37824cd5dc2883c96498bc841ac5e227422e6b38086f50b4aeea065d5ba22e4e0f31698ecc1be493e61c26cca63698ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.2.1", + "bom-ref": "safe-buffer@5.2.1", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.2.1", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae9dd2a34eca71d9a629b1af81a37141226bedb1954959394bd12ad45fa9a5b468ef4f9879a0f1930e4377c34f37e183e9b8e7626d95b8fb825e6a6e62f9825d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "test", + "group": "@oclif", + "version": "3.2.15", + "bom-ref": "@oclif/test@3.2.15", + "author": "Salesforce", + "description": "test helpers for oclif components", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/test@3.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/test/-/test-3.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea1b7468b28ccdab24a4c525c89d4d765de736b0f48e92a6072437dd1598961b76bc0b1bb87673e2010be6b3e049b0e94b4267c4425487aa2c9550a38c1e15c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "version": "4.4.1", + "bom-ref": "chai@4.4.1", + "author": "Jake Luer", + "description": "BDD/TDD assertion library for node.js and the browser. Test framework agnostic.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chai@4.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/chai.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://chaijs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/chai/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chai/-/chai-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d77b0e7ccbf6f8359db8453eff16ee9f72d270ba2a375ee705e4cb52c9837ca768882d5faf49fd3d4e20baee0085170e54593fb16f0bc99587ba15ad419885fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chai" + } + ] + }, + { + "type": "library", + "name": "fancy-test", + "version": "3.0.15", + "bom-ref": "fancy-test@3.0.15", + "author": "Salesforce", + "description": "extendable utilities for testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fancy-test@3.0.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/fancy-test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/fancy-test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/fancy-test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fancy-test/-/fancy-test-3.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91964574fcd55ad2b106498b2d47f1862cec78697565946e0a69ae0a4a35a2202cfd7fccbc4e000a6fef973bf17eee0e79bffb309f2154ff2b522566dd1ef6f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fancy-test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "group": "@types", + "version": "4.3.14", + "bom-ref": "@types/chai@4.3.14", + "description": "TypeScript definitions for chai", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/chai@4.3.14#types/chai", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/chai", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/chai", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/chai/-/chai-4.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a3ef5b1713843802419d1bd4efab5bbf7eab8dcfd11d1b82c824cc1554823b6ac8630fff1c7fc7f221f2408d1afa61cb179d213c70e1903ead60a9e47ccfedf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/chai" + } + ] + }, + { + "type": "library", + "name": "sinon", + "group": "@types", + "version": "17.0.3", + "bom-ref": "@types/sinon@17.0.3", + "description": "TypeScript definitions for sinon", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinon@17.0.3#types/sinon", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinon", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinon/-/sinon-17.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f7ba8bdd9fc7b0932f644411b5f5b3b06996dec49bbf5e3b641f28ef520b78c5f3c5cf5f1d70e44832a9d887ae85c773e8c2172bf39353e7e7abdfea1589aa7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinonjs__fake-timers", + "group": "@types", + "version": "8.1.5", + "bom-ref": "@types/sinonjs__fake-timers@8.1.5", + "description": "TypeScript definitions for @sinonjs/fake-timers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinonjs__fake-timers@8.1.5#types/sinonjs__fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinonjs__fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinonjs__fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinonjs__fake-timers/-/sinonjs__fake-timers-8.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "990914da363c8c9105ed81e31efb103bcfb7ba08532f599c9e7f7a8a07e138d991f9f50f48a22479f418a527bc6ec972d84a7ba106e7ffa546e7ff7fd2a700ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinonjs__fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-stdin", + "version": "1.0.0", + "bom-ref": "mock-stdin@1.0.0", + "author": "Caitlin Potter", + "description": "Mock STDIN file descriptor in Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-stdin@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/caitp/node-mock-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-stdin/-/mock-stdin-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6e91175bf417aedbbb7a74df97ced4911eaf49d01fc2a003b2486cc77e7f144df9aa8a9039c8d4ffb03504c987405771e991ae96c7a90e331b8e6dd39ec7ad1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nock", + "version": "13.5.4", + "bom-ref": "nock@13.5.4", + "author": "Pedro Teixeira", + "description": "HTTP server mocking and expectations library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nock@13.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/nock/nock.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nock/nock#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nock/nock/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nock/-/nock-13.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c80c937dd78d24618117159dcd2282058c6ce45c4b6c28395f94387adb3def885c4331b5faa0b1bc8c8ea388f6472e8c52585654c5f83a860379f008230ba98f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nock" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-safe", + "version": "5.0.1", + "bom-ref": "json-stringify-safe@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSON.stringify, but doesn't blow up on circular refs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-safe@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/json-stringify-safe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642960e80698bda9af60413cd9ddc8c9ddef49222343ea1d823693cd1b8edeceeda0274529cce86f68b4cc287b244f245a7d7bcaf016854571bea1b051a96c44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stringify-safe" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "propagate", + "version": "2.0.1", + "bom-ref": "propagate@2.0.1", + "author": "Pedro Teixeira", + "description": "Propagate events from one event emitter into another", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/propagate@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nock/propagate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/nock/propagate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/nock/propagate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/propagate/-/propagate-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bc6ae139abcf493cf841536e04d75c35778f35d34c68ed718fdc81787d527103e393fae183db129425cf84c905b9a34d5bfb324ef62ab276c82713017d16db6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/propagate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinon", + "version": "16.1.3", + "bom-ref": "sinon@16.1.3", + "author": "Christian Johansen", + "description": "JavaScript test spies, stubs and mocks.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sinon@16.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/sinon.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sinonjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/sinonjs/sinon/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sinon/-/sinon-16.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a39d659ecb17007fd9c2d1b5dc3e6883badfa813c1d8ae275337305b17df006152e65b0191a76212129ca161f946d627c82d3f9e367dc198a5093f18d750f94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "sinon@16.1.3|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "sinon@16.1.3|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "3.0.1", + "bom-ref": "@sinonjs/commons@3.0.1", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b79821ca43db1587ca350bd731930c5a3a65e800c943c42d666321eb8ea39611c06362befab7deb32f6ce58f9754199dc74b0db8d17d6a807dcc8dfd72256a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "10.3.0", + "bom-ref": "@sinonjs/fake-timers@10.3.0", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@10.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578046d3b92e6125244c24811c6f06f1336133e175f635c55a742dce3fb07bc0eb92948109e7bd67732cf328867abfdd96685edf9fd7760ca8dffd2b40a83b60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "samsam", + "group": "@sinonjs", + "version": "8.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0", + "author": "Christian Johansen", + "description": "Value identification and comparison functions", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/samsam@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/samsam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sinonjs.github.io/samsam/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/samsam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "069f0a51594ba7c89b259ae7bead9fa1584fd08557d82229acc24f2b4bea1aa82b0dad0e1d529e67207292ab2492b77157ac8a04f9866ac3bc2d58c0291dc67b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "2.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b8b6b48fce7d98cae0dac97041874efc092b39f987f97e8b4d598d4d2f42a9ec6e13622f54e448912a492ea78f01b127289efb68c982c2bd4d519e7bd76d1772" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam/node_modules/@sinonjs/commons" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "lodash.get", + "version": "4.4.2", + "bom-ref": "lodash.get@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.get` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.get@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfe530fef2eecba8107bc71f685583ee9d3056ff1f265de66f35e1df7452fb4a16db0bd4aa2457890ebd80b5922e9801e7feac53eafa065411d0c0482da76a4d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.get" + } + ] + }, + { + "type": "library", + "name": "nise", + "version": "5.1.9", + "bom-ref": "nise@5.1.9", + "description": "Fake XHR and server", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/nise@5.1.9", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/nise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/nise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/nise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nise/-/nise-5.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e9e8ba35b8495e9ee34758c4939bdeebeea0f1ed98bcc89384c5a3e8f48cf2680bee59f718dae6a1f9259a1b10fb1af3e618a6132b392c27aec844846daac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "11.2.2", + "bom-ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@11.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-11.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b6a62092c50ee858ec701920321477cf22cc9e2465d8b5cea615b9c503e9115e48849d397c73ff23ba5d92df6f621419c323d1c6a1e596019beebce91971c83" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/@sinonjs/fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "6.2.2", + "bom-ref": "nise@5.1.9|path-to-regexp@6.2.2", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@6.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1905f749232892781bdfafb085da515c4fb77fd57c533c80a2b958bce1b1f3bb9f1877a13539f9942c6b2ad2f2678625ff010a9cd9ebf7c6733b0c03655e6883" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/path-to-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "text-encoding", + "group": "@sinonjs", + "version": "0.7.2", + "bom-ref": "@sinonjs/text-encoding@0.7.2", + "author": "Joshua Bell", + "description": "Polyfill for the Encoding Living Standard's API.", + "licenses": [ + { + "expression": "(Unlicense OR Apache-2.0)" + } + ], + "purl": "pkg:npm/%40sinonjs/text-encoding@0.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/text-encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/text-encoding/-/text-encoding-0.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b175ca1beb8bf48acaa95893b5aa365ace9dcb4ce7bbdb0e68fd5d8bf8ca196d4ce95b2c3bcbe5a5709072967e8e2b10d6d4c5002e49a3f10ecc56e08016a015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/text-encoding" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-extend", + "version": "6.2.0", + "bom-ref": "just-extend@6.2.0", + "author": "Angus Croll", + "description": "extend an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-extend@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/just-extend/-/just-extend-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "718a1f42ed97a689bcd92eaa0fbefc8c10e9c2fbf2dfdb3597f86b6228f6bbd00c750706469681bba918e26561ba7a39909562d43033e1a8a9840d96235fce03" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/just-extend" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "stdout-stderr", + "version": "0.1.13", + "bom-ref": "stdout-stderr@0.1.13", + "author": "Jeff Dickey @jdxcode", + "description": "mock stdout and stderr", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stdout-stderr@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/stdout-stderr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stdout-stderr/-/stdout-stderr-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7b7dfc71c761f8d9ecd7902efb900f22f52e76ec6dd760305282b9a40ac0609d266f0b9ecb59217a29fae398dfa511d545d7a075df31b0b52a555d55dd892c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stdout-stderr" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abort-controller", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/abort-controller@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A simple abort controller library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/abort-controller@3.0.0#packages/abort-controller", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/abort-controller", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/abort-controller", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7a1a514606df4ae0c60bbbbd98b89e76dcd551e00f281e50b933624ee8e990a8df2401cfee87526a2c4f858b34e892b4891a0d024af0be06bb261b32adb1928" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/abort-controller" + } + ] + }, + { + "type": "library", + "name": "express", + "group": "@types", + "version": "4.17.21", + "bom-ref": "@types/express@4.17.21", + "description": "TypeScript definitions for express", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express@4.17.21#types/express", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a394f337d79ab02e96909500d38cf76c50549ce99b0fe0037a0255a7a203e343b0958bb3d8177615cfe098de3136a7061fec4ffb1e50c0374ad5d86c531b41d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "group": "@types", + "version": "1.19.5", + "bom-ref": "@types/body-parser@1.19.5", + "description": "TypeScript definitions for body-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/body-parser@1.19.5#types/body-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/body-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/body-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c1dd9bbddae71abb4890d0930215013b6ff76ff0eb74ecd23729a64890850d5eaf3693878102a51a9de5df95e198f495ac91e4bdcbebb49d7332b2972e42b0a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/body-parser" + } + ] + }, + { + "type": "library", + "name": "connect", + "group": "@types", + "version": "3.4.38", + "bom-ref": "@types/connect@3.4.38", + "description": "TypeScript definitions for connect", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/connect@3.4.38#types/connect", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/connect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/connect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bab9139fd4b0fcf2e0d0a890a4b40e32ccbd586002ba3607ec234bff9938323ca5ac5f50a72745cf48385589e8ebbb519c4642d66fc465cc560946a1946daba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/connect" + } + ] + }, + { + "type": "library", + "name": "express-serve-static-core", + "group": "@types", + "version": "4.19.0", + "bom-ref": "@types/express-serve-static-core@4.19.0", + "description": "TypeScript definitions for express-serve-static-core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express-serve-static-core@4.19.0#types/express-serve-static-core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express-serve-static-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express-serve-static-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.19.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c6c9ea7726a3c246bcb5c2af8ee67ee88818065a67882573e35d70a8f042b4bbc76e6464986abedc1aa77730bd8952c2c6781edf99cd3a298a3d7cb196a8fbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express-serve-static-core" + } + ] + }, + { + "type": "library", + "name": "qs", + "group": "@types", + "version": "6.9.15", + "bom-ref": "@types/qs@6.9.15", + "description": "TypeScript definitions for qs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/qs@6.9.15#types/qs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/qs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/qs/-/qs-6.9.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b971d02844ba0d028a08b878e355effddc313aad53552dc93d432512aa04825be5851e8cc6795ec3f5eafcb4551e92f293b88adf33837b5a981c8325b4eed71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/qs" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "group": "@types", + "version": "1.2.7", + "bom-ref": "@types/range-parser@1.2.7", + "description": "TypeScript definitions for range-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/range-parser@1.2.7#types/range-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/range-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/range-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84aa2b9896e426acd01a1ce26b1e4f22d0d44cc00cf6e1365d7426337eddc9de2154cfb969597ba15c4c554895427da809014dfcb28265dbd2334a4546a6d299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "group": "@types", + "version": "0.17.4", + "bom-ref": "@types/send@0.17.4", + "description": "TypeScript definitions for send", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/send@0.17.4#types/send", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/send", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c7610ce9324ec9b79cedce76057d19b293e874cb1051de4be8f4703ae9d5c955215e205229fdc07b30cbf0382f82de68d147ca35fb80d1e30baf6c0b4f802204" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/mime@1.3.5", + "description": "TypeScript definitions for mime", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mime@1.3.5#types/mime", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mime", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe9c8165648b0f69f475c1c4de1abcb3c66f7044c7b44b85fb713b5d5b74220da7bec5505dd8211d57049085a3cbd034c0a7d39fdedafcf48362884a2259cfff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "group": "@types", + "version": "1.15.7", + "bom-ref": "@types/serve-static@1.15.7", + "description": "TypeScript definitions for serve-static", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/serve-static@1.15.7#types/serve-static", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/serve-static", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/serve-static", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5bc626fa1f2786e47068a3da0f0df8414930b068ba45ce3262abca168e6b9b61541210856f3556af15d4c6e28af130128d6b32b096349ec98d086842388b2b3b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/serve-static" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/http-errors@2.0.4", + "description": "TypeScript definitions for http-errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-errors@2.0.4#types/http-errors", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-errors", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-errors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f408530cb7275b2407a0ccec878ed88a3cb96f9e6de24d9c994526682eada64610dd98b7c858e0983df409e1cbb67ab2a0854fbe42f8dc523a7fe61ee1112a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-errors" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "group": "@types", + "version": "11.0.4", + "bom-ref": "@types/fs-extra@11.0.4", + "description": "TypeScript definitions for fs-extra", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/fs-extra@11.0.4#types/fs-extra", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/fs-extra", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-11.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c936c8b4236b791a28103df7aa3ba73ed8517128c444fd6be0ca8265cef0bf4bb6b149334c5a78e6d8147d2e7eafb16b64f76608235f94b85548ffe8f927a6b1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "group": "@types", + "version": "6.1.4", + "bom-ref": "@types/jsonfile@6.1.4", + "description": "TypeScript definitions for jsonfile", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jsonfile@6.1.4#types/jsonfile", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jsonfile", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jsonfile", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jsonfile/-/jsonfile-6.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f9a86518c23be734d7b1b5d539f7ff9f23eb299f0b53166c903f487e3df20e4a435fa54e803880943a49b88b43a74a4f8dca374f26bc420eba34b09b16951a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jsonfile" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "group": "@types", + "version": "4.0.3", + "bom-ref": "@types/get-installed-path@4.0.3", + "description": "TypeScript definitions for get-installed-path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/get-installed-path@4.0.3#types/get-installed-path", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/get-installed-path", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/get-installed-path/-/get-installed-path-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5deea74eebca3b776e98cb29b267f57b092b7bce5f866426335c88bf67e4c99458a9753538d6001fd6f61cc0e2ca43ef76315485eb9de298b3044a48eede8e53" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "jest", + "group": "@types", + "version": "29.5.12", + "bom-ref": "@types/jest@29.5.12", + "description": "TypeScript definitions for jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jest@29.5.12#types/jest", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jest/-/jest-29.5.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7830bc6d3bd3fd0858771240ba542292e7a2818e40b1d0511f6c83296df2bde5bbb2f637f83ccdf38ff6354824c35d114e225b5aa66b4eda0655d625bc525d2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jest" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "29.7.0", + "bom-ref": "expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@29.7.0#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9992cd217f554b15823591b8742398cfdca1c7c821e991fc87073b125d116097f060f665987cc5bca03f8f74c3e5130cb91cdb11f49bad632ea931e3a1eb59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect-utils@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@29.7.0#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5b0d0568854050958bd4154b1edfe4080c78bc5ef58082b393ee3f63b62dd8c3000f0987d797ee503526aff1757c3759bde1caf94535f6487dc45eb52cd870" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "29.6.3", + "bom-ref": "jest-get-type@29.6.3", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@29.6.3#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cebb5e5e7a98c5f421ee5e451f22f7f232f7f5d8bc1fcac7a1e70b1f724dc47dc1c0eac1b0d79a6dd6a9e5ed08db7943e071c8f16e5514166a1b811aab92cd73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "29.7.0", + "bom-ref": "jest-matcher-utils@29.7.0", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@29.7.0#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b01903f978bd0ed70286c2372f7bb4f8dd28a603d89c244fb4671062b817991fa19adfdf61f5802f4c515d853c79639d7ee2e005ed18096dc016d9d12da82afe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "29.7.0", + "bom-ref": "jest-diff@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@29.7.0#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cc220888ae18a098faecd37247a71521db22122b7bcb14f900a1d3dea34f81b85ef003616841b904835bbc8016014e19dcbbb7b5a040d47c85d5b93a8b4548f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "29.6.3", + "bom-ref": "diff-sequences@29.6.3", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@29.6.3#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12378f2b5b2b0f73f4f28da3e1fd04c67ca5a91b3907db498dca7db7592b1f6a918bc08276c61fc1ef498122eeac5056c2ae2e3a58a9cdf9397c736fc052abf1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "29.7.0", + "bom-ref": "pretty-format@29.7.0", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@29.7.0#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3dd970fe83f137e69776633d474d09542f56545a022d3289bc354b82627ea807df04cc6c57ce65fcbbbbb0dc78cd2ccfca82f67ae226b84c0784e5dd12034565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format" + } + ], + "components": [ + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "pretty-format@29.7.0|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format/node_modules/ansi-styles" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "29.7.0", + "bom-ref": "jest-message-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@29.7.0#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "181115e064400de3feaad076fbabbad6cb5e6bc98670e4f8982b6b608499c1fbbdfc8487149ff9cce31761ba4113d46c4b9f866fadc35b81609a7289efd29feb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/types@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@29.6.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb750fb088a558a38cdc5f425edac6f0b10998dc70a02402fd7563e082985efbe9c7b4088bf2a0d4b239b83983a4a95a73ad8d52d5fb78b8d187e8d565c2cecf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "29.7.0", + "bom-ref": "jest-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@29.7.0#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfa11b29a8c8a6a18a539eb2e4a054832d5db758a18502605b352564702b03ff97d9a77b09be6217e00ad445952ff068ed1cfdbaeae9ab0e9288109e7d46c218" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-util@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/schemas@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@29.6.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a8e63e57fa321998942f78129e4bf72502e7a2a55eca8225f5bcc802c5a9b544d622a84d70eb69f4fed2499c7b635bc647710728e6063ce630379a2d0bfa748" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.27.8", + "bom-ref": "@sinclair/typebox@0.27.8", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.27.8", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f858f8de948cc09b38291ac7ffddfc51ffae0042c881506643383fab5606d74763c9f0374e7ad4f0df17cea0a1fe891976ccea0504d97fdea274c7c4e659f04c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "group": "@types", + "version": "4.0.9", + "bom-ref": "@types/js-yaml@4.0.9", + "description": "TypeScript definitions for js-yaml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/js-yaml@4.0.9#types/js-yaml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/js-yaml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9383066909794c6a3f8a2a6a6f65031b65308d7ce2496921d2ecac41e953949a57d6a1a5a546589bc3e73b80f11b5a81a26b4951d609eaa47ac5d21a875d092e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mocha", + "group": "@types", + "version": "10.0.6", + "bom-ref": "@types/mocha@10.0.6", + "description": "TypeScript definitions for mocha", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mocha@10.0.6#types/mocha", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mocha", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "749beb616c4ffd47179b7e909f7e9fc6150abbc03fc4c457553d9c962145d59ed403d9621b93ec8f77b3352670fb9a6e1f67330d744b7174317fc25b26dd1e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mocha" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "group": "@types", + "version": "4.13.4", + "bom-ref": "@types/mock-fs@4.13.4", + "description": "TypeScript definitions for mock-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mock-fs@4.13.4#types/mock-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mock-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "99798cd28ea550b3c8f33dd7367402a4bd011b13f0c75525d705d810f04697879f4a1cb15b64659f424e3c4586c9969864c33a3955ccff5e7352e14c639da58e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "group": "@types", + "version": "1.3.3", + "bom-ref": "@types/objects-to-csv@1.3.3", + "description": "TypeScript definitions for objects-to-csv", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/objects-to-csv@1.3.3#types/objects-to-csv", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/objects-to-csv", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/objects-to-csv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/objects-to-csv/-/objects-to-csv-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0be7cc752da02beacd51ce620231ff778cfea0d6b272d06ba45e46f433b84a9a81efcc06fd3929d917c8f3fe9a29ffd1f8b39a0117106b14371bfe9498083c19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "group": "@types", + "version": "4.2.3", + "bom-ref": "@types/prompt-sync@4.2.3", + "description": "TypeScript definitions for prompt-sync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prompt-sync@4.2.3#types/prompt-sync", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prompt-sync", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prompt-sync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prompt-sync/-/prompt-sync-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b1efb8024b1d18c9e6a41adfea7ce6544853524a2fac877001a063a20b088ed8a383c78f760499d49bda085d2f801c9b6aa75da233845db98eaf89327d6d8c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "tmp", + "group": "@types", + "version": "0.2.6", + "bom-ref": "@types/tmp@0.2.6", + "description": "TypeScript definitions for tmp", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/tmp@0.2.6#types/tmp", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/tmp", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/tmp/-/tmp-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72185a35fda82879519031adfad88a136679689eaa6a59bb67dae52dd07098e88001fd3d610befa0b5e358ae0758f175c54fdfaaf3207cd7e956806c700fed28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/tmp" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "9.0.8", + "bom-ref": "@types/uuid@9.0.8", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@9.0.8#types/uuid", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0fbdec4188718f4018724945a68f5607ad283b2b4e06d18d0e4cb208e1fc340a1059740edc91aff5423b20f54f647530d7963cafeeec9a068650d99ca0407c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@7.12.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/eslint-plugin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5f757dc6ee0dffdddd2f28db5fabdd99dc18891effe7969341293b6d4b5e10df2da86b89917d0868f87db01eb448e56817637529bd6ba55e5dba5b4fa678d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "regexpp", + "group": "@eslint-community", + "version": "4.10.0", + "bom-ref": "@eslint-community/regexpp@4.10.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/regexpp@4.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aef7a49dd81cbd982353c768b228e9aad74bf6da351542fd25427946372d7aa04f79f3dc84f900033dbacc182900e7570a6528373eefda4c955319f2ffaa350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/parser@7.7.1", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@7.7.1#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be63f304e3adcf8f05e89006552fe46589381245daa3a886ac3f37f2ca75c37350402d16f2bcbfabae35294e0fac6ec028d01fe7a34e711f063a91fc97d14f0b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/scope-manager@7.7.1", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.7.1#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f2b4189fd9217ef52a4450aca7627e60d511c575d254732ca71a9ced5f797f8a4eca99912fd7d5823215019075cf53d7acfd55860f7ff3837c20f74f83876ac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/types@7.7.1", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.7.1#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0263e69c65b564b4e959afbfda898facf7d1ec171b514e2885ae5521b49b4b56b54eff7ae9b925bcb357c69de6adb73e3f68f830d3937c37df36c938a3473aff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/visitor-keys@7.7.1", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.7.1#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8012f712adb9b800f0d4b43d915a5fde144cf835b3b34b999271d82b786ae237133ea5420a51c60e707a514515d9215e05e0382961d66db2ea99b19c6781586f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/typescript-estree@7.7.1", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.7.1#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977b4247097aeef056b7e9db5e5ea987d98c6780a2639102e3c73a23e8b630cd9eea66f82c2d273e7aa22d0aba88a29f1597650aa008b44ad556bbdec541921" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-api-utils", + "version": "1.3.0", + "bom-ref": "ts-api-utils@1.3.0", + "author": "JoshuaKGoldberg", + "description": "Utility functions for working with TypeScript's API. Successor to the wonderful tsutils. 🛠️️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-api-utils@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/JoshuaKGoldberg/ts-api-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "510308a3ba5bf1646898a475ffe30554b4eba08bc356d317dcae8e522afcca72f2cc1f097ab8a89edd9b4c0b6634f6b57a402037b60f0f27fa57eca0add53e79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-api-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "3.4.3", + "bom-ref": "eslint-visitor-keys@3.4.3", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2973e2d77a2ca28acc4f944914cd4eacbf24b57eb20edcc8318f57ddcbb3e6f1883382e6b1d8ddc56bf0ff6a0d56a9b3a9add23eb98eb031497cfdad86fa26a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "8.57.0", + "bom-ref": "eslint@8.57.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@8.57.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "759ebe99ec6769321b481656828bb9d54e8e9b322160cd9570d76d893b48eea3cd666df9024a6bd1feafb70df0d4a9a7e4f628fad6557e1d775ab8694baa0ba9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint@8.57.0|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint@8.57.0|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint@8.57.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint@8.57.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "type-utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0", + "description": "Type utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/type-utils@7.12.0#packages/type-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/type-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9626fdeadc91b4c84bc706ae0d6529fee5b714c84b03a0f4ac9f13ec7987ef1db71a4d46c30bbc519f7834c5c1bce10b9fa7e548f881ac22a57a19225f26aac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0", + "description": "Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/utils@7.12.0#packages/utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63a861c31c03c78d473698ee62cc18a7a8036e4899f078a7f417f9689427d5ba53b3769f618e065fe30f63199af23b68215d864704ccfd4266ff6b86095bfe0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "group": "@eslint-community", + "version": "4.4.0", + "bom-ref": "@eslint-community/eslint-utils@4.4.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/eslint-utils@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d7fb00e1dc2bcc1032794a10ea8c5a8472a6ad9bec9cb0a0e117f15b76451869909123503c534b57d09410540fd71f446171d3a39a7ac5d85933535ef69fc07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graphemer", + "version": "1.4.0", + "bom-ref": "graphemer@1.4.0", + "author": "Matt Davies", + "description": "A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/graphemer@1.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/flmnt/graphemer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flmnt/graphemer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flmnt/graphemer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12d2b0a0eea4c422fd58ee718a98874d9952cc19bb58b4fadbb4ea0bfb9545dd072a6abc357c9e6e7358c43a018bbc2df1e4d6ad4aca5c2395685abdc759206a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graphemer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accurate-search", + "version": "1.2.15", + "bom-ref": "accurate-search@1.2.15", + "author": "Florin Mirel Dumitrescu", + "description": "The fastest and most accurate javascript full-text search library. Accurate search uses match distance algorithm to return the accurate order of the matching items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/accurate-search@1.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/florind9/accurate-search.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://accuratesearch.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/florind9/accurate-search/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accurate-search/-/accurate-search-1.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2356977547875158d69468d26c177c35a304fc2414f78d87dad1cc12e6797adff16f9da60e18a421e6c08bdb9f12801ef25c331eb6c29784797ae099f0aff07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accurate-search" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "8.16.0", + "bom-ref": "ajv@8.16.0", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@8.16.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ajv.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-8.16.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "174b7047c535654ebb24812d7a451c2e45e4a0ee6630c9a0183f2c2bfc5417327cd398f11d097dda1226140aaa5ccc8c62348f3b250f0301d8841ef6839b135f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ajv" + } + ] + }, + { + "type": "library", + "name": "fast-deep-equal", + "version": "3.1.3", + "bom-ref": "fast-deep-equal@3.1.3", + "author": "Evgeny Poberezkin", + "description": "Fast deep equal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-deep-equal@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/fast-deep-equal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f7a90f68432f63d808417bf1fd542f75c0b98a042094fe00ce9ca340606e61b303bb04b2a3d3d1dce4760dcfd70623efb19690c22200da8ad56cd3701347ce1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-deep-equal" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "1.0.0", + "bom-ref": "json-schema-traverse@1.0.0", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34cf3f3fd9f75e35e12199f594b86415a0024ce5114178d6855e0103f4673aff31be0aadaa9017f483b89914314b1d51968e2dab37aa6f4b0e96bb9a3b2dddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-schema-traverse" + } + ] + }, + { + "type": "library", + "name": "require-from-string", + "version": "2.0.2", + "bom-ref": "require-from-string@2.0.2", + "author": "Vsevolod Strukchinsky", + "description": "Require module from string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-from-string@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/require-from-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dfd2759ee91b1ece214cbbe029f5b8a251b9a996ae92f7fa7eef0ed85cffc904786b5030d48706bebc0372b9bbaa7d9593bde53ffc36151ac0c6ed128bfef13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-from-string" + } + ] + }, + { + "type": "library", + "name": "uri-js", + "version": "4.4.1", + "bom-ref": "uri-js@4.4.1", + "author": "Gary Court", + "description": "An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/uri-js@4.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/garycourt/uri-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/garycourt/uri-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/garycourt/uri-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eeb294cb2df7435c9cf7ca50d430262edc17d74f45ed321f5a55b561da3c5a5d628b549e1e279e8741c77cf78bd9f3172bacf4b3c79c2acf5fac2b8b26f9dd06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uri-js" + } + ] + }, + { + "type": "library", + "name": "punycode", + "version": "2.3.1", + "bom-ref": "punycode@2.3.1", + "author": "Mathias Bynens", + "description": "A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/punycode@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/punycode.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/punycode", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/punycode.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8b7b503d54f5683ad77f2c84bb4b3af740bbef03b02fe2945b44547707fb0c9d712a4d136d007d239db9fe8c91115a84be4563b5f5a14ee7295645b5fabc16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/punycode" + } + ] + }, + { + "type": "library", + "name": "form-data", + "version": "4.0.0", + "bom-ref": "form-data@4.0.0", + "author": "Felix Geisendörfer", + "description": "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data@4.0.0", + "externalReferences": [ + { + "url": "git://github.com/form-data/form-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/form-data/form-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/form-data/form-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1131249521a2e6dd10319ba25e803f43abdc9f170b40fe6f76e812a6e0328ba4951a2d9c94f3e9fb180486e31a1c2fb31a09f7d4a776df95b7e5fec7ca491ac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data" + } + ] + }, + { + "type": "library", + "name": "proxy-from-env", + "version": "1.1.0", + "bom-ref": "proxy-from-env@1.1.0", + "author": "Rob Wu", + "description": "Offers getProxyForUrl to get the proxy URL for a URL, respecting the *_PROXY (e.g. HTTP_PROXY) and NO_PROXY environment variables.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-from-env@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/Rob--W/proxy-from-env.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fece439109b03d7f5b5d5912b445a091dc63efe7470cc5caf3e17f24e4b4d2503d43930e3b98a24465036e9c8b514e45b082d6944a8d515454481bd65788562" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-from-env" + } + ] + }, + { + "type": "library", + "name": "assertion-error", + "version": "1.1.0", + "bom-ref": "assertion-error@1.1.0", + "author": "Jake Luer", + "description": "Error constructor for test and validation frameworks that implements standardized AssertionError specification.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/assertion-error@1.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/assertion-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/assertion-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/assertion-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0b1a35dbb3fa776f1b216ddee4ae5aabf2e250a72098a8beda2e40de4964738a092d90ba111d6dc407161564b33d8dd94f615c9a3ca1d1bb113c969447ae0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/assertion-error" + } + ] + }, + { + "type": "library", + "name": "check-error", + "version": "1.0.3", + "bom-ref": "check-error@1.0.3", + "author": "Jake Luer", + "description": "Error comparison and information related utility for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/check-error@1.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/check-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/check-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/check-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88a1280d869199dd66c4cf746b63847d6863b233e960fb90fa5318b28c41d76ebeb7c7f0ef24843b8f2798383908e4e3c4323ae7f636396a5e10793764e7bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/check-error" + } + ] + }, + { + "type": "library", + "name": "get-func-name", + "version": "2.0.2", + "bom-ref": "get-func-name@2.0.2", + "author": "Jake Luer", + "description": "Utility for getting a function's name for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-func-name@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/get-func-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/get-func-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/get-func-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2f5cebee135ebb0ad21cdcec88b5ca3b37f76946d05b60eb0fb170b3ed7fcf3279468d88d21ae64980cd58ee699ec3b04a7fd06abcb5f6b67395cb504152cc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-func-name" + } + ] + }, + { + "type": "library", + "name": "deep-eql", + "version": "4.1.3", + "bom-ref": "deep-eql@4.1.3", + "author": "Jake Luer", + "description": "Improved deep equality testing for Node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-eql@4.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/deep-eql.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/deep-eql#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/deep-eql/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "59a12d00ea51035310d1ea21a998e9183f33748d0ebec9bc9a616168337c76f0d9cf2a1431c6039dfe58ea2bbb1d35f17fc2434b6dea59ae1afa12820f238fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-eql" + } + ] + }, + { + "type": "library", + "name": "loupe", + "version": "2.3.7", + "bom-ref": "loupe@2.3.7", + "author": "Veselin Todorov", + "description": "Inspect utility for Node.js and browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/loupe@2.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/loupe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/loupe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/loupe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/loupe/-/loupe-2.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd230834655891da5848e0662e2d03d54a3b254f6755d40aac7c42f1e62557ef5828af5678fa8094bee54a5a2b1bf536170d70d214c199a6bf8eb43751b3c7b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/loupe" + } + ] + }, + { + "type": "library", + "name": "pathval", + "version": "1.1.1", + "bom-ref": "pathval@1.1.1", + "author": "Veselin Todorov", + "description": "Object value retrieval given a string path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pathval@1.1.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/pathval.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/pathval", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/pathval/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e9eb31aaa537444dd47ade57a12583de20eaa988d04db5cec1a5648bace8deed4688b04e5a63ddabfc0ba7400eebb17bdeb7796b277267657dbd50f4ca5f229" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pathval" + } + ] + }, + { + "type": "library", + "name": "colors", + "version": "1.4.0", + "bom-ref": "colors@1.4.0", + "author": "Marak Squires", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colors@1.4.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/Marak/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Marak/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Marak/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6be52a4e1e2481983f4a51af7dbcc31e9811bbb00040e9a6a911c99f185164808a1544fdd5bad584d36de7c08c594f4fb016efdcf0c26541db571b83887da6b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colors" + } + ] + }, + { + "type": "library", + "name": "csv-parse", + "version": "4.16.3", + "bom-ref": "csv-parse@4.16.3", + "author": "David Worms", + "description": "CSV parsing implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parse@4.16.3", + "externalReferences": [ + { + "url": "git+https://github.com/wdavidw/node-csv-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/parse/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wdavidw/node-csv-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70ed48ff39b3e30d9d70a1d5be90abec9551bbcfc5ca61b9384a66bec65895c718a253c12e85462941e03687386469057859561840e633204cf934ea45d5bfc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parse" + } + ] + }, + { + "type": "library", + "name": "dotenv", + "version": "16.4.5", + "bom-ref": "dotenv@16.4.5", + "description": "Loads environment variables from .env file", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/dotenv@16.4.5", + "externalReferences": [ + { + "url": "git://github.com/motdotla/dotenv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/motdotla/dotenv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/motdotla/dotenv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66674bdabba2f9e07663086c5b38c89d1f0b95db591c60e8435ba01fce69a472b0a541cbee3eeb3744e2f4d0a71a241b85a675d45a51fbb6a8d5d36c99db8d52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dotenv" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif-typescript", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3", + "author": "oclif", + "description": "eslint config for Typscript'd oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif-typescript@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif-typescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif-typescript/-/eslint-config-oclif-typescript-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4de24a5d6050dee28cb73833fbe505356a5ed560b1f267ea46ecd9cb52e2ad112046556feb9e929151b880d65ab79ad13484207c39934be61e6f12b4da47f294" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@4.33.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68836203119574e975789c958da5a7fd871502ae068bf628df9a871829ea6d6573eb5837f43d21db7bde63f300d2b14519fc4aed3c92836bb00de36ff89815a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@4.33.0#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66885db1b5da76318148ad3fafe77ced7d120662b33aae3f4b99f32ba481809b29168f7f0940c9ee18dacaecdef892bb09940b0ccae8ab2b69ee939c14a4f164" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "7.32.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@7.32.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54767c817f840dfcfef7b8c6720c860b24626bf74f39de9787dc8fbfc065d7e4a8688c03f9afef96b3a6191532398bbb33052173b0b1a9e683654d774b8f84a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.12.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "author": "Sebastian McKenzie", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.12.11#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babeljs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66dd72a1d071d5473289e3cc4a45a753884faa1c2aee11a2da714bd4b780dc4525faad8b431d7a3084a0274fb3edd9e682f3fd42d2257ae11318e88e1f545c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@babel/code-frame" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "0.4.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@0.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27a285173e50098509ab7a5fd268c47022551116f3bfbd4f5080dccee87d264c0613371e77a08ee400cb1c1d6b6dfffea0f06da0f7cc60d3a9183cc200d95b5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "7.3.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@7.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/eslint/espree.git", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf724234213ae2e9a41699a4146ab354ab0e4f4b4dd59afeb9ea8b65fa55d4e6fc7be08480f59af8ec42a061f7b6786298c2886819b89bfbda46927f92b473da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.5.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15a82d285cfbe17ad397bcba1c2cd0a700df5cfd328717bd9472c3d546718ef64871bc91cfccd3145ff260d7d27f3538d78783c19d52aced10bedc9ffb014c42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "1.2.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66740c9cb5787bb843954bf0f07f94f0048bd36492d869fafbd01cdf01862c87bbfa37b601e00ec4f63e8b320f2437c50dbede0e37afd14b3c30ed6215137c84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "7.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@7.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d0ca9d28d7f98d75b4ced4f3ba9079304ab9a0674313fe3082a4d8b06d48c6a11378765061a89b6842e0a710e2b3813570834656882a10cba4b131e6d0561f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/acorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/glob-parent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/argparse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.29.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.29.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.29.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a65195478e6ce5dc8d5a3b633fda0129a9afc61d74e5ecb17fbd07805f85be990214fb6932a98f7b16432749cd89f0eb28abebc2497098fc78c552614817f02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.38.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.38.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.38.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b68cbf95c9f91c656f06a139aa2ec131beb5acb0179d4a8690435d6fca17e50de4f772c31d055a743a7f805628eb46ebe09a459e0f0c142f9463d2a0d11caea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "experimental-utils", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0", + "description": "(Experimental) Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/experimental-utils@4.33.0#packages/experimental-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/experimental-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cde4233a8112e491634e7021239418ed9be27333330e9b65b35e4616c23a8f250eab490e7fdf96a27921b652218744601d19ea8f981d3715b98f512f032620e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "json-schema", + "group": "@types", + "version": "7.0.15", + "bom-ref": "@types/json-schema@7.0.15", + "description": "TypeScript definitions for json-schema", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-schema@7.0.15#types/json-schema", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-schema", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-schema", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7e7cff0ff0c14d0be0326420f1ac1da991914f1b3a90594ce949ebae54bbe6f1531ca2b3586af06aa057312bc6d0cf842c6e7e2850411e9b8c032df732b061c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tsutils", + "version": "3.21.0", + "bom-ref": "tsutils@3.21.0", + "author": "Klaus Meinhardt", + "description": "utilities for working with typescript's AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsutils@3.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajafff/tsutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajafff/tsutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajafff/tsutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsutils/-/tsutils-3.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "98728ade25172fedd417ac4be64d0f12129150128f042bfff919043a98d15b1c71dbb28a4419a603ad00f6980e52f322f062a144c3c49a30513f3b365bb3b538" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "tsutils@3.21.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "esrecurse", + "version": "4.3.0", + "bom-ref": "esrecurse@4.3.0", + "description": "ECMAScript AST recursive visitor", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esrecurse@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esrecurse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esrecurse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esrecurse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a67ca2f76fa1be457bcff0dd6faf74ead642ffa021609f63585c4b6a3fcfcbde929aa540381bc70555aa05dd2537db7083e17ca947f7df8a81e692d8bafd36a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esrecurse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "3.0.0", + "bom-ref": "eslint-utils@3.0.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae402e3720672dc3af29240d5181b412f3f34feeb721e82c1de23dd906d828e3ff05963e1e184ed96126513778aae69554bfa18f756e59d511657a8f38b8b0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "highlight", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/highlight@7.24.2", + "author": "The Babel Team", + "description": "Syntax highlight JavaScript strings for output in terminals.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/highlight@7.24.2#packages/babel-highlight", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-highlight", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-highlight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61a7356a8e1f9644f14ed7820d92c4bddc60d9f65fcf5bfc338429686ca9abf58f0ea8378a31d86c37ecf8b1b986fcd2a2a69267dfd9f652923f70a3663bfea4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "@babel/highlight@7.24.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "@babel/highlight@7.24.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/has-flag" + } + ] + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "13.24.0", + "bom-ref": "globals@13.24.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@13.24.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0213b9414723f2596b6c6d3d89684f536076d38275c673de2fc910995a2b4accbe4a38f5b24f2023287a714a1c1a61f82f452e840272fa124c440e26800e2615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "type-fest", + "version": "0.20.2", + "bom-ref": "globals@13.24.0|type-fest@0.20.2", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35ef9e138af4fe25a7a40c43f39db3dc0f8dd01b7944dfff36327045dd95147126af2c317f9bec66587847a962c65e81fb0cfff1dfa669348090dd452242372d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "doctrine", + "version": "3.0.0", + "bom-ref": "doctrine@3.0.0", + "description": "JSDoc parser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/doctrine@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/doctrine.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/doctrine", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/doctrine/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c92f90e62de105fec6064778286f1aede04d3563462d3684c306165228c860cef3ae56033340455c78e33d6956675460ed469d7597880e68bd8c5dc79aa890db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/doctrine" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "enquirer", + "version": "2.4.1", + "bom-ref": "enquirer@2.4.1", + "author": "Jon Schlinkert", + "description": "Stylish, intuitive and user-friendly prompt system. Fast and lightweight enough for small projects, powerful and extensible enough for the most advanced use cases.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enquirer@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/enquirer/enquirer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/enquirer/enquirer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/enquirer/enquirer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad1a8983fea0779dfc547bd1dcf4ab75105bff5572d987f31eacef6e11884290d12886b816057fe786f9435c584b138ec0abe35f0792dba13443e9c0330a76a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enquirer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-colors", + "version": "4.1.1", + "bom-ref": "ansi-colors@4.1.1", + "author": "Brian Woodward", + "description": "Easily add ANSI colors to your text and symbols in the terminal. A faster drop-in replacement for chalk, kleur and turbocolor (without the dependencies and rendering bugs).", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-colors@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/ansi-colors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/ansi-colors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/ansi-colors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2685f46a919b1da50904d97ac85fa9e89005619ebaebf86108628de6df501636c940a514fe0f0c35b1436ef7eb80a5ef23542966994f3a7c08a3df655ff00098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-colors" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn-jsx", + "version": "5.3.2", + "bom-ref": "acorn-jsx@5.3.2", + "description": "Modern, fast React.js JSX parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-jsx@5.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn-jsx.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aeaf6cf893617f4202863b435f196527b838d68664e52957b69d0b1f0c80e5c7a3c27eef2a62a9e293eb8ba60478fbf63d4eb9b00b1e81b5ed2229e60c50d781" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-jsx" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esquery", + "version": "1.5.0", + "bom-ref": "esquery@1.5.0", + "author": "Joel Feenstra", + "description": "A query library for ECMAScript AST using a CSS selector like query language.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/esquery@1.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esquery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esquery/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esquery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6102d7529940c09802c9d43bf08309cb064271ea2a935a07d3538445d48025cffb5360329708e14822c312dab083cd7589d212ffd7c85391a31bbdc882328c56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esquery" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esutils", + "version": "2.0.3", + "bom-ref": "esutils@2.0.3", + "description": "utility box for ECMAScript language tools", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esutils@2.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/esutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esutils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "915b1ca97938382a7af126747648042958baffc8a3df4d0a0564c9ab7d8ffdd61e5934b02b8d56c93c5a94dd5e46603967d514fcb5fd0fb1564a657d480631ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "file-entry-cache", + "version": "6.0.1", + "bom-ref": "file-entry-cache@6.0.1", + "author": "Roy Riojas", + "description": "Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/file-entry-cache@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/royriojas/file-entry-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec6a6cfd75b299b2e4d902d82b8373a4c3ab623321748c57b88bf2d9006c2c4ea58eea1d2af7645acfdca72249dc25485691f43a2d47be0d68bdb3332dd14106" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/file-entry-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "functional-red-black-tree", + "version": "1.0.1", + "bom-ref": "functional-red-black-tree@1.0.1", + "author": "Mikola Lysenko", + "description": "A fully persistent balanced binary search tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/functional-red-black-tree@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/mikolalysenko/functional-red-black-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76c28d40d763eb10374fe4250030c0ee6392957d2a88c20d8e7d1c82bf9e1871ac6d21f34da6dc228833dbea7f8aa3f55ece843ffb12d926ea1fe6eb1936ead2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/functional-red-black-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2665cc67ac2ebc398b88712697dca4cea3ba97015ba1fd061b822470668435d0910c398c5679f2eece47b0880709b6aad30d8cc8f843aa48535204b62d4d8f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/imurmurhash" + } + ] + }, + { + "type": "library", + "name": "json-stable-stringify-without-jsonify", + "version": "1.0.1", + "bom-ref": "json-stable-stringify-without-jsonify@1.0.1", + "author": "James Halliday", + "description": "deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/samn/json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d6e8cbe97bb40dce196e858f21475a43f92ee0728f54e4df72e3caad1ac72cdd93dfff2528b6bb77cfd504a677528dc2ae9538a606940bbcec28ac562afa3f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stable-stringify-without-jsonify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "levn", + "version": "0.4.1", + "bom-ref": "levn@0.4.1", + "author": "George Zahariev", + "description": "Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/levn@0.4.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/levn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/levn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/levn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9b4f6b87e04e4b184ee1fe7ddebdc4bfb109495c2a48a7aca6f0e589e5e57afbaec3b2a97f2da693eea24102ddabcdfa1aff94011818710e2c7574cb7691029" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/levn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.merge", + "version": "4.6.2", + "bom-ref": "lodash.merge@4.6.2", + "author": "John-David Dalton", + "description": "The Lodash method `_.merge` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.merge@4.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0aa63a97455beb6320ac5f5b3047f5d32b4bdae9542440ce8c368ecfa96efb0728c086801103c11facfd4de3e2a52a3f184b46540ad453fd852e872603ba321" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.merge" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "optionator", + "version": "0.9.3", + "bom-ref": "optionator@0.9.3", + "author": "George Zahariev", + "description": "option parsing and help generation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/optionator@0.9.3", + "externalReferences": [ + { + "url": "git://github.com/gkz/optionator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/optionator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/optionator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2630a8ca9a7e8ca9f5b6d105131c617ad08a789b7dce102002f7b91571e2c53bc50d6ff968492d5fd6ee7c128b45131d53b6cdb692df706bbde01ddc7442608e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fast-levenshtein", + "version": "2.0.6", + "bom-ref": "optionator@0.9.3|fast-levenshtein@2.0.6", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c25eee887e1a9c92ced364a6371f1a77cbaaa9858e522599ab58c0eb29c11148e5d641d32153d220fcf62bcf2c3fba5f63388ca1d0de0cd2d6c2e61a1d83c77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator/node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "progress", + "version": "2.0.3", + "bom-ref": "progress@2.0.3", + "author": "TJ Holowaychuk", + "description": "Flexible ascii progress bar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/progress@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/node-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-progress#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecf887b4b965e4b767288330d74d08fbcc495d1e605b6430598913ea226f6b46d78ad64a6bf5ccad26dd9a0debd979da89dcfd42e99dd153da32b66517d57db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/progress" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "version": "3.2.0", + "bom-ref": "regexpp@3.2.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexpp@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6ad9b5a8f66543e379dbb6cdb01afd7b5cb88d2f26be1a4959f246832d5d99d3c8030ac1a99ca9fd04531ea6f5ae1c26f256f63b279a39f8156fa106e69492e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "table", + "version": "6.8.2", + "bom-ref": "table@6.8.2", + "author": "Gajus Kuizinas", + "description": "Formats data into a string table.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/table@6.8.2", + "externalReferences": [ + { + "url": "git+https://github.com/gajus/table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/table#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gajus/table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/table/-/table-6.8.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c36b1fbfcd27ac08765426ea47900adbbc2cc1786a71c9360217e7356efa6de417b24199d55d761b04bfff26156b77777dcbc08a9d8e5276c30235b6937bfd7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/table" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37ef148ac0170c693c3c55cfe07033551f676df995277cd82c05a24c8a2a0b9bf98ac8a786bfabe6e68ef3eeebdc131fb8d22e7c8b00ed176956069c0b6712a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-table" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache", + "version": "2.4.0", + "bom-ref": "v8-compile-cache@2.4.0", + "author": "Andres Suarez", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache@2.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/zertosh/v8-compile-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1cc967376c01c107f82ecaa250548e68e016643e1ce73d8506d9e6bcd06a2777f060356a5aa7c4ce98b49e7901bb6e787628c212c6c91d0031b9f63ef3aee87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confusing-browser-globals", + "version": "1.0.10", + "bom-ref": "confusing-browser-globals@1.0.10", + "description": "A list of browser globals that are often used by mistake instead of local variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/confusing-browser-globals@1.0.10#packages/confusing-browser-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/create-react-app.git#packages/confusing-browser-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/create-react-app#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/create-react-app/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/confusing-browser-globals/-/confusing-browser-globals-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80d95dff7972487c2e85a565b8950a2de3d88ab33740d08acd5c6a01d849208f7f5972955f93d447331526ca52d634ec952aa37ae1b828c5534a8ba2b7960f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/confusing-browser-globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-mocha", + "version": "9.0.0", + "bom-ref": "eslint-plugin-mocha@9.0.0", + "author": "Mathias Schreck", + "description": "Eslint rules for mocha.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-mocha@9.0.0", + "externalReferences": [ + { + "url": "git://github.com/lo1tuma/eslint-plugin-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-mocha/-/eslint-plugin-mocha-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77b92701c423d633c2cd97f771a781227dc19d6ea291cbdfcf4912a90a703d871518ba09579b33d25d0e241d8b47c23b76f4c36eaab5a15eb29614a0cc0d74ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ramda", + "version": "0.27.2", + "bom-ref": "ramda@0.27.2", + "author": "Scott Sauyet", + "description": "A practical functional library for JavaScript programmers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ramda@0.27.2", + "externalReferences": [ + { + "url": "git://github.com/ramda/ramda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ramdajs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ramda/ramda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ramda/-/ramda-0.27.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b88b3d4e3426e2678877b141202069ddf685fc1df834547701763e556e2394590f4fef6a151ca3b47cbc3f3a27fb5c10a285f6f66b515c20b66182aa508ac8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ramda" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-node", + "version": "11.1.0", + "bom-ref": "eslint-plugin-node@11.1.0", + "author": "Toru Nagashima", + "description": "Additional ESLint's rules for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-node@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-node/-/eslint-plugin-node-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a14c2d3c9d56d12283d13afec2abbdd9ce71b82790a81de14821dab27fd982315d03d88318d90d7f6662f73b58ed7fa136e3226f6dcb346466ebeb8df8a2c4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "eslint-plugin-node@11.1.0|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-es", + "version": "3.0.1", + "bom-ref": "eslint-plugin-es@3.0.1", + "author": "Toru Nagashima", + "description": "ESLint plugin about ECMAScript syntactic features.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-es@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-es.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-es/-/eslint-plugin-es-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "194980b0968de0573b19bb65f2e38195aca8d83aa1c16bc4cf290c1d20991d4dd7749f8d4b3cd97158578775715f989ca90fa841d2046b05d7f31911de620599" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif", + "version": "4.0.0", + "bom-ref": "eslint-config-oclif@4.0.0", + "author": "Jeff Dickey @jdxcode", + "description": "eslint config for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif/-/eslint-config-oclif-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6d91441e0b7deb1c0849c5a19e0466087e50cbba6795daa0ffe172c1757841ffa17ff899f075c7bdc181d2be4c74254a9441286942ff09115901a7fcf30fb86" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "36.0.0", + "bom-ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "author": "Sindre Sorhus", + "description": "Various awesome ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@36.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-36.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c71376bd272d1969c35ba68b1259bf2ca23072b9a4ea676211c5b9e54bf992b72b55c20549632612073f870a5e9987d969c299e67a4511118dcf869386ca7500" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.27.0", + "bom-ref": "eslint-config-xo-space@0.27.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.27.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.27.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fc5235be9d0c8e921880355a48a6daa528fc84ed7472438d2e435368061cd57eef798317d91aba658aaf191c1a5a385db008b65a7b14d28e0ed1be6f7dbe3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.35.0", + "bom-ref": "eslint-config-xo@0.35.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f96c994cb594265bc4c45ac153f2ddc3c001fd2d1ddf1fb6e8941d0566dcaa283665a5a1d338a761c1e893e113e08a0f68471145fdc513d92322d3558c1c2702" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "helper-validator-identifier", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-validator-identifier@7.22.20", + "author": "The Babel Team", + "description": "Validate identifier/keywords name", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-identifier@7.22.20#packages/babel-helper-validator-identifier", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-identifier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "638399fb2b656ad47c008fbc2997cab8be6eacaa7ba9ecb4f216b7d4bf1bdc1c1ec0902825a993cf2bf13d1ff90fe2a47490863eaffef13ba41c1958d74157f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-identifier" + } + ] + }, + { + "type": "library", + "name": "clean-regexp", + "version": "1.0.0", + "bom-ref": "clean-regexp@1.0.0", + "author": "Sam Verschueren", + "description": "Clean up regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-regexp@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SamVerschueren/clean-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-regexp/-/clean-regexp-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19f8ac119109bf32ab9865a4bdf860cdccff06594dd5449ea83d95ead835e0e00e81a083d99fcf504bb19c067f9cfbe6687446edaf32efba754ff2114380f51f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp/node_modules/escape-string-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-template-visitor", + "version": "2.3.2", + "bom-ref": "eslint-template-visitor@2.3.2", + "licenses": [ + { + "expression": "GPL-3.0-or-later OR MIT" + } + ], + "purl": "pkg:npm/eslint-template-visitor@2.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/futpib/eslint-template-visitor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-template-visitor/-/eslint-template-visitor-2.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df2761a85a6e57bc7533d10ae7604f363e95d0ac2ed0a2a470801fa548701db47ca1c4659ffa141e07f142ea58f0ed61e10bff3ce1c3ba66ff070c0d7f16ed9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/eslint-parser@7.24.1", + "author": "The Babel Team", + "description": "ESLint parser that allows for linting of experimental syntax transformed by Babel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/eslint-parser@7.24.1#eslint/babel-eslint-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#eslint/babel-eslint-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/eslint-parser/-/eslint-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77982ebb33253de0df6486e943cfa0d4d68236e00604118d1028741d5ab3d6c8ce7952e1d8211a89fb8ecac087d7c5115ba47ba6a5c836f7f93da47f742ea32d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/eslint-parser@7.24.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "eslint-scope-5-internals", + "group": "@nicolo-ribaudo", + "version": "5.1.1-v1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "description": "Proxy package exposing internals of eslint-scope@5 for @babel/eslint-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@nicolo-ribaudo/eslint-scope-5-internals/-/eslint-scope-5-internals-5.1.1-v1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e78fc946f90b233cc35ac84259fba169d7eb7d954f884958f057209a0d47ae8125cbf1034accf384102c6ab0aec7e0ff90eb254d1aae373bb21929944934c71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "multimap", + "version": "1.1.0", + "bom-ref": "multimap@1.1.0", + "author": "villa.gao", + "description": "multi-map which allow multiple values for the same key", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/multimap@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/villadora/multi-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/villadora/multi-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/villadora/multi-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/multimap/-/multimap-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d19211f4f6ac3f1197991b0417c8ec0f39ddcc70e3eed21abfe2549af20507f587b30962167aaec44093fc37bb191e3283df64cbf36544a253f361b5cb6ef56f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/multimap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "3.2.1", + "bom-ref": "is-builtin-module@3.2.1", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0522c4dc79d5dacc99d052b488c03fc941a995478c98dcf8016e5f9d3ba76c222a662e2f1b75a3253f451cccb90faf719806011d742125d00b769c15c55e74d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-builtin-module" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pluralize", + "version": "8.0.0", + "bom-ref": "pluralize@8.0.0", + "author": "Blake Embrey", + "description": "Pluralize and singularize any word", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pluralize@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/blakeembrey/pluralize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35cdc84f9c87cdf9537db8e0a967023e9a3b0da2b2e059e907497fcc2016d1373b8f1022baa4b11dab27b41dc3efcf3b2d2ac0f7790327d217a2fc49631c8b08" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pluralize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "7.0.1", + "bom-ref": "read-pkg-up@7.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccad1307b5dde89a422e694b9ae7eaca4184fbf4e539e3c3eaa28294d5bb8470ca161fc9effee0096191ee3a044045b56caab76b7c9465239b3a858b150e2886" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-limit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.8.1", + "bom-ref": "read-pkg-up@7.0.1|type-fest@0.8.1", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1d6f3233aaf8ed822339af0d64e6b107b4100d2a676e7611b20446a3374d5f13285a00886ca0a372eb2efe20df7721fa45b7063d8aa8bb903fb1c0a850b0d24" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "regexp-tree", + "version": "0.1.27", + "bom-ref": "regexp-tree@0.1.27", + "author": "Dmitry Soshnikov", + "description": "Regular Expressions parser in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexp-tree@0.1.27", + "externalReferences": [ + { + "url": "git+https://github.com/DmitrySoshnikov/regexp-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.27.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8844f1a632ba628456246e68ea15cbc2f8d80285be144667f68b343c3fdbe803fac50c2c6bf63b942560222c416d43cc7e1bbe8b62ed75e02a5538069506ab7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexp-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safe-regex", + "version": "2.1.1", + "bom-ref": "safe-regex@2.1.1", + "author": "James C.", + "description": "detect possibly catastrophic, exponential-time regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-regex@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/davisjam/safe-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/davisjam/safe-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davisjam/safe-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af1fb1f0033329be50e6543de59a22e996c9ab008b92a8b75ee257a793f7ad3f0e11ceac642246e40139754de5b2046bfc5e01b37d634a554dfa3e4aaec1aef4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-regex" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "52.0.0", + "bom-ref": "eslint-plugin-unicorn@52.0.0", + "author": "Sindre Sorhus", + "description": "More than 100 powerful ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@52.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-52.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58ce6eff9bed11e1d8c7d2d8c38df55e8bf8eedb0dc0cd41a31baabc267b8d20be71230b1f9720a8a16e6c7c1bd0a76a4c61015259608538db2309ac751079e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "2.1.4", + "bom-ref": "@eslint/eslintrc@2.1.4", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbaf59dfd312eb0549b6ca14975d0beb459d92125574f1b6e10e1e6531f79e717a969bd24a110adf04230d7f494560143ef3e1ec23a8b8fa54f48aea69916fb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "9.6.1", + "bom-ref": "espree@9.6.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@9.6.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/espree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-9.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2bb99685923a2b4e9177da40d2239ffbe558b019e6608a7186cb636839283743d6e7c259e60e6e072e7925d111379fe9e30d7474dfb698d7ec79f19ff315dc1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parent-module", + "version": "1.0.1", + "bom-ref": "parent-module@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the path of the parent module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parent-module@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parent-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190d84591a5057cfe8f80c3c62ab5f6593df3515996246e2744f64e6ba65fe10b7bed1c705f1a6d887e2eaa595f9ca031a4ad42990311372e8b7991cb11961fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parent-module" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "4.0.0", + "bom-ref": "resolve-from@4.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5bfcc6265ecb40932b11171f2988d235b4614d408140def904dc6ab812e035745ea01e9ffebe066ab021896a9bf2f0ddd0fb8a3b170beab8f25c9d9ed1632e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4dd1ea8067fda1d77c49736ec6d501571f0dbfea9939e8c4eaacaa8b2e4db5b61840e7856bace61e4c653f399a2f15961ec53a9c9981ec01137553e2fb634152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core-js-compat", + "version": "3.37.0", + "bom-ref": "core-js-compat@3.37.0", + "author": "Denis Pushkarev", + "description": "core-js compat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-js-compat@3.37.0#packages/core-js-compat", + "externalReferences": [ + { + "url": "git+https://github.com/zloirock/core-js.git#packages/core-js-compat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/zloirock/core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zloirock/core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8ab82fe4fc692e54b858385300e173b60d45655e559c25b5a77d0bf8d5dd1d8b8153a94bd043afb97f58be8137475b5779355de8cf4c7aaa133260b1ad1fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-js-compat" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browserslist", + "version": "4.23.0", + "bom-ref": "browserslist@4.23.0", + "author": "Andrey Sitnik", + "description": "Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/browserslist@4.23.0", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/browserslist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/browserslist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/browserslist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "416f0788cd6c8614f61aece4be495f8dc2838961571ce78508803f86e24fc07b2c97073276093b5fecf6cd7a448a33fdf14098ec76ee6d9b79276660bdfd0269" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browserslist" + } + ] + }, + { + "type": "library", + "name": "caniuse-lite", + "version": "1.0.30001612", + "bom-ref": "caniuse-lite@1.0.30001612", + "author": "Ben Briggs", + "description": "A smaller version of caniuse-db, with only the essentials!", + "licenses": [ + { + "license": { + "id": "CC-BY-4.0" + } + } + ], + "purl": "pkg:npm/caniuse-lite@1.0.30001612", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/caniuse-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001612.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "945827674ed485a09cb12660596d0ae63e1eebd74ad6efe5b6b2fd95352214ec0d1ecd764b750c204620055d19e82ea14437afee2467333cd898a69b61d5c5f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/caniuse-lite" + } + ] + }, + { + "type": "library", + "name": "electron-to-chromium", + "version": "1.4.747", + "bom-ref": "electron-to-chromium@1.4.747", + "author": "Kilian Valkhof", + "description": "Provides a list of electron-to-chromium version mappings", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/electron-to-chromium@1.4.747", + "externalReferences": [ + { + "url": "git+https://github.com/kilian/electron-to-chromium.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.747.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f859d2599200bc51dbb0d566531844a9689a3a23cc71fba6d464339560a0ff02e2815b6c84eb235c7c8415f9ade9c14aebe1e44b740e241bfaff738fba66c17f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/electron-to-chromium" + } + ] + }, + { + "type": "library", + "name": "node-releases", + "version": "2.0.14", + "bom-ref": "node-releases@2.0.14", + "author": "Sergey Rubanov", + "description": "Node.js releases data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-releases@2.0.14", + "externalReferences": [ + { + "url": "git+https://github.com/chicoxyzzy/node-releases.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb5d30396b7cc99a6a5e63a0468efb59a1c49a1610606340eb2e36d4f2ac2985842bc696f9ca80a616e8ad90e1a9fc8aadb64437dd823755f629b69f636b3b63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-releases" + } + ] + }, + { + "type": "library", + "name": "update-browserslist-db", + "version": "1.0.13", + "bom-ref": "update-browserslist-db@1.0.13", + "author": "Andrey Sitnik", + "description": "CLI tool to update caniuse-lite to refresh target browsers from Browserslist config", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/update-browserslist-db@1.0.13", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/update-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/update-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/update-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e6cff3548d70fb8da4f3f7bb3796d4d617c48debc72273177a43eac1f88c4ee8fc85fe5ad4a9c27554faa22c0cfca4d1dde198543b9a3a9ce80b55eb4e216e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/update-browserslist-db" + } + ] + }, + { + "type": "library", + "name": "escalade", + "version": "3.1.2", + "bom-ref": "escalade@3.1.2", + "author": "Luke Edwards", + "description": "A tiny (183B to 210B) and fast utility to ascend parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escalade@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/escalade.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/escalade#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/escalade/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b08730269ed7dbd1f2f4067b9d3122c5689b2d7dae0ea016edfeaf78e410ee3ab2e2cc58192cbd5ca81a0415fa339f97ce1948e4a59afe86c5af3d3e64c698" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escalade" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "5.3.0", + "bom-ref": "estraverse@5.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@5.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30c74046e54443388d4de243f0380caa6870475d41450fdc04ffa92ed61d4939dfdcc20ef1f15e8883446d7dfa65d3657d4ffb03d7f7814c38f41de842cbf004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "3.3.0", + "bom-ref": "builtin-modules@3.3.0", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce16820e271d2ee58de546cde4832716a34c84d7e8f75f6c1fce72dbf79afb9620f53b1391e671a4bf892dba7a7206054b8b112e9dd85784bac83baa5561d83b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/builtin-modules" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "3.0.2", + "bom-ref": "jsesc@3.0.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4aab3cd65c3b6d26e39c6b006de0a9ca1c721fe6843f0b16b1fb43d6146f83143807340762f935c40800c8f91622154326c7cefddb1b0c6db8178f80b09cfe2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-try", + "version": "2.2.0", + "bom-ref": "p-try@2.2.0", + "author": "Sindre Sorhus", + "description": "`Start a promise chain", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-try@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-try.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-try#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-try/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4789cf0154c053407d0f7e7f1a4dee25fffb5d86d0732a2148a76f03121148d821165e1eef5855a069c1350cfd716697c4ed88d742930bede331dbefa0ac3a75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-try" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "4.0.0", + "bom-ref": "path-exists@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a4f50cb943b8d86f65b071ecb9169be0d8aa0073f64884b48b392066466ca03ec1b091556dd1f65ad2aaed333fa6ead2530077d943c167981e0c1b82d6cbbff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "5.2.0", + "bom-ref": "read-pkg@5.2.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "520ebd98d3a97ef28301cd90f034693238f376dae7bfd1dc48c5fee15b19c43d5a67a673ac813bae5cd706d593ca150b48c2a0d3be805ba591e626690f42623a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "normalize-package-data", + "version": "2.5.0", + "bom-ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.5.0", + "externalReferences": [ + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ff908c3774f44785d38f80dc19a7b1a3eae8652752156ff400e39344eae3c73086d70ad65c4b066d129ebe39482fe643138b19949af9103e185b4caa9a42be78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.8.9", + "bom-ref": "read-pkg@5.2.0|hosted-git-info@2.8.9", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.8.9", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9b120301bf4bb26e83a0e27bc47fb9f97e32d4b53fe078b9d0bf42e6c22cc0adc9cd42d2e1bc24d45be374182f611e1bcd3e2db944220b5e451367f91db2ef63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.7.2", + "bom-ref": "read-pkg@5.2.0|semver@5.7.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "701ce79d0f4a8c9a94ebb079d91302eb908c6ab2b6eb4d161676e471a8b05aadf1cbfe61685265b21827a63a2f31527e1df7f8f5df06127d1bf3b0b9a43435d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.6.0", + "bom-ref": "read-pkg@5.2.0|type-fest@0.6.0", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abe301f27611d4a0cbae0af81b9c9e99fb69302eff40ba959dd06610476ace6363e5d70538ee0ea3caa5c1913750b4f7f998a6d45f0aab87019e290d86508c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "group": "@types", + "version": "2.4.4", + "bom-ref": "@types/normalize-package-data@2.4.4", + "description": "TypeScript definitions for normalize-package-data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/normalize-package-data@2.4.4#types/normalize-package-data", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/normalize-package-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/normalize-package-data", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfb8be39a59387da9e2b82d21cfb32442ecd6a19c6a2d36e66f8cb4a070fcdb9691c1debac227100e808e6009d2a6edca289ec697d4e7f420b8937276636dfc4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e92a6d948bfc4deff1d0282b69671a11581859f59d24aadca01bc5c280d43c6650e7c6e4265a18f9eba8fc7cde02bb7fc999b86c0e8edf70026ae2cf61dbb13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regjsparser", + "version": "0.10.0", + "bom-ref": "regjsparser@0.10.0", + "author": "'Julian Viereck'", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/regjsparser@0.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jviereck/regjsparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jviereck/regjsparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jviereck/regjsparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab1fb1406655b32e79087d1ad61895c079aa8cbaf27e1ef04321791ced3b5c9f5fedd40c63f80f407865c83908cc9282fb1d9f502a42714383514505ae6ed21c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "jsesc", + "version": "0.5.0", + "bom-ref": "regjsparser@0.10.0|jsesc@0.5.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "http://mths.be/mit" + } + } + ], + "purl": "pkg:npm/jsesc@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b99cf952707bbb84fd2efc2616a5e28bba594a8b9a44fa2b1ace70868d48a7b54ed30c5a9c5bc12fb1a433a7531e5817fa384102945eb5a5a99c369b39e4dc9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser/node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "strip-indent", + "version": "3.0.0", + "bom-ref": "strip-indent@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip leading whitespace from each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-indent@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-indent/-/strip-indent-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "95a2536b725bf95429682e83b1e1e117b75756a1d37c93c24436846e277f76b3a1822b60624bbf95eb4c52a397168595d3320851b8e9747dadfad623e1b40c45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "min-indent", + "version": "1.0.1", + "bom-ref": "min-indent@1.0.1", + "author": "James Kyle", + "description": "Get the shortest leading whitespace from lines in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/min-indent@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejameskyle/min-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23d8f0327d3b4b2fc8c0e8f7cd59158a4d894ef8296b29036448a02fa471e8df4b6cccb0c1448cb71113fbb955a032cb7773b7217c09c2fbae9ecf1407f1de02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/min-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@eslint", + "version": "8.57.0", + "bom-ref": "@eslint/js@8.57.0", + "description": "ESLint JavaScript language implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/js@8.57.0#packages/js", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git#packages/js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cfb78364da5bb8000ce2733edf37489b420e13239dd703305550fd38fd880d417c9cc5283f660145d3dce7a7a6e3c76c8e8ffe6c840b1449ae87d4b03c7fe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.11.14", + "bom-ref": "@humanwhocodes/config-array@0.11.14", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.11.14", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd3f0b90e9a0e39055e452026f5e5040cb325125ab43c0328157c2ed91b7db339a967aab8a59b4d7c6550b0d1e6a95eec7c16d037deaf0f4914acb6379ede34a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "2.0.3", + "bom-ref": "@humanwhocodes/object-schema@2.0.3", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f77cd874c112fdcd43ebdc9988a0c18f4576e2fa8dcc1fe4a05dba28f69a8007dddcfff8814961dc3cace688002be1318bd432ce50fcc7fd3c66def020a70370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "module-importer", + "group": "@humanwhocodes", + "version": "1.0.1", + "bom-ref": "@humanwhocodes/module-importer@1.0.1", + "author": "Nicholas C. Zaks", + "description": "Universal module importer for Node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/module-importer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f1bde57857cbf961be277054d3deb3d281904ea429237cad32e28555549c08b8354144c0d7acfc9744bf7cf22e5aa7d9bd6e7c8412359f9b95a4066b5f7cb7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/module-importer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs.scandir", + "group": "@nodelib", + "version": "2.1.5", + "bom-ref": "@nodelib/fs.scandir@2.1.5", + "description": "List files and directories inside the specified directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.scandir@2.1.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "beadb806adf29b91c4426d8d282af7c970f08dceef4ec1138510e7929d832bda75baa2d1f831eeae6fcd393a34286ec760753b7a9a4a663dcccaa62e3017fada" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.scandir" + } + ] + }, + { + "type": "library", + "name": "run-parallel", + "version": "1.2.0", + "bom-ref": "run-parallel@1.2.0", + "author": "Feross Aboukhadijeh", + "description": "Run an array of functions in parallel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-parallel@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/feross/run-parallel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/run-parallel", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/run-parallel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65e15c9947ce8b67f943c594d1ea3a8bf00144d92d0814b30fdba01b8ec2d5003c4776107f734194b07fb2dfd51f0a2dddcf3f0e950b8f9a768938ca031d004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-parallel" + } + ] + }, + { + "type": "library", + "name": "queue-microtask", + "version": "1.2.3", + "bom-ref": "queue-microtask@1.2.3", + "author": "Feross Aboukhadijeh", + "description": "fast, tiny `queueMicrotask` shim for modern engines", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/queue-microtask@1.2.3", + "externalReferences": [ + { + "url": "git://github.com/feross/queue-microtask.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/queue-microtask", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/queue-microtask/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36e68d49ae9f94a4f925a498433268934e09cd32f5080e9a1a1bf9adf2d6dcf82a03e3360a1a59427002f21f22e19164052f17e51aa40c11c0eebe217a3dcaf4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/queue-microtask" + } + ] + }, + { + "type": "library", + "name": "fastq", + "version": "1.17.1", + "bom-ref": "fastq@1.17.1", + "author": "Matteo Collina", + "description": "Fast, in memory work queue", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fastq@1.17.1", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/fastq.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/fastq#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/fastq/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b11543de55952175a0e81cbaf1937bbe1a3d6b5a5070dfd604568002c0c31739498efa06c743fccfb575b7bda0ac525f261bb760f641baedb97fb29ac368cdd7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastq" + } + ] + }, + { + "type": "library", + "name": "reusify", + "version": "1.0.4", + "bom-ref": "reusify@1.0.4", + "author": "Matteo Collina", + "description": "Reuse objects and functions with style", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/reusify@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/reusify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/reusify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/reusify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d9c7f3c6b77dcfde902175974fd43f5228b22b888f24e1ee106f5d530762055c7c6bedf3ded782e8f650e2c3788e411b69bbfeec3268b553e9f6ed0b04f2cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/reusify" + } + ] + }, + { + "type": "library", + "name": "structured-clone", + "group": "@ungap", + "version": "1.2.0", + "bom-ref": "@ungap/structured-clone@1.2.0", + "author": "Andrea Giammarchi", + "description": "A structuredClone polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40ungap/structured-clone@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/ungap/structured-clone.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ungap/structured-clone#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ungap/structured-clone/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cee55d16b3098ae083414302cd0683e8a2f6f0c8e7aaa37c5e702a884abd3cd9bf8423d34867eb5c239fc23d68c382c56ffb4dca624fc2c35b55e3dcd7116aad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ungap/structured-clone" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2399e374a9dfb2d23b3312da18e3caf43deab97703049089423aee90e5fe3595f92cc17b8ab58ae18284e92e7c887079b6e1486ac7ee53aa6d889d2c0b844e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "907c6bdb366962d766acdd6a0e3aeb5ff675ad1d641bc0f1fa09292b51b87979af5ecc26704d614d6056614ce5ada630d7fc99a7a62e0d8efb62dbdb3747660c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-command" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efef9d161b5cc77df9dee05aabc0c347836ec417ad0730bb6503a19934089c711de9b4ab5dd884cb30af1b4ed9e3851874b4a1594c97b7933fca1cfc7a471bd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-regex" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04b2374e5d535b73ef97bd25df2ab763ae22f9ac29c17aac181616924a8cb676d782b303fb28fbae15b492e103c7325a6171a3116e6881aa4a34c10a34c8e26c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "447c4c2e9f659ca1c61d19e0f5016144231b600715a67ebdb2648672addfdfac638155564e18f8aaa2db4cb96aed2b23f01f9f210d44b8210623694ab3241e23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "7.2.2", + "bom-ref": "eslint-scope@7.2.2", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@7.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74eb76d4eee54cc84333e5fd981e065fe0d9ad9b425093cbff095c4eac72af1e48bced0862d20b76dad0190a7ef27e52d20c1256639ff4d42b8cc3a07d066522" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "8.11.3", + "bom-ref": "acorn@8.11.3", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@8.11.3", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63dad17c91b98dc28e13408b8ac61ba2352322b20413b00633303f4a6e01b2500d85b4be70332980175c3d3f75a09eceb89f61609071e7d4636e1c559eb17c5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn" + } + ] + }, + { + "type": "library", + "name": "flat-cache", + "version": "3.2.0", + "bom-ref": "flat-cache@3.2.0", + "author": "Jared Wray", + "description": "A stupidly simple key/value storage using files to persist some data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/flat-cache@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/flat-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09870435af85b5c50a2e6861ab272da5c96cabb405dfca4a8d91ec18d892405e6be05b6828359a6c50e5de1cda11032f4f52c7132b30e6dc202efa5861be2f6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "flatted", + "version": "3.3.1", + "bom-ref": "flatted@3.3.1", + "author": "Andrea Giammarchi", + "description": "A super light and fast circular JSON parser.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/flatted@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/flatted.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/flatted#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/flatted/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5fc72a30b2e27bb2ac3540d277378df0560af6b12de03b7aeceb06fc33469d84d20c11b8b850091419d47a257ecc2540bf0172e7a22333db07e758d568484dc7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flatted" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "keyv", + "version": "4.5.4", + "bom-ref": "keyv@4.5.4", + "author": "Jared Wray", + "description": "Simple key-value storage with support for multiple backends", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/keyv@4.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/keyv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/keyv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/keyv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3154790747f1097f608d5e75b144b5ba9a0ec9c82094706d03b441a62f672d528d4f3538a7d4f52297eafffb8af93295600bf7e7d648ecc7b9a34ae8caa88a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/keyv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-buffer", + "version": "3.0.1", + "bom-ref": "json-buffer@3.0.1", + "author": "Dominic Tarr", + "description": "JSON parse & stringify that supports binary via bops & base64", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-buffer@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/dominictarr/json-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1b57905f4769aa7d04c99be579b4f3dd7fe669ba1888bd3b8007983c91cad7399a534ff430c15456072c17d68cebea512e3dd6c7c70689966f46ea6236b1f49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-buffer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "5.0.0", + "bom-ref": "find-up@5.0.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efcfcf5d3d7094b2c3813cc3b3bb23abd873cf4bd70fece7fbbc32a447b87d74310a6766a9f1ac10f4319a2092408dda8c557dd5b552b2f36dac94625ba9c69e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "6.0.0", + "bom-ref": "locate-path@6.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88f64ae9e6236f146edee078fd667712c10830914ca80a28a65dd1fb3baad148dc026fcc3ba282c1e0e03df3f77a54f3b6828fdcab67547c539f63470520d553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "5.0.0", + "bom-ref": "p-locate@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2da363b51594058fbecc1e6713f37071aa0cca548f93e4be647341d53cdd6cc24c9f2e9dca7a401aded7fed97f418ab74c8784ea7c47a696e8d8b1b29ab1b93f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-extglob", + "version": "2.1.1", + "bom-ref": "is-extglob@2.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a string has an extglob.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extglob@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extglob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b29b00d90deb4dd58b88c466fe3d2de549327e321b0b1bcd9c28ac4a32122badb0dde725875b3b7eb37e1189e90103a4e6481640ed9eae494719af9778eca1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extglob" + } + ] + }, + { + "type": "library", + "name": "is-path-inside", + "version": "3.0.3", + "bom-ref": "is-path-inside@3.0.3", + "author": "Sindre Sorhus", + "description": "Check if a path is inside another path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-path-inside@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-path-inside.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15de200016fec9c18098aa2ef1e31fb42ba94a2af9951c6a7f8683fef774703daa7381cbd3b3a309eb8732bf11a380a831a782283074fc40813955a34f052f3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-path-inside" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "prelude-ls", + "version": "1.2.1", + "bom-ref": "prelude-ls@1.2.1", + "author": "George Zahariev", + "description": "prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prelude-ls@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/prelude-ls.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://preludels.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/prelude-ls/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be47033eb459a354192db9f944b18fa60fd698843ae6aa165a170629ffdbe5ea659246ab5f49bdcfca6909ab789a53aa52c5a9c8db9880edd5472ad81d2cd7e6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prelude-ls" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-check", + "version": "0.4.0", + "bom-ref": "type-check@0.4.0", + "author": "George Zahariev", + "description": "type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-check@0.4.0", + "externalReferences": [ + { + "url": "git://github.com/gkz/type-check.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/type-check", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/type-check/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5794a1cf6ec065ea8d6c176944d9026ccc705679f39f10036befc7552be7121c8b15c83fef0b9c50e0469954df4bacead7aa765b2415fbbe69ee0aefd3a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-check" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "word-wrap", + "group": "@aashutoshrathi", + "version": "1.2.6", + "bom-ref": "@aashutoshrathi/word-wrap@1.2.6", + "author": "Jon Schlinkert", + "description": "Wrap words to a specified length.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40aashutoshrathi/word-wrap@1.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/aashutoshrathi/word-wrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d588ecd92bccf137e5111fce0f770e8e15963996f9f00dadef0a44d92f577c161388897e5c58501b66e3cb83eed48f8402508d533443603745c056142af5dc20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aashutoshrathi/word-wrap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "deep-is", + "version": "0.1.4", + "bom-ref": "deep-is@0.1.4", + "author": "Thorsten Lorenz", + "description": "node's assert.deepEqual algorithm except for NaN being equal to NaN", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-is@0.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/thlorenz/deep-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/deep-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/deep-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a083f392c993838fccae289a6063bea245c34fbced9ffc37129b6fffe81221d31d2ac268d2ee027d834524fcbee1228cb82a86c36c319c0f9444c837b7c6bf6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accepts", + "version": "1.3.8", + "bom-ref": "accepts@1.3.8", + "description": "Higher-level content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/accepts@1.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/accepts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/accepts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/accepts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d802d8536b69b654ac6ebd20f70cf0bf1b2f94fac380d4b02e4fc9a4991bafc3e34009269e5c443e34771517bace365eaa71ac55dd4b9e9b06b093eefe4892f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accepts" + } + ] + }, + { + "type": "library", + "name": "mime-types", + "version": "2.1.35", + "bom-ref": "mime-types@2.1.35", + "description": "The ultimate javascript content-type utility.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-types@2.1.35", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-types.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-types#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-types/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64363e6cf9b9cd34c5f98a42ac053d9cad148080983d3d10b53d4d65616fe2cfbe4cd91c815693d20ebee11dae238323423cf2b07075cf1b962f9d21cda7978b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-types" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8452ca863cbb0cfa3ff37428598ec9d7e758385eb1c53885f07e70953c695093f9398226a470ab2ec4239b051bba0d29bda29c3f3bab2559b25d82140ce1b06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/negotiator" + } + ] + }, + { + "type": "library", + "name": "array-flatten", + "version": "1.1.1", + "bom-ref": "array-flatten@1.1.1", + "author": "Blake Embrey", + "description": "Flatten an array of nested arrays into a single flat array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-flatten@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/array-flatten.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c254042cc167a6bba51dc6c0c5157ffe815798a8a0287770f75159bdd631f0ca782e3b002f60f871f2736533ef8da9170ae82c71a5469f8e684874a88789baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-flatten" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "version": "1.20.2", + "bom-ref": "body-parser@1.20.2", + "description": "Node.js body parsing middleware", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/body-parser@1.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/body-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/body-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/body-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a5f6945e0aedcceb590696aa139b6ba64974e5453b864f1d1b7d88feb8850a298c9c1b936d49b79eb55ddf69253a47b6a338fc3483f2753ef2b8a8dcbbb396c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "body-parser@1.20.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "body-parser@1.20.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "bytes", + "version": "3.1.2", + "bom-ref": "bytes@3.1.2", + "author": "TJ Holowaychuk", + "description": "Utility to parse a string bytes to bytes and vice-versa", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bytes@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/bytes.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcd7fb4f2cd3c7a4b7c9124e6ce015efde7aafc72bdbe3a3f000b976df3048fdc1400a1e5f9f0da07c8253c3fccc690d5d2b634d28ba7f33ba174a4175c61b12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bytes" + } + ] + }, + { + "type": "library", + "name": "depd", + "version": "2.0.0", + "bom-ref": "depd@2.0.0", + "author": "Douglas Christopher Wilson", + "description": "Deprecate all the things", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/depd@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/dougwilson/nodejs-depd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83b9c7e8fe9dc838a8268800006a6b1a90ad5489898693e4feba02cdd6f77c887ad7fb3f9cfb1f47aa27c8cc2408047f3a50b7c810b49444af52840402cb08af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/depd" + } + ] + }, + { + "type": "library", + "name": "destroy", + "version": "1.2.0", + "bom-ref": "destroy@1.2.0", + "author": "Jonathan Ong", + "description": "destroy a stream if possible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/destroy@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/destroy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/destroy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/destroy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dac246253697208691d70e22252368374867318ec6a5cfe7f03e2a482270f10a855977fb72e0209c41f1069c1e69570f7af0b69772a98d80b1dcdca941081a26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/destroy" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "version": "2.0.0", + "bom-ref": "http-errors@2.0.0", + "author": "Jonathan Ong", + "description": "Create HTTP error objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-errors@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/http-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/http-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/http-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16dc2b1bf7ae0736848d8791a8e825cbb1b4aaf8a25e82569ef107d99d6994175781bca3bf7e291d349bf73a1e1ccc83cb7dfe0d6cb95adf56a3e4d446d39849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-errors" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.4.24", + "bom-ref": "iconv-lite@0.4.24", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.4.24", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf73179d901cbe7cb091350466898801cb657bb4575de79d391df5c3097b565ca85cee108bd6abbd27a73505a77b54dc4708422f51f02c8db56c4a9da63f3fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/iconv-lite" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "619a372bcd920fb462ca2d04d4440fa232f3ee4a5ea6749023d2323db1c78355d75debdbe5d248eeda72376003c467106c71bbbdcc911e4d1c6f0a9c42b894b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safer-buffer" + } + ] + }, + { + "type": "library", + "name": "on-finished", + "version": "2.4.1", + "bom-ref": "on-finished@2.4.1", + "description": "Execute a callback when a request closes, finishes, or errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/on-finished@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/on-finished.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/on-finished#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/on-finished/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a15973920dc4340842936cddbfb209c1dfd0503e33d91c51c2991c198f29b0255c09864dab8c189d55802c733e6ebb6e26378f5a2605fc2966b83afc0a1e7e92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/on-finished" + } + ] + }, + { + "type": "library", + "name": "qs", + "version": "6.11.0", + "bom-ref": "qs@6.11.0", + "description": "A querystring parser that supports nesting and arrays, with a depth limit", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/qs@6.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/qs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/qs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32f8e830227011aad26d4624e4efa79a84b34aeb52b13c05f39cdc1cf43d3ab945a193982236aa040248a885e3a6dc83e6f4e1c46ab9d97bbf31a273464224e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/qs" + } + ] + }, + { + "type": "library", + "name": "raw-body", + "version": "2.5.2", + "bom-ref": "raw-body@2.5.2", + "author": "Jonathan Ong", + "description": "Get and validate the raw body of a readable stream.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/raw-body@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/raw-body.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/raw-body#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/raw-body/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f331aaca97c4363088a868605d3a02f1a076afb62b057f804007c83ecfcc964f81b4f4f3b4ebd34b4d4d456ff7121eb427e6b8f25b7caac0b38ab43a9680957c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/raw-body" + } + ] + }, + { + "type": "library", + "name": "unpipe", + "version": "1.0.0", + "bom-ref": "unpipe@1.0.0", + "author": "Douglas Christopher Wilson", + "description": "Unpipe a stream from all destinations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/unpipe@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/unpipe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/unpipe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/unpipe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cb66d8852b2e7f05a52b03dcfa5ddc37bfb0b8994aeaecf461d2443a54036e5ea3a3f6253e2e266fc6a0524542f0117b57c36ecdec8f36a464b00de1ced29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/unpipe" + } + ] + }, + { + "type": "library", + "name": "type-is", + "version": "1.6.18", + "bom-ref": "type-is@1.6.18", + "description": "Infer the content-type of a request.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-is@1.6.18", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/type-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/type-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/type-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e444aafdb144f1107f0c75fb8248fed58b3272cd134c8e3d89d9da3626bdcaca6e7df0955d124b2eccf4029e514f5b8932f50fa203e99af411a6d3a5d0072f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-is" + } + ] + }, + { + "type": "library", + "name": "content-disposition", + "version": "0.5.4", + "bom-ref": "content-disposition@0.5.4", + "author": "Douglas Christopher Wilson", + "description": "Create and parse Content-Disposition header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-disposition@0.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-disposition.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-disposition#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-disposition/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16f7994cdb86c34e1cc6502259bce2eb34c02ff9617a16966d3b6096e261e3f13de43a8cc139a16b7299375680580f1c148847ccc654bcb7af930e51aa4fad49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-disposition" + } + ] + }, + { + "type": "library", + "name": "cookie-signature", + "version": "1.0.6", + "bom-ref": "cookie-signature@1.0.6", + "author": "TJ Holowaychuk", + "description": "Sign and unsign cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie-signature@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/node-cookie-signature.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4000f395a1dcf22715f08eef6da257270a1df47598a7cb82a9fd716b839f36ed53ec9571408ad480e5ad1dd343b4f8b2c2615b892d76563a2d2172eb28cde8ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie-signature" + } + ] + }, + { + "type": "library", + "name": "cookie", + "version": "0.6.0", + "bom-ref": "cookie@0.6.0", + "author": "Roman Shtylman", + "description": "HTTP server cookie parsing and serialization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bd5cc936a6ba1d4244d09fa4663ab68dbc971bcdc0f1b81aecff1158e07f7266cefd2f943a756ad4fd792e5d0e33181ee7291db5a7b3a2f07f704acfab2f77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie" + } + ] + }, + { + "type": "library", + "name": "encodeurl", + "version": "1.0.2", + "bom-ref": "encodeurl@1.0.2", + "description": "Encode a URL to a percent-encoded form, excluding already-encoded sequences", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encodeurl@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/encodeurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cf257abc26a15a5589b609698fbe73f6232a3865233bfd029c4a6b8c2c339b7e91f97e2ed150699dfeb4c37feaeeb7fb1a88389011e5533600262447403b1d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/encodeurl" + } + ] + }, + { + "type": "library", + "name": "escape-html", + "version": "1.0.3", + "bom-ref": "escape-html@1.0.3", + "description": "Escape string for use in HTML", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-html@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/component/escape-html.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/escape-html#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/escape-html/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3624aea59e0e7ae1b0afaf251887b29bf92c219309a1d506392099fc54a74f172b7a46efaab81d53194938ca628da299563009ad6ac6b3fe89cbc38cbb28fda3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-html" + } + ] + }, + { + "type": "library", + "name": "etag", + "version": "1.8.1", + "bom-ref": "etag@1.8.1", + "description": "Create simple HTTP ETags", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/etag@1.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/etag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/etag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/etag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6882f9171ee66b055adf4d1a976067104e2236fa35a844f12eb3c8fe8d392fbcfa828edf0b0d49e844266cae05989d804bb920545fca1195ae7c17dd0a531c3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/etag" + } + ] + }, + { + "type": "library", + "name": "finalhandler", + "version": "1.2.0", + "bom-ref": "finalhandler@1.2.0", + "author": "Douglas Christopher Wilson", + "description": "Node.js final http responder", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/finalhandler@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/finalhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e5dc5157ed9503059d60bdaaefecbe45afdc64ddd8f7d484aff73cb9183407bb15ba8932ddf9d791dac44e9e44bef819db2b8a2c2e8e26b075a0750691084a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "finalhandler@1.2.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "finalhandler@1.2.0|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/ms" + } + ] + } + ] + }, + { + "type": "library", + "name": "parseurl", + "version": "1.3.3", + "bom-ref": "parseurl@1.3.3", + "description": "parse a url with memoization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parseurl@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/parseurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/parseurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/parseurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0a2c9e3b1153fc96723799b4cfd3df5f0e1208127a4b2833d43a65d30aa39610c418604fd469ec51510bd29eb78681b57dc8f77c7ca75e2f4d60ee2758e2fea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parseurl" + } + ] + }, + { + "type": "library", + "name": "statuses", + "version": "2.0.1", + "bom-ref": "statuses@2.0.1", + "description": "HTTP status utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/statuses@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/statuses.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/statuses#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/statuses/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "470340f59ffb3eb2b4eab60b23314c95a17e97bde2c29ceca9120581b30b6d370b0fa70e6a8f364da59e7cf5d0bc1d9f382e008ee612127752ecdfe64c26e475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/statuses" + } + ] + }, + { + "type": "library", + "name": "fresh", + "version": "0.5.2", + "bom-ref": "fresh@0.5.2", + "author": "TJ Holowaychuk", + "description": "HTTP response freshness testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fresh@0.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc9da6418335f2b1053ae75e57819285318843b45bcc0ee8cdb53d23f5c1a66ee4aa0332c209b294cc171f16499a45686249daf5dda95575573dd6133fd7a3f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fresh" + } + ] + }, + { + "type": "library", + "name": "setprototypeof", + "version": "1.2.0", + "bom-ref": "setprototypeof@1.2.0", + "author": "Wes Todd", + "description": "A small polyfill for Object.setprototypeof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/setprototypeof@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/wesleytodd/setprototypeof.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1392c35fb5aba7ce4a8a5e5b859bf8ea3f2339e6e82aae4932660cde05467461fcc45a4f59750cb0dae53830ab928c4c11e362fd7648c2e46f6385cdc18309a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setprototypeof" + } + ] + }, + { + "type": "library", + "name": "toidentifier", + "version": "1.0.1", + "bom-ref": "toidentifier@1.0.1", + "author": "Douglas Christopher Wilson", + "description": "Convert a string of words to a JavaScript identifier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/toidentifier@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/toidentifier.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/toidentifier#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/toidentifier/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39b123ca12483f0c840d987e37574fee7ab2eba7355e764521f2d18dbda797a5fa6ec2329e9e54a8c7fd8efc14e5654b447be246eece58844cfad3c3e500744" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/toidentifier" + } + ] + }, + { + "type": "library", + "name": "merge-descriptors", + "version": "1.0.1", + "bom-ref": "merge-descriptors@1.0.1", + "author": "Jonathan Ong", + "description": "Merge objects using descriptors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-descriptors@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/merge-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/merge-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/merge-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7028ba837fd9af58aa422eb249bb1e3355efa286bdf0dd30df58f3518ad73d7db1a8e6e61461c9d2d439bbbe07de6561ef02e8b93b1e672608ab7f60f1c369d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-descriptors" + } + ] + }, + { + "type": "library", + "name": "methods", + "version": "1.1.2", + "bom-ref": "methods@1.1.2", + "description": "HTTP methods that node supports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/methods@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/methods.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/methods#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/methods/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "89c9401de36a366ebccc5b676747bed4bdb250876fccda1ab8a53858103756f1ffbcf162785eea7d197051953e0c0f4ff5b3d7212f74ba5c68528087db7b15db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/methods" + } + ] + }, + { + "type": "library", + "name": "ee-first", + "version": "1.1.1", + "bom-ref": "ee-first@1.1.1", + "author": "Jonathan Ong", + "description": "return the first event in a set of ee/event pairs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ee-first@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonathanong/ee-first.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonathanong/ee-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonathanong/ee-first/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58cc26f4b851528f9651a44dfaf46e113a86f3d22066985548d91d16079beac4bf1383ab0c837bb78f0201ec121d773a0bc95e7c3f0a29faf9bd8eb56eb425a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ee-first" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "0.1.7", + "bom-ref": "path-to-regexp@0.1.7", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@0.1.7", + "externalReferences": [ + { + "url": "git+https://github.com/component/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e43164ba8aa5bf5b9840ac72f2898505e24f41c768134ecabf6b1f7ab0c2ac0ab5a21394f8c483b300c86e7c7760033ad2a20e9d86b9df00615d6d046cca27ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-to-regexp" + } + ] + }, + { + "type": "library", + "name": "proxy-addr", + "version": "2.0.7", + "bom-ref": "proxy-addr@2.0.7", + "author": "Douglas Christopher Wilson", + "description": "Determine address of proxied request", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-addr@2.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/proxy-addr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96542c30b4940d43d3e388ddad4fcedfbaa59e27e2b433fe670ae699972848ac8b2afb59c69c95d27dbf6c3fcde2d040019fe024475953b28cadaa0ad7e5d802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-addr" + } + ] + }, + { + "type": "library", + "name": "forwarded", + "version": "0.2.0", + "bom-ref": "forwarded@0.2.0", + "description": "Parse HTTP X-Forwarded-For header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/forwarded@0.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/forwarded.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/forwarded#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/forwarded/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ee446d1fa41b511d24c238049eea10f6e7cb44b9b16844b6f864d03a3713151cdc3680e7301e8f70c9a6e5ccccce039cfdc40f4bd4a36393f36de8c4fd698a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/forwarded" + } + ] + }, + { + "type": "library", + "name": "ipaddr.js", + "version": "1.9.1", + "bom-ref": "ipaddr.js@1.9.1", + "author": "whitequark", + "description": "A library for manipulating IPv4 and IPv6 addresses in JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ipaddr.js@1.9.1", + "externalReferences": [ + { + "url": "git://github.com/whitequark/ipaddr.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0a23feb4ef1a31493a07ec68cdd457d26cba14d3e6ed4e2723b1049642587f859ca437c2a998c7fbb98c0f5b747e6a467a47fc35f199574870585e26143cede" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ipaddr.js" + } + ] + }, + { + "type": "library", + "name": "side-channel", + "version": "1.0.6", + "bom-ref": "side-channel@1.0.6", + "author": "Jordan Harband", + "description": "Store information about any JS value in a side channel. Uses WeakMap if available.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/side-channel@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/side-channel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/side-channel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/side-channel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c35bf119e90f5188ef1e146f078feeeefe85be5eb3d320287008e336fad87603a39b943b58608a6f7bd9be2af23d6780bda9211795a191e9b4c460745eba094" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/side-channel" + } + ] + }, + { + "type": "library", + "name": "call-bind", + "version": "1.0.7", + "bom-ref": "call-bind@1.0.7", + "author": "Jordan Harband", + "description": "Robustly `.call.bind()` a function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/call-bind@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/call-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/call-bind#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/call-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1874d2352608090eec707eec67e336ac5a294682e1f2dd9b2d25ba05b82bb4bb1a84e201e62c805497fd1a358addc6130da323e17741a4cd5c03aa484b42afdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/call-bind" + } + ] + }, + { + "type": "library", + "name": "es-define-property", + "version": "1.0.0", + "bom-ref": "es-define-property@1.0.0", + "author": "Jordan Harband", + "description": "`Object.defineProperty`, but not IE 8's broken one.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-define-property@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-define-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-define-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-define-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f16b22ca4a1ac4aaacc9d1eba641b5614d840cdbb09f4f54f7e7e8028031682fcd892ec5ea4c9efacefe80d182ce8049cb50cbcbcec0ec188ae5f0d1694f681" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-define-property" + } + ] + }, + { + "type": "library", + "name": "get-intrinsic", + "version": "1.2.4", + "bom-ref": "get-intrinsic@1.2.4", + "author": "Jordan Harband", + "description": "Get and robustly cache all JS language-level intrinsics at first require time", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-intrinsic@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/get-intrinsic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e621b091fc549053bfba2c960e01ce7258843a1123ac1a602c4c9827674eb702ac703f7c214aa13173d8928a1341dd0c5505effa10ba1cee99724aee968145" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-intrinsic" + } + ] + }, + { + "type": "library", + "name": "es-errors", + "version": "1.3.0", + "bom-ref": "es-errors@1.3.0", + "author": "Jordan Harband", + "description": "A simple cache for a few of the JS Error constructors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-errors@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65fe47d8ac6ddb18d3bdb26f3f66562c4202c40ea3fa1026333225ca9cb8c5c060d6f2959f1f3d5b2d066d2fa47f9730095145cdd0858765d20853542d2e9cb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-errors" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed71cdc47eea5fdc46e66230c6486e993a31fcc21135c3a00ebc56b0cb76a40af6dd61e9e8cad194dec50521690a9afea153b417be38894811f369c931f1b648" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/function-bind" + } + ] + }, + { + "type": "library", + "name": "set-function-length", + "version": "1.2.2", + "bom-ref": "set-function-length@1.2.2", + "author": "Jordan Harband", + "description": "Set a function's length property", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/set-function-length@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/set-function-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/set-function-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/set-function-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6045ce21278fec363582492f409a74b8d31ddb34c0d39271e02f951a3014ccc899d4f741205a1d51cfe302f5e16ee01b8dfd4c198ca42e63fd6fdeb33b1cc7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/set-function-length" + } + ] + }, + { + "type": "library", + "name": "define-data-property", + "version": "1.1.4", + "bom-ref": "define-data-property@1.1.4", + "author": "Jordan Harband", + "description": "Define a data property on an object. Will fall back to assignment in an engine without descriptors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-data-property@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/define-data-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/define-data-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/define-data-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac132f23396903cbfa13e489668a3ef87018aac2eb920ecc49f2229cc3c5866928af0ed7f9d39754942cf904faf731a4cccc9f0e720c3765a2775f8d6cbdd3f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-data-property" + } + ] + }, + { + "type": "library", + "name": "gopd", + "version": "1.0.1", + "bom-ref": "gopd@1.0.1", + "author": "Jordan Harband", + "description": "`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gopd@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/gopd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/gopd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/gopd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77ae5b36521a771be96ff03669b55d96a2aa579eb78ee4676755ad93ab35b0847cb8db1747bd31a88cd5ab155fd5e4ea0ee9f04f632473311e69ecc2293661c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gopd" + } + ] + }, + { + "type": "library", + "name": "has-property-descriptors", + "version": "1.0.2", + "bom-ref": "has-property-descriptors@1.0.2", + "author": "Jordan Harband", + "description": "Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-property-descriptors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-property-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7924d2ae216fafab829ed418ce4e333661cb5022f093ec61731f099f64f1a8e709eb82489dd1842d9c095e152aae9999b86b3de7d814be7ab6f2e62a49760ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-property-descriptors" + } + ] + }, + { + "type": "library", + "name": "has-proto", + "version": "1.0.3", + "bom-ref": "has-proto@1.0.3", + "author": "Jordan Harband", + "description": "Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-proto@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-proto.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-proto#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-proto/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "489d5a999009522652f8f86c54b7f9b46c9d95a541f04745a5a48ee209a250a50ec64f2ace7e40232e19789526876db39c8764fee300513da9977171cd5507f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-proto" + } + ] + }, + { + "type": "library", + "name": "has-symbols", + "version": "1.0.3", + "bom-ref": "has-symbols@1.0.3", + "author": "Jordan Harband", + "description": "Determine if the JS environment has Symbol support. Supports spec, or shams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-symbols@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/has-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/has-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/has-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9772c2b85e8c8033704c32a47581848a1623b79a513db120e3aaed9669d23e551b82607c2ce22b2896d86050526e73da25ec4c2ad88f3bc8667918d1cf64ddf8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-symbols" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21254f5208fbe633320175916a34f5d66ba76a87b59d1f470823dcbe0b24bcac6de72f8f01725adaf4798a8555541f23d6347e58ef10f0001edb7e04a391431" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hasown" + } + ] + }, + { + "type": "library", + "name": "object-inspect", + "version": "1.13.1", + "bom-ref": "object-inspect@1.13.1", + "author": "James Halliday", + "description": "string representations of objects in node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-inspect@1.13.1", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/object-inspect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6aa23d5152228e32c08234b57508188f604d74b33893b2798dc64008feb661883eb7085ec8a9d1460bf5f38d68e94a02dfd0bc575f76c3148874135f1fe9485" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-inspect" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "version": "1.2.1", + "bom-ref": "range-parser@1.2.1", + "author": "TJ Holowaychuk", + "description": "Range header field string parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/range-parser@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/range-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/range-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/range-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1eb82cc7ea2baa8ca09e68456ca68713a736f7a27e1d30105e8c4417a80dba944e9a6189468cb37c6ddc700bdea8206bc2bff6cb143905577f1939796a03b04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "version": "0.18.0", + "bom-ref": "send@0.18.0", + "author": "TJ Holowaychuk", + "description": "Better streaming static file server with Range and conditional-GET support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/send@0.18.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/send.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/send#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/send/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aaa5b3b8e8d214ebaa3e315ee0d3ac30b69f4e8410c0148e1294be17012ddc0d95def2ae6d3aae4f7be62d3429160317a7c02515616e3f5a8a68964eb4fa555e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send" + } + ], + "components": [ + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "send@0.18.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug" + } + ], + "components": [ + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "send@0.18.0|debug@2.6.9|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug/node_modules/ms" + } + ] + } + ] + } + ] + }, + { + "type": "library", + "name": "mime", + "version": "1.6.0", + "bom-ref": "mime@1.6.0", + "author": "Robert Kieffer", + "description": "A comprehensive library for mime-type mapping", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-mime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-mime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-mime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c74567f2ca48fb0b89d4ee92ee09db69083c3f187834d1dbeca4883661162a23c4e1128ea65be28e7f8d92662699180febc99cef48f611b793151b2bb306907a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "version": "1.15.0", + "bom-ref": "serve-static@1.15.0", + "author": "Douglas Christopher Wilson", + "description": "Serve static files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/serve-static@1.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/serve-static.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/serve-static#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/serve-static/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c6b910cd8d75228ec50bd2f97a9d20fb730511bb31208256ce685b9933d8379300d7396553724d232f38cfcc60fe4dacd66dba1962ee76ffdfd73dd5209def6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serve-static" + } + ] + }, + { + "type": "library", + "name": "media-typer", + "version": "0.3.0", + "bom-ref": "media-typer@0.3.0", + "author": "Douglas Christopher Wilson", + "description": "Simple RFC 6838 media type parser and formatter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/media-typer@0.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/media-typer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/media-typer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/media-typer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76afaa7a543d6a41e970e97f8145514f15483a4009d70477400bdbe11b158d2f285681630c64dcebbf702589949a49d41791f030b3a06f93be6b72b17d66a93d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/media-typer" + } + ] + }, + { + "type": "library", + "name": "utils-merge", + "version": "1.0.1", + "bom-ref": "utils-merge@1.0.1", + "author": "Jared Hanson", + "description": "merge() utility function", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "http://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:npm/utils-merge@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/jaredhanson/utils-merge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredhanson/utils-merge#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/jaredhanson/utils-merge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a4c653bc8913d5df93146bc33aaa1d39c971d105a49208ba4dda1af200bc7df18002acfda733d36560326dbb071e8103ff3b4cb64bff5686136324a1527f3584" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/utils-merge" + } + ] + }, + { + "type": "library", + "name": "vary", + "version": "1.1.2", + "bom-ref": "vary@1.1.2", + "author": "Douglas Christopher Wilson", + "description": "Manipulate the HTTP Vary header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/vary@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/vary.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/vary#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/vary/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04d19b58b7ddd1e50f69b8645d4566d23f2ebaf444c93879a2f45afddca8c3f06a01b649c82fb97d4f88cd03b39802b362a6110084a8461750af778867f3d7aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/vary" + } + ] + }, + { + "type": "library", + "name": "asynckit", + "version": "0.4.0", + "bom-ref": "asynckit@0.4.0", + "author": "Alex Indigo", + "description": "Minimal async jobs utility library, with streams support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/asynckit@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexindigo/asynckit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexindigo/asynckit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexindigo/asynckit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39e8bd387e2d461d18a94dc6c615fbf5d33f9b0560bdb64969235a464f9bb21923d12e5c7c772061a92b7818eb1f06ad5ca6f3f88a087582f1aca8a6d8c8d6d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/asynckit" + } + ] + }, + { + "type": "library", + "name": "combined-stream", + "version": "1.0.8", + "bom-ref": "combined-stream@1.0.8", + "author": "Felix Geisendörfer", + "description": "A stream that emits multiple other streams one after another.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/combined-stream@1.0.8", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-combined-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1503783117ee25e1dfedc05b04c2455e12920eafb690002b06599106f72f144e410751d9297b5214048385d973f73398c3187c943767be630e7bffb971da0476" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/combined-stream" + } + ] + }, + { + "type": "library", + "name": "delayed-stream", + "version": "1.0.0", + "bom-ref": "delayed-stream@1.0.0", + "author": "Felix Geisendörfer", + "description": "Buffers events from a stream until you are ready to handle them.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/delayed-stream@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-delayed-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "672483ecd7fdd5a2c1d11c4be0a1ab28705797b11db350c098475ca156b05e72c3ed20e1a4d82db88236680920edaed04b8d63c4f499d7ba7855d1a730793731" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/delayed-stream" + } + ] + }, + { + "type": "library", + "name": "mime-db", + "version": "1.52.0", + "bom-ref": "mime-db@1.52.0", + "description": "Media Type Database", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-db@1.52.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0f538b95edd625bed589c70c311c3d0fba285536213b4f201b439496c43081f66518bce82ba103b061040e28f27c0886c4fb51135653a82b5502da7537818be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-db" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "11.2.0", + "bom-ref": "fs-extra@11.2.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as recursive mkdir, copy, and remove.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@11.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e60e2deec0ae6716e5e1ed70d39559d2d7bc494bbbd6dfa8acdbec37c5cbfc495c620783720137f872d9156396e44a35f46389dbbd90aad7f123b44cabf64b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "6.1.0", + "bom-ref": "jsonfile@6.1.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@6.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5d8277563ab8984a6e5c9d86893616a52cd0ca3aa170c8307faebd44f59b067221af28fb3c476c5818269cb9fdf3e8ad58283cf5f367ddf9f637727de932a5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsonfile" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "2.0.1", + "bom-ref": "universalify@2.0.1", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "829b4735082120d9dcfef4c6224d12385185357c3b255ae5454b42a2725196f6b0e83b97d303b925e928f6c5ab301861f8fb18019ee85c088e9dffd42a88328b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/universalify" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "version": "4.0.8", + "bom-ref": "get-installed-path@4.0.8", + "author": "Charlike Mike Reagent", + "description": "Get installation path where the given package is installed. Works for globally and locally installed packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-installed-path@4.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/tunnckoCore/get-installed-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-installed-path/-/get-installed-path-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e600d2b5c449481e51c7dad5df3a84e74835235f55f71af28ae99c8b6d49d20829f5a400f0bbaede556b6db8fcc95ab5c30d3d8c7ceeae01a2882ce15f8ad98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "global-modules", + "version": "1.0.0", + "bom-ref": "global-modules@1.0.0", + "author": "Jon Schlinkert", + "description": "The directory used by npm for globally installed npm modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-modules@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0ace91247f5d46a4e16ec346738f39ade01e146708ce706ef9ecf3efadf87170b15bab4c29b20a4eab1a71b71162086e03b46f7733a5d155b176a0675ebfb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-modules" + } + ] + }, + { + "type": "library", + "name": "global-prefix", + "version": "1.0.2", + "bom-ref": "global-prefix@1.0.2", + "author": "Jon Schlinkert", + "description": "Get the npm global path prefix.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-prefix@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-prefix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65b31d4d5031ed4a37e0d1e1e5998bd92aff3f9d5a97e1c9056ccf85ac6710fb4e0a59c585a3d3f93313d9612cd4bf2ce67536c8ec48b1f10e086c42c3ab32a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix" + } + ], + "components": [ + { + "type": "library", + "name": "which", + "version": "1.3.1", + "bom-ref": "global-prefix@1.0.2|which@1.3.1", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f125d616ab53132106c9de7c3472ab2c1e84cd536ebb2a5ac3b866755989710d2b54b4a52139a266875d76fd36661f1c547ee26a3d748e9bbb43c9ab3439221" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix/node_modules/which" + } + ] + } + ] + }, + { + "type": "library", + "name": "expand-tilde", + "version": "2.0.2", + "bom-ref": "expand-tilde@2.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like tilde expansion for node.js. Expands a leading tilde in a file path to the user home directory, or `~+` to the cwd.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expand-tilde@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/expand-tilde.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0391267ac1d6eab7e767dcac1d08cf7494678b44916abd2d8ed1b930db66f67e5352fb1853ca28ce9aed443e00a87c5c6565a556e026428da758a7cdf68ca34f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expand-tilde" + } + ] + }, + { + "type": "library", + "name": "homedir-polyfill", + "version": "1.0.3", + "bom-ref": "homedir-polyfill@1.0.3", + "author": "Brian Woodward", + "description": "Node.js os.homedir polyfill for older versions of node.js.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/homedir-polyfill@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/homedir-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7929a6584e5b6532b6368bb8834008df367daecc29ec644aa0a5d2d412d492f3ef88eaace184cdd5d8d022aad7cbd939804b5d2cfcbce898d1c2c34cf6d9c370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/homedir-polyfill" + } + ] + }, + { + "type": "library", + "name": "parse-passwd", + "version": "1.0.0", + "bom-ref": "parse-passwd@1.0.0", + "author": "Brian Woodward", + "description": "Parse a passwd file into a list of users.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-passwd@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/parse-passwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/parse-passwd", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/parse-passwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58d40fff4145c464aed82b3fab0fd5b275c135f84b8fafa64180a79c001f2d9a85ba505bf435111525ed69fa3471b5386471b6ca91fc086d625efc8784ea6d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-passwd" + } + ] + }, + { + "type": "library", + "name": "is-windows", + "version": "1.0.2", + "bom-ref": "is-windows@1.0.2", + "author": "Jon Schlinkert", + "description": "Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-windows@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-windows.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7972b55089ead9b3e68f25fa7b754723330ba1b73827de22e005a7f87a6adce5392a4ad10bde8e01c4773d127fa46bba9bc4d19c11cff5d917415b13fc239520" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-windows" + } + ] + }, + { + "type": "library", + "name": "resolve-dir", + "version": "1.0.1", + "bom-ref": "resolve-dir@1.0.1", + "author": "Jon Schlinkert", + "description": "Resolve a directory that is either local, global or in the user's home directory.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-dir@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/resolve-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bba24e3102cef3ac5927dd33440a14d05515c2b6eda1ce53076f2b9dc1716f33aa719d629d056e3f36732e78fb60383f6b45336d89e6445f7b547e94cff5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-dir" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "5.0.3", + "bom-ref": "domhandler@5.0.3", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@5.0.3", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "720c25bffd621508859d4f7a5d78113a1f314de7adb272620ec4dced36022c577dfbf58d908a8f4f188cffca5277c548ae15c64dfd4dcb5ab586ab95a83241e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "3.1.0", + "bom-ref": "domutils@3.1.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@3.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fbf2e32642d23602180326359e4261f0249d9b2cf0f718c98eed98dafd9661f38c249bee2eb7e2149d47516bcb82197f3c0e2571d63e8545ed577f11208c464" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "2.0.0", + "bom-ref": "dom-serializer@2.0.0", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-serializer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c08900af28aab7f9d5e4440aa90a68dd24e848e57d2740e76c9ab02bb5affd3adcf76cc801867816532ef893c55b50df185b7cd594c21a00c469b7df5de2f226" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "4.5.0", + "bom-ref": "entities@4.5.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease & speed", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@4.5.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5748631f87463e1f40a39a74328458e8156ab700a3873eaf2392d3f00279e47fb883dff8bdb1f1d48e787d2d17b9c94b8431c0acf40288c8c3c6368bf1f3f187" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "https", + "version": "1.0.0", + "bom-ref": "https@1.0.0", + "author": "hardus van der berg", + "description": "https mediation", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/https@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/https/-/https-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e040b9edd757ae4685d31f373a3f2c33a48b4070165f0f744a4aaed8ce0011610d677174d9d14913f180440f2280eefdb5c818a86ac3eda7b87f92f7ba6da582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/https" + } + ] + }, + { + "type": "library", + "name": "inquirer-file-tree-selection-prompt", + "version": "2.0.2", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2", + "author": "anc95", + "description": "inquerer file tree selection prompt", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inquirer-file-tree-selection-prompt@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/anc95/inquirer-file-tree-selection.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer-file-tree-selection-prompt/-/inquirer-file-tree-selection-prompt-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae56d0ec1ca4819fdf9aded259cdac681072b8cb10ad487e8aa9f2e1a32868bab6e426354ed643a7171a3bea0407335e5410fbe7d7789936884877e74a75414b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt" + } + ], + "components": [ + { + "type": "library", + "name": "rxjs", + "version": "7.8.1", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@7.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://rxjs.dev", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "000dd3563fb40368ae2284245842bfb6a16306ada3fba3cee98d3325cbf32c016110520edc72f4be5b3d8562e77196c001b2b499aafba19e15d3bf48fea3ccc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt/node_modules/rxjs" + } + ] + } + ] + }, + { + "type": "library", + "name": "cli-cursor", + "version": "3.1.0", + "bom-ref": "cli-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Toggle the CLI cursor", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23fcc7030b0a7fd16a1a85cce16591002a1bf7e48dba465377de03585e7b138b68a2e46e95b0b171487a44a5043909584c7267ce43ccc92bcf35a6922cd7cb67" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-cursor" + } + ] + }, + { + "type": "library", + "name": "restore-cursor", + "version": "3.1.0", + "bom-ref": "restore-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Gracefully restore the CLI cursor on exit", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/restore-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/restore-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97eb1279fcc7a63e6a8a6845484e5af27b9f65800cdec05254c00fb589260bee041f66a7486684317483d22cd141bbbd9dfc90f72e49ad59a9ec4f2866b523bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/restore-cursor" + } + ] + }, + { + "type": "library", + "name": "onetime", + "version": "5.1.2", + "bom-ref": "onetime@5.1.2", + "author": "Sindre Sorhus", + "description": "Ensure a function is only called once", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/onetime@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/onetime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/onetime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/onetime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91ba5a4921894d674063928f55e30e2974ab3edafc0bc0bbc287496dcb1de758d19e60fe199bbc63456853a0e6e59e2f5abd0883fd4d2ae59129fee3e5a6984a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/onetime" + } + ] + }, + { + "type": "library", + "name": "mimic-fn", + "version": "2.1.0", + "bom-ref": "mimic-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Make a function mimic another one", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3aa6ce939a0441e019f165d6c9d96ef47263cfd59574422f6a63027179aea946234e49c7fecaac5af850def830285451d47a63bcd04a437ee76c9818cc6a8672" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-fn" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "3.0.7", + "bom-ref": "signal-exit@3.0.7", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@3.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c270f6644fa5f923c2feea12d2f5de13d2f5fb4c2e68ca8a95fcfd00c528dfc26cc8b48159215c1d1d51ae2eb62d9735daf2ebd606f78e5ee2c10860c2901b19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "figures", + "version": "3.2.0", + "bom-ref": "figures@3.2.0", + "author": "Sindre Sorhus", + "description": "Unicode symbols with Windows CMD fallbacks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/figures@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/figures.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/figures#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/figures/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c9a76e40544a2d760e1a0127e8065abbdd23de08123b28aa5d4d05f4965f79762135af899385feb38e40db38398e7b3cec60056b7e01066da45f0e17a4d71b76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures" + } + ], + "components": [ + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "figures@3.2.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures/node_modules/escape-string-regexp" + } + ] + } + ] + }, + { + "type": "library", + "name": "inquirer", + "version": "8.0.0", + "bom-ref": "inquirer@8.0.0", + "author": "Simon Boudrias", + "description": "A collection of common interactive command line user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/inquirer@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer/-/inquirer-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38df291093cf09dca3c63f9cc6c6117ba5df0897a94f100d74d9d379bb13b90817a51c994514fdb78749c2346e6e09af9f6d022d2127a334546b25f233d5535c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "3.0.0", + "bom-ref": "cli-width@3.0.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "171aa990f3f0bb51e3b8df773a67e6e21f2e21a9d7a1f5b44715445b793944ac7e9892584ad873361a77d8acf1c72dd800467f0dcfc458dd6f651634fa43a16f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-width" + } + ] + }, + { + "type": "library", + "name": "external-editor", + "version": "3.1.0", + "bom-ref": "external-editor@3.1.0", + "author": "Kevin Gravier", + "description": "Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/external-editor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mrkmg/node-external-editor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84c438097d69d62ce6b8b63266a2cc3bfa86370d74c12bfd40308f7f35dfc85ace682492a117ea13529fd6ce5a9fae89e49642eb635ec06fa62b8f63382b507b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor" + } + ], + "components": [ + { + "type": "library", + "name": "tmp", + "version": "0.0.33", + "bom-ref": "external-editor@3.1.0|tmp@0.0.33", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.0.33", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d10899688ca9d9dda75db533a3748aa846e3c4281bcd5dc198ab33bacd6657f0a7ca1299c66398df820250dc48cabaef03e1b251af4cbe7182459986c89971b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor/node_modules/tmp" + } + ] + } + ] + }, + { + "type": "library", + "name": "chardet", + "version": "0.7.0", + "bom-ref": "chardet@0.7.0", + "author": "Dmitry Shirokov", + "description": "Character detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chardet@0.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/runk/node-chardet.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/runk/node-chardet", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/runk/node-chardet/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "993f220dcae1d37a83191466a00da1981267c69965311fb4ff4aa5ce3a99112e8d762583719902340938acf159f50f39af6eee9e488d360f193a2c195c11f070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chardet" + } + ] + }, + { + "type": "library", + "name": "os-tmpdir", + "version": "1.0.2", + "bom-ref": "os-tmpdir@1.0.2", + "author": "Sindre Sorhus", + "description": "Node.js os.tmpdir() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-tmpdir@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/os-tmpdir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f6151d37562afb148bb8e57058db49936fefd9496074d2c8d4f637505edf37803ac8e19b73e45b3bff2cbbe20d8de52550638c58d6a0ebe2b35d770611557d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/os-tmpdir" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "0.0.8", + "bom-ref": "mute-stream@0.0.8", + "author": "Isaac Z. Schlueter", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@0.0.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e76d658e9285b252c4e32ab8600f475ccf6da67644a7a58a9b123226da787086ec654a4a72c09981a3c87466a25d929ef799bf744acb0790de2bb1168101f00" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mute-stream" + } + ] + }, + { + "type": "library", + "name": "run-async", + "version": "2.4.1", + "bom-ref": "run-async@2.4.1", + "author": "Simon Boudrias", + "description": "Utility method to run function either synchronously or asynchronously using the common `this.async()` style.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-async@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/run-async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/run-async#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/run-async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-async/-/run-async-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6f56756fd356fc73546b03a129ec9912b63f391aebff62b31cc2a6109f08ec012d9c4e698f181063023a425bb46b4a874d4a8136fea83d3b86dc78dbd4b8381" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-async" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "6.6.7", + "bom-ref": "rxjs@6.6.7", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@6.6.7", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "853770afeef260d213e67e00318a7ce4a03acb0d956b414b6b7460baf6e96b85b7239c729da059a38d5c3375ccfb843a7d1323dec058211d5502664c5d826f45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "rxjs@6.6.7|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs/node_modules/tslib" + } + ] + } + ] + }, + { + "type": "library", + "name": "through", + "version": "2.3.8", + "bom-ref": "through@2.3.8", + "author": "Dominic Tarr", + "description": "simplified stream construction", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through@2.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/through.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/through", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/through/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3cf6a83b3c8f3001dbd7eb46cc0cff9b1680f90ef866f682e1785a793b86b6405d1c4811ac057e2a66669d3ccbd5aa52c9041722f96a8618e00fbdc0de35256" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "29.7.0", + "bom-ref": "jest-mock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@29.7.0#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21338c667f949184b864587cdf16003b3592b65a0dcc914edacf035ab138961b460fe028ae09db92228445ee3041507274818fc74e7d83aae25b906da7a2e59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "group": "@types", + "version": "3.0.3", + "bom-ref": "@types/istanbul-lib-report@3.0.3", + "description": "TypeScript definitions for istanbul-lib-report", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-report@3.0.3#types/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-report", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3509fb00742793f4522cec6b05b1b224cfda550fa98e3e470a06ac1717342bf2a1a004df43fe3b032525d79236c815298a18e66acf9af952413aa79cac51feb8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "group": "@types", + "version": "21.0.3", + "bom-ref": "@types/yargs-parser@21.0.3", + "description": "TypeScript definitions for yargs-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs-parser@21.0.3#types/yargs-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "238abd414f4c42fe2810ecf8b401c9b4dcf5730b8bc67d85df171cda257959da8b3e95278f7d1a52ec6dd660316131bea1ef0264c57ffbaad4e12e20443ceab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "29.7.0", + "bom-ref": "jest@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@29.7.0#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348cb7a00169f6c85d6b5f61cb81cad0745358ab4f26619d9efcb0bb4d673aa342daf660f99f9fbc90f1a4c400f3c79bd88f4471a7dc763620b03b619d84ef1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/core@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@29.7.0#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fb69e5d628c9c6b43038f32f132d624f2662e6999eb8d827a8efc718584a620fb1730e098d0d5fc6095468acf0017572c967ff70cf38190251e35e3c431c6b2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@jest/core@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/console@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@29.7.0#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e4d8b8094ed71d08b7d88277f7c1043f846b07c795d3db173f644ea83e1b92c1eb9d3ade7b9d8fb31bd7f2da4bf0bbd3677a45cd7c8f6cd411792378d420213a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/reporters@29.7.0", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@29.7.0#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c0a6ad0a25b24e1330056231c00cd371004dca6e1c50075cb92a995be566aac3acd56ee59ab529cc8c4e60b3c1548043e636c9d90373425a5f4d1b489ad383e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-result@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@29.7.0#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15dc7eb6feb1d7396424f7165e6303006d87067691f573d277968359056c7eb6662d54f7954d5cc32c4b81199747dcabab8341a049bd04cb1f805cd34006c960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/transform@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@29.7.0#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24fc14cf17314a54cc0ee5e38746bbe70551dd472f48aecad6d46a4c690f4c0a78a534b5d02a6017f2cd585c315a6a2f7126969cdb24b357461e451102af657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "fs.realpath", + "version": "1.0.0", + "bom-ref": "fs.realpath@1.0.0", + "author": "Isaac Z. Schlueter", + "description": "Use node's fs.realpath, but fall back to the JS implementation if the native one fails", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs.realpath@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/fs.realpath.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38ed291f694ae9ad2166701d6aee48b731cf23aa5496f23b8cc567c54411b70e28c05db093c94e49a6ed1830933f81a0ae0d8c6c69d63bd5fc2b5b78f9f18c0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs.realpath" + } + ] + }, + { + "type": "library", + "name": "inflight", + "version": "1.0.6", + "bom-ref": "inflight@1.0.6", + "author": "Isaac Z. Schlueter", + "description": "Add callbacks to requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inflight@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/npm/inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inflight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93dd88fdbd3cab8c2f16c71708bbea7ec1c2ae3ac5ef2897b10b8856f544ecdf365b7f9aaa9cee51d05b7e159ccbf159477ff82207e532028b3acbcf0eb18224" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inflight" + } + ] + }, + { + "type": "library", + "name": "path-is-absolute", + "version": "1.0.1", + "bom-ref": "path-is-absolute@1.0.1", + "author": "Sindre Sorhus", + "description": "Node.js 0.12 path.isAbsolute() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-is-absolute@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-is-absolute.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0156f0dd42767bd6eaeb8bd2692f409b47e37b53daf296c6a934ec9977da2223299ebe4394385f24eb8b8fd49ff7964f5430147ab0df124f3c30f98f7bb50242" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-is-absolute" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "6.0.2", + "bom-ref": "istanbul-lib-instrument@6.0.2", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@6.0.2#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5652c67d475940d07b414a8853926dfd5933e534a489e62164ed4c2a5e404ba07413fa17ea3ec7ec4c356e65d286681c27edd8a7f5b4bb4ac9e802bf78de1bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "make-dir", + "version": "4.0.0", + "bom-ref": "make-dir@4.0.0", + "author": "Sindre Sorhus", + "description": "Make a directory and its parents if needed - Think `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/make-dir@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/make-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8577544d960854eb75131fff8c0422fb04d9669529c018ffd10b0ecea7a06f7ac630c78989212ee712c79d87c1ad1578447dbe38248e3bde48b3fef1d562786f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-dir" + } + ] + }, + { + "type": "library", + "name": "source-map", + "version": "0.6.1", + "bom-ref": "source-map@0.6.1", + "author": "Nick Fitzgerald", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map@0.6.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mozilla/source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mozilla/source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mozilla/source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52381aa6e99695b3219018334fb624739617513e3a17488abbc4865ead1b7303f9773fe1d0f963e9e9c9aa3cf565bab697959aa989eb55bc16396332177178ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map" + } + ] + }, + { + "type": "library", + "name": "html-escaper", + "version": "2.0.2", + "bom-ref": "html-escaper@2.0.2", + "author": "Andrea Giammarchi", + "description": "fast and safe way to escape and unescape &<>'\" chars", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-escaper@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/html-escaper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f688cb5dd08e0cb7979889aa517480e3a7e5f37a55d0d2d144e094bb605c057af5d73263a9f66c8dad4bc28340fac2cf22aa444f05f28781bc228354a694b7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-escaper" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "29.7.0", + "bom-ref": "jest-worker@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@29.7.0#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "788cf69ac2ff1332fd5054c5171ee305391e65f92ed32500c99659989f771f64d8122ae8231d8f42311773062d625f335c2c5bf8f02603684b22dffa64490f1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "char-regex", + "version": "1.0.2", + "bom-ref": "char-regex@1.0.2", + "author": "Richie Bendall", + "description": "A regex to match any full character, considering weird character ranges.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/char-regex@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/Richienb/char-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Richienb/char-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Richienb/char-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "916597cedbd9e5205057e79180a15e87cab9b0bb99636fbc5942339715954e0fa81b0635e2aca5c7529b2b31ddf0fe99624020d31c880d4f4930787224c6758f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/char-regex" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "2.0.0", + "bom-ref": "convert-source-map@2.0.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afa78e7d1eb576144275080b22d4abbe318de46ac1f5f53172913cf6c5698c7aae9b936354dd75ef7c9f90eb59b4c64b56c2dfb51d261fdc966c4e6b3769126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "29.7.0", + "bom-ref": "jest-changed-files@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@29.7.0#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c402b162c1fd41a50fb86d74a9adc0dcdffc781d2ccbe1a976b68cf05690c5a6cc402e32d87728882b87b9573eba1902486d727cdbedf93edcaca1fa6d357db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "get-stream", + "version": "6.0.1", + "bom-ref": "get-stream@6.0.1", + "author": "Sindre Sorhus", + "description": "Get a stream as a string, buffer, or array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stream@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6ce968beda3de3423aa2ef4c3902537c0c59e44b00be32a9b113374400b076a976585775ff6f50937e03cb18934c7805b174f7d4f053b59acdcd51f68708f62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stream" + } + ] + }, + { + "type": "library", + "name": "human-signals", + "version": "2.1.0", + "bom-ref": "human-signals@2.1.0", + "author": "ehmicky", + "description": "Human-friendly process signals", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/human-signals@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/ehmicky/human-signals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://git.io/JeluP", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ehmicky/human-signals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07814567aabf4f68e1864b2091b116dc706f5887c35bce6c9e44206b0b74ed2ec9e505d393a064355fb4c80799acce50a4c01d625a1c1a89639f4b09fd642417" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/human-signals" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "4.0.1", + "bom-ref": "npm-run-path@4.0.1", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b8f16cd95bbefbce1348ae7ee0c4e94848d02a8bd642fee4059d175b7881e1661080e94aa990e4fc4f51bb06f7dd80fe04afc805e2c51b692d22ed0bc87c25b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "strip-final-newline", + "version": "2.0.0", + "bom-ref": "strip-final-newline@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip the final newline character from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-final-newline@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-final-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06ba6f7cd004ddd72fabb965df156e9b38ca8d9439b48d6c11420aaf752892cd17525e394addc595ab55a9e7fda6b9388d10f3856e96660fb76e4f77cbaa4b8c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-final-newline" + } + ] + }, + { + "type": "library", + "name": "yocto-queue", + "version": "0.1.0", + "bom-ref": "yocto-queue@0.1.0", + "author": "Sindre Sorhus", + "description": "Tiny queue data structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yocto-queue@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yocto-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad592cbec9cd09d27fa2119ceb180fc3237c7a1782c6c88b33c9b1b84fedfe6395a897b03ee3b59a22e94c74224604ca08b7b12f831e00555a82db3b1e6359d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yocto-queue" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "29.7.0", + "bom-ref": "jest-config@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@29.7.0#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b976e97de43b47a4d906a237fd3c42538ab8b6d937bb43c9782f84d336df4a84a3aba6c9edbb813f1cd03cbd227eb918e0336ee0951d9342269415188bce3479" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config" + } + ], + "components": [ + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-config@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config/node_modules/ci-info" + } + ] + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-sequencer@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@29.7.0#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190c09e56655aca9ce26e898880179d94354257813671d4d1e3152101d2a10c99264a02474ca08cf0fc28fac7a345e00bd5db7014a83a45cd090dfde602613c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "29.7.0", + "bom-ref": "jest-haste-map@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@29.7.0#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cff2eda9c9fab1d0ad6b1a7d51f69c84d3f2939fe1bb3f192d5a274e053a853cb617d1bf64b1a3059212b9beb4b70d5ba7d3da5c90b765c7dd10b61956ec098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "29.7.0", + "bom-ref": "babel-jest@29.7.0", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@29.7.0#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06bbc6637c594b011c0b32af2ac0a2d86807a83aac62438fe3f6f2e710a023019743120487ef1ec37826ac4d72ed7451e8b1d9223eb22d89d48bf9a6d8a5ca06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "29.7.0", + "bom-ref": "jest-circus@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@29.7.0#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc4d6708c822a5c4e40a8705c0cf745d741a6fd6d2f8632c8dda663eb95e95ac700fddc077c8951235ffbef1cf74b3e715ff8be34bbee7e8aeb51740d4df66cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/environment@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@29.7.0#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69021f1c3ab7dc4c6c3788cfd4d5865e1c6043fc22c6ceb480388a3be5d531df0c9f43563d681cdf86500d36f68ca694590eccbb0a22b5702c3765d55cd32903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@29.7.0#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e31e00cc9cb6da6f6b73f59411c1f157224bd5745c0af71b298fa62a5dc905db05cba190b40e49ef04fe9f7647201d4e84ba643d6d1645fe0a486810213475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "29.7.0", + "bom-ref": "jest-snapshot@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@29.7.0#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "466d01316b7105c8a81ebd7f397e5808ff14a2fe2b887bca3e49ce1acf34e1983d2466609880646ed971242ffb6789ac29855b209b5f53eb4a6fcc6560d7dd93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "1.5.3", + "bom-ref": "dedent@1.5.3", + "author": "Desmond Brand", + "description": "A string tag that strips indentation from multi-line strings. ⬅️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@1.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34742d7ce396ebc583f25832a5b2c0e684fe06dd315c986262fa11e929a635765fa733865f074a5a67301bc37b3f0555595dde17febc9e60fd05a252b13061c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "29.7.0", + "bom-ref": "jest-each@29.7.0", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@29.7.0#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "827b3e12bd78f99ac4a02e5f84e7d8098d4b3871ebd1323ead0507652f13b70da5ee097ef3478773f8057f62ad930d3e4880020d3796be915cbf7074e157a66d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "29.7.0", + "bom-ref": "jest-runtime@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@29.7.0#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8149cb8e0c1d1aa5bb0782ef38891b2acf5619b9fe40ba91410f63b82e879dd78389ecc8c210cffa684cc0758211c7d0e515176ba38f9c517c049879c5e830c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "pure-rand", + "version": "6.1.0", + "bom-ref": "pure-rand@6.1.0", + "author": "Nicolas DUBIEN", + "description": " Pure random number generator written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pure-rand@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/dubzzz/pure-rand.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d559ac2fa19a01629a7ac88a10b505c76639b3df94525479d439379f97c55c8ebf2c9d33d8d709e948f3167a4705c1bc48ea0b664fbad260f16fcfbd6576238" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pure-rand" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "29.7.0", + "bom-ref": "jest-environment-node@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@29.7.0#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ce4b0091a978ab4ceca178cfb87796193ab59c76ed0b359f3b7b0528cb06dc6f65d1e302a0aa21bcbcd798c218c531b1247e3bbbc31d86607d0fda07af1af17" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/fake-timers@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@29.7.0#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab80c7d476b84d314f7712eca835cad5ddfe8a848bef22f9a023096600d89ba8bee82ca05b9139c55aff0f51ddb06c63b7565649f500b3d3b1481fc135e956ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "29.6.3", + "bom-ref": "jest-regex-util@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@29.6.3#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "289241b110b2c8b35608d04ebd9c910e70087d489127cbfe84e0506069fc803c85dd47a0c223f8830451dff4836b8da0d586d5c9c4e2754177aca8f22c50d66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "29.7.0", + "bom-ref": "jest-resolve@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@29.7.0#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20e561652ae0f94bd502c843483b47c8508205497f43700026ff2267a6639d9ef8c73bf0bb32d789df482083e04e763ad922637eeba930a66c65046c0afc4480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "29.7.0", + "bom-ref": "jest-runner@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@29.7.0#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ec73837a70f0806a1c9b1817d345cab9c0547a7e92f39cc838eec639683a6ca1e8ce7156056f4ec01ee4a747496231c3d3801b00dd924bea414e8cf768362a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "29.7.0", + "bom-ref": "jest-validate@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@29.7.0#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "641ef01ea691195c3ff61493fceb85511786eccf2f29eab4fc9d9e80818b76f8c70a662a180461cd79ad822fa055e679b97145db5f5a39cdcbb36c8b836eed93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate" + } + ], + "components": [ + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "jest-validate@29.7.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate/node_modules/camelcase" + } + ] + } + ] + }, + { + "type": "library", + "name": "bser", + "version": "2.1.1", + "bom-ref": "bser@2.1.1", + "author": "Wez Furlong", + "description": "JavaScript implementation of the BSER Binary Serialization", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/bser@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/docs/bser.html", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "810c53344fc601f208ae61cb504de8272a7914ee874417e18e7c38ff032603add91832675819a063f972401a670d490698085b49edfdb71d9dfe24ce01f825c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bser" + } + ] + }, + { + "type": "library", + "name": "node-int64", + "version": "0.4.0", + "bom-ref": "node-int64@0.4.0", + "author": "Robert Kieffer", + "description": "Support for representing 64-bit integers in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-int64@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-int64.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-int64#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-int64/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b9973f75c5239ea173fa0ee9721df965a6af84834d0c5a2b5921bb4f7e8484bea207765e607dc63a858cc35a78f4a83e6dcf9d8f234f2ef6a52f49579405e1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-int64" + } + ] + }, + { + "type": "library", + "name": "makeerror", + "version": "1.0.12", + "bom-ref": "makeerror@1.0.12", + "author": "Naitik Shah", + "description": "A library to make errors.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/makeerror@1.0.12", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-makeerror.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "266a82bd4866b78de669d9691731b8050cc6d99de6eadbd00cd29d0a56673b755b22e749626c6c4f414d24c7a2076f894d295341349b53c41d7ac566c097262e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/makeerror" + } + ] + }, + { + "type": "library", + "name": "tmpl", + "version": "1.0.5", + "bom-ref": "tmpl@1.0.5", + "author": "Naitik Shah", + "description": "JavaScript micro templates.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/tmpl@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-tmpl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddfd2e384010c08a86b965b6315cd883c7d5fd036773f229b89346f37eeb2ee73301a2d51ec9561d9423e081a2125e47b379246e1c0bf406fb1ebb26ba3f929b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmpl" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "29.7.0", + "bom-ref": "jest-resolve-dependencies@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@29.7.0#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d330ffeaac49f92d1eb7b5b1788dc7e5749ef654c1051edb3870875e4291ea5b86e66c030e5233550d15e5c642ba84e011d71dc334e085891359fb9b8be9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "2.0.2", + "bom-ref": "resolve.exports@2.0.2", + "author": "Luke Edwards", + "description": "A tiny (952b), correct, general-purpose, and configurable \"exports\" and \"imports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f6516e8dc379ff68c803572fb4ad2aa01e5bf7f56640959ad709d9dbc8488a9b5ec34aa1d7e0c99031a493dc56de591e454ee45c530600ce265a8e38b463b9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.13.1", + "bom-ref": "emittery@0.13.1", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0de5b06b093aaf9c91f631609c3298b78b0b4b42e61c9262dd93a76f9fc975b6308f79d6f85c509c72238412b3f182c2ee844d3d533d350e3b237095c77e1ea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "29.7.0", + "bom-ref": "jest-docblock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@29.7.0#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abad7b02ec3703ad7682ec9a160b1b15e62934fe6dd9aa1434bc0151b73fd240f5478b7d8b10dbc854c77759e89387a9a15169afb3e67961eb86fb95dd7689e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "29.7.0", + "bom-ref": "jest-leak-detector@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@29.7.0#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91803c20971262d493d8163d23e48c0b7da70e9053dc9d8dbd6271f3e242b82765fc247523810a50944e88ff17b42731aa04d304624d75b07503c5d129b4deb7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "29.7.0", + "bom-ref": "jest-watcher@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@29.7.0#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e3d160ed65e4537565da1e8b6cbb4c43f1f207aad74885fb4aabc12d09acb1104637d2343cdbcf980982592398e923afae3848fc5eff6c602ff51b67b0f034de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/globals@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@29.7.0#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a98b3dddbad2db916d8c345b9b50650454b9131a2a96eb22d54c0f896cfe9f23a27988bf58d0d960f24f79a5c17c72d2b0092ed6571b5e06cdbd8617c0a2dcd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/source-map@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@29.6.3#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3078d3f7942e8a970fae92ccfbc24c4b3171e9e1e9e419bee177850c9970b2f5418e628d88802f6ac18ad9fc73d966c64659efa9e8456e1d3b30c6bb9f76099f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-jsx", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-jsx@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of jsx", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-jsx@7.24.1#packages/babel-plugin-syntax-jsx", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-jsx", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e0adc595dffa46e4308b174b8a684ef4f862ee6b5e245afbdc46553e7aada8218e605328ca4535cf51e080e20787a66a8f5e3b6d8ec7b0b1b891bb060131a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-jsx" + } + ] + }, + { + "type": "library", + "name": "helper-plugin-utils", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/helper-plugin-utils@7.24.0", + "author": "The Babel Team", + "description": "General utilities for plugins to use", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-plugin-utils@7.24.0#packages/babel-helper-plugin-utils", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-plugin-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-plugin-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c5339d7306d3e17146e25fbcbf364254ea2338555bdb0bd0a8cc3c784038ebe94062fc42d7719c12882e306ac651f2962cf4c826b51bdd3765723f16e1f2db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-plugin-utils" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-async-generators", + "group": "@babel", + "version": "7.8.4", + "bom-ref": "@babel/plugin-syntax-async-generators@7.8.4", + "description": "Allow parsing of async generator functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-async-generators@7.8.4#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b727266719067d96b184c45b5e53d7b95169756957a62af65b800c85226044ace4fde0e52173a16f62c75a82e90c5ed3107ca5579ccd872917e8a0201c999337" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-async-generators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-bigint", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-bigint@7.8.3", + "description": "Allow parsing of BigInt literals", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-bigint@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c274e71651be631426def0f1a46139ecf8f4b2b454e2c1c4fe60e4b75aafd9824949e50079cda66b858b52750f78a8f2adf9ed5707bf37a7425e953eccbdcda6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-bigint" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-class-properties", + "group": "@babel", + "version": "7.12.13", + "bom-ref": "@babel/plugin-syntax-class-properties@7.12.13", + "description": "Allow parsing of class properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-class-properties@7.12.13#packages/babel-plugin-syntax-class-properties", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-class-properties", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-class-properties", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e6e227632a56b461a85436014d2c2074ab249db283e264fde2404deb932d26054b4c676df20c9f5225d83a7574d20e7ba5395aa21771e0afd9db5ef5d341960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-class-properties" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-import-meta", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-import-meta@7.10.4", + "description": "Allow parsing of import.meta", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-import-meta@7.10.4#packages/babel-plugin-syntax-import-meta", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-import-meta", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62a7e6f970f1d3e3eb8775527844023d4f35c82f89599da90cf1524b865da5f661a7832414c6830b552ab1ea2f10ac125299c82fbfaf2be0a5a7b6df874883ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-import-meta" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-json-strings", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-json-strings@7.8.3", + "description": "Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-json-strings@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ea4746a561ef8e87b6be4e16ac06a912e051ebd10cc5997e46819186b14635854af2638f016f157db4ff660ac56d794336289ac509c0b6054267a8efdf410" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-json-strings" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-logical-assignment-operators", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "description": "Allow parsing of the logical assignment operators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-logical-assignment-operators@7.10.4#packages/babel-plugin-syntax-logical-assignment-operators", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-logical-assignment-operators", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77cc1a4a19691438a743932dbc653dc4300ecca1f8efe145a277b2d9b68522832bf79da128e2e9d4747b56cce866f3ac57fe3e451b33358ec3d7b6dad2d7b48a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-logical-assignment-operators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-nullish-coalescing-operator", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "description": "Allow parsing of the nullish-coalescing operator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-nullish-coalescing-operator@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6927dfe333c8235bb6403ef2f85f280eccf5f5ec3820610983d4955be6eac29c2d7c595e8900cc77303f47e525583cdf9c7142c7195e153d0f308ad1dfa5cb35" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-nullish-coalescing-operator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-numeric-separator", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "description": "Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-numeric-separator@7.10.4#packages/babel-plugin-syntax-numeric-separator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-numeric-separator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f47e9875f91c2bfb8e9d8fcaeff680db1a73680824427dfbcb35943112bb39a3cea8ea464b5fa7d07e61c53f40530f44b128cf5bc495c8c270611b56b375f7ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-numeric-separator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-object-rest-spread", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "description": "Allow parsing of object rest/spread", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-object-rest-spread@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e8a8c8a31996fdcb7cb65ec90df8fd70506895c16679266a03470c79fb71a612994dc95336b360e0f082c5426f2b58ce3ca2b1b2e58a48e4197c535cbbc9d94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-object-rest-spread" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-catch-binding", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "description": "Allow parsing of optional catch bindings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-catch-binding@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e953c3d0f7359694eac3468aa1e45332207e916840a13db83c0fa4b16481ac5b65e52211569665c0ddcd34f4237a103613ff75155dd18cb5a855382559c495dd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-catch-binding" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-chaining", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "description": "Allow parsing of optional properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-chaining@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a82bd12b1f53019423f15745403645d6dbf770e2f95b183ac5833f1b994b0119890545c6d1c0c87a70826e6dd3eb931470b8676d0a4d2fff03d329b42006392" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-chaining" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-top-level-await", + "group": "@babel", + "version": "7.14.5", + "bom-ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "author": "The Babel Team", + "description": "Allow parsing of top-level await in modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-top-level-await@7.14.5#packages/babel-plugin-syntax-top-level-await", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-top-level-await", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-top-level-await", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "871fbeba92efe54d6b8187f07b5c41414851994e35344be952fae9f2392b48276f1929cce7fa9d44cb72949e8f1b938590168791b4c02939dddff63211244717" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-top-level-await" + } + ] + }, + { + "type": "library", + "name": "pkg-dir", + "version": "4.2.0", + "bom-ref": "pkg-dir@4.2.0", + "author": "Sindre Sorhus", + "description": "Find the root directory of a Node.js project or npm package", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-dir@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pkg-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1d10f36da2a30be00e5955f1014ff1e7808e19e22ff5e6fee82903490a0d4ede17c96a0826fb8fb178b3c6efc5af6dc489e91bb59c2687521c206fe5fdad7419" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-limit" + } + ] + } + ] + }, + { + "type": "library", + "name": "resolve-cwd", + "version": "3.0.0", + "bom-ref": "resolve-cwd@3.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from the current working directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-cwd@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-cwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3ab65a5f631bfab242a47ffa0a94aab7dc4556937efb1d355e737689ef60e8fe7fdf17a52c0917595003a5dcf52070ff2857c45f213a574534d4e43750edab12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd" + } + ], + "components": [ + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "resolve-cwd@3.0.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd/node_modules/resolve-from" + } + ] + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "29.7.0", + "bom-ref": "jest-cli@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@29.7.0#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3955686f0d88b9b37f19262cc444e2fa039eeca6b9f4414c47fb70394dc96f61a728a78c189079486514ac4cf7485566240494759533cbcdec2cd350da066c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "create-jest", + "version": "29.7.0", + "bom-ref": "create-jest@29.7.0", + "description": "Create a new Jest project", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-jest@29.7.0#packages/create-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/create-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "01dcf66dd1f456adc5e772843093a87ed405bad582ba49ba276e306cf5913b893590c63b812eddb3fba826436e57cc030ad5969eec06709c2959c8a1fb3116d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-jest" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "8.0.1", + "bom-ref": "cliui@8.0.1", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05278d9f2bacef90b8fff350f6042dd7f72c4d7ca8ffc49bf9a7cb024cc0a6d16e32ca1df4716890636e759a62fe8415ef786754afac47ee4f55131df83afb61" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "get-caller-file", + "version": "2.0.5", + "bom-ref": "get-caller-file@2.0.5", + "author": "Stefan Penner", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/get-caller-file@2.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/stefanpenner/get-caller-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f214fdc133fdd81d340e0942ffc343991d1d25a4a786af1a2d70759ca8d11d9e5b6a1705d57e110143de1e228df801f429a34ac6922e1cc8889fb58d3a87616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-caller-file" + } + ] + }, + { + "type": "library", + "name": "require-directory", + "version": "2.1.1", + "bom-ref": "require-directory@2.1.1", + "author": "Troy Goode", + "description": "Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-directory@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/troygoode/node-require-directory.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/troygoode/node-require-directory/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/troygoode/node-require-directory/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c6c4423bfb0b06f71aef763b2b9662f6d8e3134e21d1c0032ba2211e320abc833a0b0bf3d0afb46c4434932d483f6d9019b45f9354890773aff84482abba2f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-directory" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "5.0.8", + "bom-ref": "y18n@5.0.8", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@5.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d297c5cde81e0d62472480264cb44fd83c078dd179b3b8e8f6dbb3b5d43102120d09dbd2fb79c620da8f774d00a61a8947fd0b8403544baffeed209bf7c60e7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "2.0.1", + "bom-ref": "argparse@2.0.1", + "description": "CLI arguments parser. Native port of python's argparse.", + "licenses": [ + { + "license": { + "id": "Python-2.0" + } + } + ], + "purl": "pkg:npm/argparse@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f3ef56a9e6db173a57f4e47e59ae8edbd6ac22881e44ccdc1ad00835da4c1c7c80835d1fd3969215505b704a867ff3d7c35123019faadbf6c4060dc3beeacadd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "json-colorizer", + "version": "2.2.2", + "bom-ref": "json-colorizer@2.2.2", + "author": "Joe Attardi", + "description": "A library to format JSON with colors for display in the console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-colorizer@2.2.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/joeattardi/json-colorizer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-colorizer/-/json-colorizer-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7aa19b70575a625eb42744d4ed25ea91bfe07d63f7570182ea04169897f08e71476867180b04b00ef3cf829e46d3e8cc4db3473913d98f0486f6b0570dcf7bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer" + } + ], + "components": [ + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "json-colorizer@2.2.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "json-colorizer@2.2.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "json-colorizer@2.2.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/has-flag" + } + ] + } + ] + }, + { + "type": "library", + "name": "markdown-diff", + "version": "2.0.0", + "bom-ref": "markdown-diff@2.0.0", + "author": "Martijn van Duijneveldt", + "description": "Generate a diff between two markdown files in markdown format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-diff@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/martijnvanduijneveldt/markdown-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-diff/-/markdown-diff-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "625ac74890b6ac0b1e707082ddce556a178aec6a6dd749040552aa2b9012ead91b4e2fa1bfe9393d73e517e8aa010ff7e9720d36aaab2baf13f6811a66a49174" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "markdown-diff@2.0.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff/node_modules/diff" + } + ] + } + ] + }, + { + "type": "library", + "name": "marked", + "version": "12.0.2", + "bom-ref": "marked@12.0.2", + "author": "Christopher Jeffrey", + "description": "A markdown parser built for speed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/marked@12.0.2", + "externalReferences": [ + { + "url": "git://github.com/markedjs/marked.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://marked.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/markedjs/marked/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a97526edefd8285a2a14f60f6b752483dc6523973202d1a6c8423331f5bffe6ea45f00b2d8fb3d0d87f98a88a314a43cab2bac72b1e8634e2224672dbb62a0d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/marked" + } + ] + }, + { + "type": "library", + "name": "markdown-table-ts", + "version": "1.0.3", + "bom-ref": "markdown-table-ts@1.0.3", + "author": "Jiri Hajek", + "description": "A zero-dependency library for generating Markdown tables written in TypeScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-table-ts@1.0.3", + "externalReferences": [ + { + "url": "git+https://gitlab.com/jiri.hajek/markdown-table-ts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts/-/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-table-ts/-/markdown-table-ts-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ae9ec55e606aa661a6b0417dd969d2ba476062f2e6d7914f20e0d93b1f7ede7a1b9312718c161cb33a997f956a4e306d2123d2342ef38d4f68df3c292fa01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-table-ts" + } + ] + }, + { + "type": "library", + "name": "mocha", + "version": "10.4.0", + "bom-ref": "mocha@10.4.0", + "author": "TJ Holowaychuk", + "description": "simple, flexible, fun test framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mocha@10.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/mochajs/mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mochajs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mochajs/mocha/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mocha/-/mocha-10.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7aa84607c24a6a9118702e32b57ff1af329fa2b8047378f5a469405d5cb7791c2bb40cb9fe721f4f54af806cdf3745d967178bab46905a4394026a88262bfe6c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "diff", + "version": "5.0.0", + "bom-ref": "mocha@10.4.0|diff@5.0.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.0.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd54c2aef9b9674246b72fc158796387e0408b0dc82beda3f3b34632ef0dc1cfdfe3c5a80c00b7f79ba898ef590f5d7b64e05a1e6917d68c8bbe454cfda213df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "8.1.0", + "bom-ref": "mocha@10.4.0|glob@8.1.0", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@8.1.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afc869123890118945d9053475fddd4be9f1c5222b797412d6a461309334439343751dfce82ee36fb1f0c2877c1608ae7b1fa4d0616381fb75f32bf19b95e809" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/glob" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.0.1", + "bom-ref": "mocha@10.4.0|minimatch@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cb0f12054728436e5cf7a8cbaaf92a116440f8fa6889fc6fad743ae39249119e302c05ec5e1a98232c44346e5272eeb1e14766fddeb8506384afc96bbdbf4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "4.1.0", + "bom-ref": "mocha@10.4.0|log-symbols@4.1.0", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: `✔︎ Success`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f173efa4003cbb285fb5ebbca48bd0c69259ed2618769522bd9a46cbab05b01b8a458ffbad019abde75e07c68af99932ababa930554bffd016eaf398cdf4722e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/log-symbols" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "16.2.0", + "bom-ref": "mocha@10.4.0|yargs@16.2.0", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@16.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f59afbed0c6d0be5fb7f8c65a42e91b5fa6d1e43139f681bd33442eb6968f6db049550c5b1654bd880961c2a1ea3186224245847e0864f4214784caa5cf2607" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/yargs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "7.0.4", + "bom-ref": "mocha@10.4.0|cliui@7.0.4", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39c444ebc70eb15317a7562fa2797f7f39103b28cb4aeffc6e13c37d0b747b4fc46f6f374ca3f6d05b3632aa0fb2bf52c00e7de6b44203e40ccd873d9c13fe25" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/cliui" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "browser-stdout", + "version": "1.3.1", + "bom-ref": "browser-stdout@1.3.1", + "author": "kumavis", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/browser-stdout@1.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumavis/browser-stdout.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa1015235f80bf65fba9e94e7c0218c1738da2877a5e5644fdf5da052996fd3e52ccb0260a0ce2f9e89613b7d4bdb1da78d0501f5dd47ed8e95f1b1f2e432983" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browser-stdout" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fill-range", + "version": "7.0.1", + "bom-ref": "fill-range@7.0.1", + "author": "Jon Schlinkert", + "description": "Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fill-range@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/fill-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ea3d17e74c5260b62dc6f805b56f9ca2714cf8c29be451a5ee200ee1abce42fb984565fdd8d84aed8e750d8f6b7d36378a2a91283d8abea368b589d94495a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fill-range" + } + ] + }, + { + "type": "library", + "name": "to-regex-range", + "version": "5.0.1", + "bom-ref": "to-regex-range@5.0.1", + "author": "Jon Schlinkert", + "description": "Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-regex-range@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/to-regex-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb93fb8b3e97e7212bd5cc1c82f4316db230ed493780ecb974876d678ac3bde2ea86b7493fe2e2fc7c7ab722b43446fed860b29de08c2621aaac00c248d93cb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-regex-range" + } + ] + }, + { + "type": "library", + "name": "is-number", + "version": "7.0.0", + "bom-ref": "is-number@7.0.0", + "author": "Jon Schlinkert", + "description": "Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-number@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-number.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e350a27e483a7bc4f2952a5db53a5e2d532abd20445734edb47bc4443ef8d7ea6767c00dbf4d34e0c44be3740a3c394af5c1af369e8d6566540656c65d8c719e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-number" + } + ] + }, + { + "type": "library", + "name": "is-binary-path", + "version": "2.1.0", + "bom-ref": "is-binary-path@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a file path is a binary file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-binary-path@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-binary-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64c11161eb3aa43c9dcae1a276c7bb3ac1f1b5b23b595794128ce047f83baddd31522998365bd9444fcad8c8194e35b2ef6e487de94b79570433dee69ad4465f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-binary-path" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09e87eee8c79a9eecb26e2c7a18d1f7a1de91ee5031c071151ec8bd95620859c1fa64348cbffbc39c8346b752e4a86336af9b2970b8b59039fde19748e330c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/binary-extensions" + } + ] + }, + { + "type": "library", + "name": "readdirp", + "version": "3.6.0", + "bom-ref": "readdirp@3.6.0", + "author": "Thorsten Lorenz", + "description": "Recursive version of fs.readdir with streaming API.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readdirp@3.6.0", + "externalReferences": [ + { + "url": "git://github.com/paulmillr/readdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/readdirp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/readdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e4b4f3da27f1176ea9d6e1bd0e59dfb0341128ecab3eaa9d171f7ec314df8f7916e4dda929beedb849dbd26f20eb010c41276a7e433eef6ddd3a3d55194ccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readdirp" + } + ] + }, + { + "type": "library", + "name": "wrappy", + "version": "1.0.2", + "bom-ref": "wrappy@1.0.2", + "author": "Isaac Z. Schlueter", + "description": "Callback wrapping utility", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/wrappy@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/wrappy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/wrappy", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/wrappy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9784a9fc346c7a8afdc0be84bd5dbe4ee427eb774c90f8d9feca7d5e48214c46d5f4a94f4b5c54b19deeeff2103b8c31b5c141e1b82940f45c477402bdeccf71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrappy" + } + ] + }, + { + "type": "library", + "name": "is-unicode-supported", + "version": "0.1.0", + "bom-ref": "is-unicode-supported@0.1.0", + "author": "Sindre Sorhus", + "description": "Detect whether the terminal supports Unicode", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-unicode-supported@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-unicode-supported.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "927c46daae140b7bbcb2d446c8054908e771166bf90d989171d94868041701b49f2726be3a1a29368b4b42bb2d061aaeaaee19a6e29b0dcffc4ba9a05e03c53f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-unicode-supported" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "serialize-javascript", + "version": "6.0.0", + "bom-ref": "serialize-javascript@6.0.0", + "author": "Eric Ferraiuolo", + "description": "Serialize JavaScript to a superset of JSON that includes regular expressions and functions.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/serialize-javascript@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yahoo/serialize-javascript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "42bdd3a2cbe0b85b7c78f5aab2f45facac905c8896fa719b629cbc5cadb83501c4f3771ac56b7e988ca64d3d7d0c615b35634b7c4c2cae44a637ae2555607d6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serialize-javascript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "randombytes", + "version": "2.1.0", + "bom-ref": "randombytes@2.1.0", + "description": "random bytes from browserify stand alone", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/randombytes@2.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/crypto-browserify/randombytes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd897788e5fee022945aec468bd5248627ba7eca97a92f4513665a89ce2d3450f637641069738c15bb8a2b84260c70b424ee81d59a78d49d0ba53d2847af1a99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/randombytes" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "workerpool", + "version": "6.2.1", + "bom-ref": "workerpool@6.2.1", + "author": "Jos de Jong", + "description": "Offload tasks to a pool of workers on node.js and in the browser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/workerpool@6.2.1", + "externalReferences": [ + { + "url": "git://github.com/josdejong/workerpool.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/josdejong/workerpool", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/josdejong/workerpool/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/workerpool/-/workerpool-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b10813dee40d9bc5f566fd7fa8796972b8b304a528651c3841a22186f638ebbf22b0d4f62c23d1f0fffd2b00e84e626f0271a44be1ba59496384a5e0672903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/workerpool" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "20.2.4", + "bom-ref": "yargs-parser@20.2.4", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@20.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e92980d84f4e513bde1e1514016c3a7a262556a8bcef15a8b0f3cb9b1a0a1441150141a0c622ae8c325be43d1c1e07145e19ed5653886de24b3249036f7244" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-unparser", + "version": "2.0.0", + "bom-ref": "yargs-unparser@2.0.0", + "author": "André Cruz", + "description": "Converts back a yargs argv object to its original array form", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs-unparser@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-unparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ee9453200f5073571a6746d9e9161119b1c9b61256b9a91ff969872b4ad578b90daeb1a17e869b04d76e7ba91d20d23aaf889fee872af5a0ff9fbc7028e77338" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "yargs-unparser@2.0.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser/node_modules/camelcase" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "4.0.0", + "bom-ref": "decamelize@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f621353e04a293d1de208c3624ef78222767137781a10ac5277c3bb05bb3497e03a66677bf9b19a54895e52c1c7fa990105f98d2bbbc35ea3ea7e9f287627e85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decamelize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "2.1.0", + "bom-ref": "is-plain-obj@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6169dfc91c312fff92b2b5987cea54b73e5bdd80fe9f27e41ef8db71a9f393cce0c8ee00483ebbb95311b7c9396cce252cc0e75dfae24613a97a6c3e35f4f578" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "version": "5.2.0", + "bom-ref": "mock-fs@5.2.0", + "author": "Tim Schaub", + "description": "A configurable mock file system. You know, for testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-fs@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/tschaub/mock-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tschaub/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tschaub/mock-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9d17647a60c4996e98a9d55d561ca18b363aff938f2e40296a3156f91f730ebf073daa1622b37fc859b8f4daa220fd8f0c0d7285178739bf4af1c76a3ac5367" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "version": "1.3.6", + "bom-ref": "objects-to-csv@1.3.6", + "author": "Anton Ivanov", + "description": "Converts an array of objects into a CSV file. Saves CSV to disk or returns as string.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/objects-to-csv@1.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/objects-to-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/objects-to-csv/-/objects-to-csv-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfcdde4a94b786680292c5bce4a22a06d71b8125b90c356c0a6ccba0ce82deae32cce5f6ae6b56c45e296cb27be9fcfeb9f03ee3f4b0013e1075a63a2145a602" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "async-csv", + "version": "2.1.3", + "bom-ref": "async-csv@2.1.3", + "author": "Anton Ivanov", + "description": "ES7 async-await wrapper for the csv package.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/async-csv@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/async-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-csv/-/async-csv-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a9b0237e0fb9b365eaab943c3b5133e1bc3403971d62f35f44f5f6ca22df1dae48040f91523a506fdd193ffac5dd7af9cedb0c2546454e43891d4f4032a8fa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-csv" + } + ] + }, + { + "type": "library", + "name": "csv", + "version": "5.5.3", + "bom-ref": "csv@5.5.3", + "author": "David Worms", + "description": "A mature CSV toolset with simple api, full of options and tested against large datasets.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv@5.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv/-/csv-5.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "413698d178e385340e760b80445d2518a9b9fe612af4f0fdfd585965e8070c806adad43080da47737767783e261a8da226cf9f4cabf9069d1f67e051b98dd9d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv" + } + ] + }, + { + "type": "library", + "name": "csv-generate", + "version": "3.4.3", + "bom-ref": "csv-generate@3.4.3", + "author": "David Worms", + "description": "CSV and object generation implementing the Node.js `stream.Readable` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-generate@3.4.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-generate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/generate/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-generate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-generate/-/csv-generate-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3f4feaea474bf0bc7a96b3fd59c8c0d6b471d225a374ea4951a895c11290c968cffe75992ca3438a87555cbae62f2b75cce772b2b1536af0aa3f7a908af303b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-generate" + } + ] + }, + { + "type": "library", + "name": "csv-stringify", + "version": "5.6.5", + "bom-ref": "csv-stringify@5.6.5", + "author": "David Worms", + "description": "CSV stringifier implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-stringify@5.6.5", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/stringify/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e3890eb9f5a43e7d44d0a92addd571039ceaf9da3877d1106eadfce4b1c684dad3da16c0c7e703801c98b0f17007a614649c2c0c504f4a45ac9ce0afcd6cef0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-stringify" + } + ] + }, + { + "type": "library", + "name": "stream-transform", + "version": "2.1.3", + "bom-ref": "stream-transform@2.1.3", + "author": "David Worms", + "description": "Object transformations implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-transform@2.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-stream-transform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/transform/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-stream-transform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-transform/-/stream-transform-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f461d488ce613220a2e98d378c3d80442d5eb6d0579100684007bb9c9b0f9279c8d28c35d1a5e34e77b0f10b584262e3ce7f7be019e658400980263a64fd4379" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-transform" + } + ] + }, + { + "type": "library", + "name": "mixme", + "version": "0.5.10", + "bom-ref": "mixme@0.5.10", + "author": "David Worms", + "description": "A library for recursively merging JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mixme@0.5.10", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-mixme.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/adaltas/node-mixme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-mixme/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mixme/-/mixme-0.5.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e47efa00d5a29c1d47dedc2927a258f2ebc0b69985bc7340ae98a52408d744a5d20c32cf20ca1902bc39487d2af73fa52ecf08accc3b436556a568a614a153d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mixme" + } + ] + }, + { + "type": "library", + "name": "oclif", + "version": "4.13.0", + "bom-ref": "oclif@4.13.0", + "author": "Salesforce", + "description": "oclif: create your own CLI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/oclif@4.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/oclif/-/oclif-4.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c12b4e4be3963c2c513ca2bc87a037648009aeed940377b6f568d791ad2085e0fd64a60375495d8e3b6df2d2930dfac3ac64009d17f06de32f4baea28620726d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "oclif@4.13.0|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "oclif@4.13.0|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/debug" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "oclif@4.13.0|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/ms" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "8.1.0", + "bom-ref": "oclif@4.13.0|fs-extra@8.1.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca1950800ea69ce25428eb11505b2025d402be42a1733f2d9591b91c141f45e619cb8e8ec0b718f9989ad26b5d1ec3a8f72fe13fe0b130dd1353d431a0eb46e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/fs-extra" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "4.0.0", + "bom-ref": "oclif@4.13.0|jsonfile@4.0.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@4.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ba175477cfc8e395fda29901d2d907b3e6c8ca590cdbbae86e27f14a605459bcf1373ee1dc48c559cdfb0b84654e91f776d286cbe5258405ec394a196ab8dc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/jsonfile" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "0.1.2", + "bom-ref": "oclif@4.13.0|universalify@0.1.2", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@0.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac125e2390970259b2d6957eeb5ed607d27add4e9771acc71c5d9fd9d6c98b1e17ce9505d114b765b8f414620e080bdae4ffddfc604e61a002435c3ed1acd492" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/universalify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "client-cloudfront", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Cloudfront Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-cloudfront@3.575.0#clients/client-cloudfront", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-cloudfront", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-cloudfront", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-cloudfront/-/client-cloudfront-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a3a39ffdc9954b510287ef7fc531f8267a2b003663279a9c563b7b40ef5cad4106549b9183585e20e327c7a14d6745e453c284854a1c3b32f69d641a6e08693" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.575.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "602b2d55a5b9b40bd7b3ebf82d1f603403be55184839b8e4d7f92709d550e504114debed550b5d25678dac3658a38013a343871b2a860a3e59d3d4d632ff9ed5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.575.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0cad3e09d9d462b247f42453062f954d06a3ef73a8a035adb5f0b1812731d798bb26d567c60869dc7bce11ed4d944abf283ce7a7bb45f34822ef310c996c659" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.575.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d75ed4fa44248b65e829c6107dea6695170dc67eab10b1a538538143c6762530571181db956da47b4ebb6b408b9b1170a7fcc25ae73b2068ddde29f7c78437ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.575.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac474da6a5b68c47399306dffecf57432c0c2d094890c8ee08aea6c3db05d8e5511871959e1fba7a1ff5245c7c2a3f9e539d5cb627d0eca6877bc746728f0761" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.575.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5765a82c1897342738ac8599b7a15470fe13374564d3603d3cf0815a44dfc8ea288aa7eaf96666663451069c25d7ee54b2f011b25aca585d15ce178c4573c92d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-host-header" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.575.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec310ac7d675d4c69ac9eec57e162d0bcae36ccfcf70570c3b637840401fca97205828fec3882c784d8e19d7c01fd3850e815ce98bcba79defd7abdb3e3cd04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-logger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.575.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae2f3d95d445a2ce8a64319a92758f4b65cf3bdaabfa067bfa63daa14f189123355b8b8aaad9d448e37273e3b7085189aea45eb861e146ad25d9295dd1b8f03b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-recursion-detection" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.575.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7d696be117eb50d4b64773e03fe5aca0c60e44082fff8ecba742747dbddd5ced58bdd73335675d45b152517d8c43133fcbd5c57d03cba4b83396e8682f70a37a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.575.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0124ac1358a096bbdcbc1735c88a3606c242abded0e43d733b072953a1ee96fad1a4a783a2ad5e225eb580f7345e3704d37a9a311ee7e87ea8c62bd06d708f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.575.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eb9e89501acd305f176036e762ad1d783a034e6ab1fb59489fdfcfb63dde289d91fe2fb5e820b7a6d04800d6d469805a70da914795908d6801c33520446a5ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.575.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c02e71f95eb0de446547a5fa5d520db003c3606f93cecdd6b61970f982ed8ee3ce0d435921002ab000476a1c677a417202fb1efb5f76f47c28f8268bf811d918" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.575.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8800e89d7c9a5e0c2f0b84f4a91b8358274a227cfcd865f67327b3abfa2a5652fc6cf63b1c3f23c1966bbae25dab9b646898b51216cee3e7f592c66a3a264abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.575.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "930cef05f0342e820b0ce152e8157cb8e924b011eb62e94fea43577a00797999c348d89ae436c1b17ab143f1e49cd1796b8dbd496430d9a690244810bd907554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.575.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "613829ab7aef6015f35ba3930c1d34704efd7af42db2cfe5cf61a525782aa955c3d26ee2efb84603ccdbe3855ebcffd6c6d0da8925bb4928eebbc542046b20e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.575.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c507d599823ef4aa91be1598f1fc84967a5c5540415208bf1e88e2de853a58bad48eb5fdf24f771deee0283412c877fbca430b5002585b0b15e008d0da3ea78c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.575.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d33a6bfe5552e3607b773ac91bb1bcefb8b2b2e849fa877e44067d40df8537532699639697e773d877cf6362d7e6ae78e1cf64c34558892d1c3717e7050606" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.575.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbfe4d255ecc672b0a825a89490fcef0e10b35cc0b707df192769b2fd35a82dcc1ed1341da9d405174745254decbdb120cb2f8a0298d6bffae9d8ba0956fc086" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.575.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36d5c0f4e3c82aca9abecd85ee184b4ffb766438f026cbd07af8f7d68bf536999335831cece585583a6d386eeba69b1632c93928a99f88bdaa5624099decd734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.575.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41cbd51fbc29be91515c600680205f41e885fe9b43d0d27e1eb73c74361f3c6845799d04a1540160da612e2db9c5eec967e5db6aa08aad444766daf87c010e27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.575.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a5156a40b64b43dd7072e3b7ad1bcd062972bd2e1dec3423172e3712b34352d1f751210252db32b10bca8adb651099d14aa57c6d84d0f914a93b7cd12aad1fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.575.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f3433d0a109232aa9f80f6b7bd2a5736df76d95a032f4a05d1b9f2a0f5c8d595c6af1187f957770981f9a1363d26a1b727d58a465d091a19885cf10e1e4850" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "xml-builder", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/xml-builder@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "XML builder for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/xml-builder@3.575.0#packages/xml-builder", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/xml-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/xml-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "716800c266c560d085ccfc312fbd39fa55a9b3417766f39c92e7ddd8a2a8119526b69570f7fb7151736b3f24945d29914d2461a1ab4830004d7d2b56474e376d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/xml-builder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-waiter", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-waiter@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for client waiters for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-waiter@3.0.0#packages/util-waiter", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-waiter", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-waiter", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-waiter/-/util-waiter-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9f1172711832c2a2a44a5529a8d1ab86c5aa9b882a3ef28a61fb86ae79f62368dc6338b2926363315507d1ce8eb93da66fe1fafee655a0f9abbbbd2b8927fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-waiter" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-s3", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript S3 Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-s3@3.583.0#clients/client-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a52ef09dcba04ae210f1182d44813d0f2b2d76677798c9e37e388ed62035521197932020a09cd0e231f4afee57f9e5a660761071fcbd7d44174f682a577b7d18" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.583.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cedf09ab1573e2da4344e3a943d570137d1aef74dc577780e54c5a2ea169abee5beaa1491c6e6b64576aff5c2859036cf41e20daba9842d5ef1bf2568955e4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.583.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4333189e98f0d6afd758d90e00ca2c6446793f86f4ba7ece8e5b1b950b3d563b8ed885a01f3ac10602040c8032cb68e7e3fe82d4e43d78b9334110f1a1e2b04" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.582.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1f983f7a21073d83575bcaa942cb1bb97c21bb90897da75368379faf1815322dd6e63c25773dd83df6744760426ebf63201b1e405051833cc1dca9b2699d923" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.583.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81372a415e7cbbcc91fce52cf10e3f2cd666cb5eff5cfd56ead2a4774773ce8f689d67acb007faa52110b55f006ebf8f56be0f24035c0a5e4dcade3ae971523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.583.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c553575d70d6bc1548fc0795b52740f5256e9aac6265a11293f269527f463249ad4ca7ed7abd02c1e6a9fb5890f63f1b4403b4bcd8662246dcbdd0754b859553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.583.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642f666f68eae811573d8b14b03dad99872796677ef4f18dc2714d9fc8e4e1a6e76b9263936c0392737cd726e4b66051e6db4df56f2e82692db8ab6f00c20309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.582.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9063942b0e6bc8f90321807af4f8cadd289c54b4db581d3aa2e14dd96d44bea509a644063c0506cd872898ab6dde625a0937ffd647e8687c0044097a28a48ff1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.583.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d2858d83fca9b3a72d8e111e2ffa89f4121affec573fb44f0d0a85299db306459b98b2cea0c59746f97cb8a5010faa827be0c699cbbdb247d55de5d27ac11" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.583.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bfd44bcbf6d05ecd2894fb4ead1b82bf90ebc57cf8e785e4f82525ea8cf33bfaf8cace0a768f1a7527d30c77af73b388d55a89fddf6ccc786823ac2a65ccc12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.583.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d276326881b596708248f8f862d5af3ab0983e83f05069b6b15993b3e71a449feefd50f2dc58348ea063ddfc4518582789415b870d6e13ef5a80f1025f741f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "sha1-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha1-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha1-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha1-browser/-/sha1-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "349b61e5cf7dec62c7b3a9ce613cc52936d874c340ebfd5794a5609d9a1a65c43bcfb50994e823d8975b1c4f2d8982d2ddfcd734282e72defb48f19ab76ada4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/region-config-resolver@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.577.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e0284214008dc33ab1ff18e0df3805716f00962e91f42f797051022964ffec250cd43d0c1af91c9521f670b6ab9870a626053aa272a426ba05b56a74907860ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.577.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eabed1636d232dc9c653595c037bc0d15a8beea0c6c0e789e1528670554eab5bd3920fa359586479d7605418715a5b35b45a0f3ef838f5d05aca4c6d97b6a7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-env@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.577.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "271bb6e798f4813a0c1848aab9f3fc66d288f075bdd2538b8f02772eb7650ff34bb00634b4e41fd5f59ce77bb6f215a698d18cc660ab2f6a7ae883a030384353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-process@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.577.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a29fa056b4e897c488084eb27737073e6363f5b954fa86e611e0471b03f0c950f5b23b49fdcb95052dec0fbd56cb9119f5e49784a84ac12d4ac772592238ab7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.577.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6461c6351682b49266b336fd5139c2ee2ccd0ad454b6d74f94b74c921e3528f4b7daf7ddac10c7b3526ba5b6628c8b518f5c4ab8e5ec8984972c068719c2e1f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/token-providers@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.577.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d02908669702dc3350250d610e39b66dd4b2fd78ececdcb962f4ac69c6ac18e90d7e4f85764890cba37aedb657dd96dcf4a231f8dcf86eede20de3523699679d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso-oidc@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.577.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e398a48f0d6b9e59661516915c6763f77c8ebfa5d4150dad05802c986613a724b8041d921c04183502c9e455669c06e2e8a69f5756dda6fbb84eeae818d7fd6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sts@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.577.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e74f4a9258a6bdad575658466e94e9797de438fe8e4699b8e2dc09c431e96bd4d445b9a86b18fbbde5a59cb09b0e8af10d3adbb03821bd866c86f70bb288d5a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.576.0", + "bom-ref": "@aws-sdk/core@3.576.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.576.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.576.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "283bc395b7a2a524c87fe7df2ad4e0d66e35f532bbb3d9994960bc6efb99f6ac7afec8d014e5c828e56acae962e839dfc466ef45cc2846e63df4e7021f537fd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.577.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a96751ce32cad704d7337341d0a6fd15323a80129734f43500ed183781425f9fcba684c2fb03b6d79d4caa3c0f92e78ab7f7b51883595e40a7529f6dce8b041" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-user-agent@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.577.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f9e470178309a21c7a45c792443ef3a701b7e137bbfab16bfd3c142cfb3dad0bb42205c3d2d1c74947a3df57b2759f854f2b9dbf3a7acade5f55c5d43b32cd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-endpoints@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.577.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "163b94cf529dcb8665cb6abf739f2da5da8777acfb88e754fdc698ce873c8f08001c10c16c824d40b094f615c99cf57633ca56c500f2219b28570b66bc4acfcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-http@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.577.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fefb2842a7aedbf7e651184758d6385a981e44fcef90b080ce3d2b9199d69218c08e77cda850428f8085445356e4ab10ec071822116bafb5f84aeac3620d2d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-ini@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.577.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abb9473edbfa06346f0a1504de6d2d21a1192b13d3699d41de52b1198b0597754b02ee4df3218250ac2e0358b37f8b9c4fe2f22ac7151aa2ba543671d5ebf79f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.577.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8959b9490bd2ec48194c9b116aa50e9834290503cf3dab78d9209b585bc540e2eb97ca9ec2af0e3fde21152e70da63fadb39e0798cea8499c37a5efd1d76f17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.577.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "070ba3757af276593a504c8f99ec26e46a86e27910e8e5724614bf4b264fffa50a485bf6fec7f7f750a6cf484dd22b544c7d6b4785de2e59fc5c23ad6ab92bce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-bucket-endpoint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-bucket-endpoint@3.577.0#packages/middleware-bucket-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-bucket-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-bucket-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b70964357d95a1f33a9075f30c48893a260273db550017b971bcb1300ad15ac708b02586f666a63e10bbedecc6e17b0df5d144c157711180f90aba66ff91148b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-bucket-endpoint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-arn-parser", + "group": "@aws-sdk", + "version": "3.568.0", + "bom-ref": "@aws-sdk/util-arn-parser@3.568.0", + "author": "AWS SDK for JavaScript Team", + "description": "A parser to Amazon Resource Names", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-arn-parser@3.568.0#packages/util-arn-parser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-arn-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-arn-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-arn-parser/-/util-arn-parser-3.568.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d4289596a3e28e07b7db9cf3f4fa0fe8e54964bbf5f9dedee2fe1fac3c7af9c71613249f426276d3a28f799b3c5eef15af90baec36d27c2fe327367f4836cdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-arn-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-expect-continue", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-expect-continue@3.577.0#packages/middleware-expect-continue", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-expect-continue", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-expect-continue", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9d3e9f13bf8174a1fe2e9f9200c86eaafbe1ab46b3504383f6340301d56d153b826812ed42f0689ebdb6c32e2f3c4c52059ad2a99c70743830b3c27a1ef09b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-expect-continue" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-flexible-checksums", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-flexible-checksums@3.577.0#packages/middleware-flexible-checksums", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-flexible-checksums", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-flexible-checksums", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "207014122a487da823c3dd8b57c48e48188217b667a9f1dcc35e0891c656dbf99fac2cb5161fe4e343284bfb774eba36b50f75ae040fc14a12801fd00a2d8eae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-flexible-checksums" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2334a0b2bc5472cade8d06cf5629482b2d7a9004f9d84c01eb349a23e337c712212a1e7e6a5744caf23ecfa7ab33b4c22c1d8126c16bb478e9ebfe3fb2bfb774" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "crc32c", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32c@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32c@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32c", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32c/-/crc32c-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10d34f3cc6a79a7549e014d794e8c0803ed446275b0339d446a0f42af7d1132738a36d033d874495d5357f9710ec96e3d0224948f68c224ffd66c85d077db5d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "middleware-location-constraint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-location-constraint@3.577.0#packages/middleware-location-constraint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-location-constraint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-location-constraint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ca3d30f60f6b3eb76414a3f21762d55affa527f0667ea61493064c81371da47d9cf82b06af865fc92734aa4d5dc67c25e455d16eec2ae3a17ec167aa9679350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-location-constraint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-sdk-s3", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-sdk-s3@3.582.0#packages/middleware-sdk-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-sdk-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-sdk-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c9a90a4ba0b6993d12382ff5d951e1e477d5152bc540afd477f30bf4a2c19e313bf30fd8b0cf39342364ed06a15d6bfe71101d58815619c32aaf992b579adb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-sdk-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-signing", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-signing@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-signing@3.577.0#packages/middleware-signing", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-signing", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-signing", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "412fdd877f8da996d7b58d23fc367cebba203f8d77a46e5c146a81cbd39e3a10ccb2895cc0bad06e2d12d1ceb6d5d73540dabe7abf5f7da32167f68f9325d722" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-signing" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-ssec", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-ssec@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-ssec@3.577.0#packages/middleware-ssec", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-ssec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-ssec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-ssec/-/middleware-ssec-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8b604f251faba7cc6645520673487590344570cd89f469c296aaa973e34b4a399869d95c83898f9258accfd1f3c0555c44f2795dc19fdd4e0162ce46f3e893ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-ssec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signature-v4-multi-region", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/signature-v4-multi-region@3.582.0#packages/signature-v4-multi-region", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/signature-v4-multi-region", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/signature-v4-multi-region", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68508e8e336a117da5f95f108ce5b2e45ec2b47202fd1958741bafdcda3acb19fea4cbd55147bacdd324db21d672e755a475accaf719cc050196200f7852cfb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/signature-v4-multi-region" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-browser@3.0.0#packages/eventstream-serde-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "341ec01623cde0dc4ffd80809ebbd8475f33dbf66c887885ed5b46df482c84ef466c5ac86f5ac2f1ea78346a49496af3e8feb8ba13d77a8e0cd14b022e764aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-universal", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-universal@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-universal@3.0.0#packages/eventstream-serde-universal", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-universal", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-universal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1cd15f4a19a8b5619e0285b8ba33fc99e57d0596af72999eac36cf2239096f129b37c46c51ca5143fd8ec88c563715cd1f6196080c6e481ef29e62062654370f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-universal" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-codec", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-codec@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-codec@3.0.0#packages/eventstream-codec", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-codec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-codec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-codec/-/eventstream-codec-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d4b72100d0e8a4e7449a105099d163d5b45f6dcffb5ecded9f0e9b56e9645797e46b11e9c7f146c48ee74ecfc89a922325de513794256a61fd98fb39cbf1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-codec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-config-resolver", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-config-resolver@3.0.0#packages/eventstream-serde-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "454406def4372d7ee97aaa8701b99aca182b1796938a53e76b38a7692185d4fd3eb60337bef21158f1e694b233daa16a07d2ea148c5d8adc5cf0ed99ea9b2b47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-node@3.0.0#packages/eventstream-serde-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-node/-/eventstream-serde-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da44f74c0433011316572140283c69bf867b62c63b7f545a54ebe5660b2898258cd11d1c68688d4c37ee5713e8484bc009d860872cc14420e2f3abdc71d4481" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-blob-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-blob-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-blob-browser@3.0.0#packages/hash-blob-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-blob-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-blob-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-blob-browser/-/hash-blob-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd66e9760f9bc09bd6ee5c51ff3a5601cd7fc7f62472a82eb85d9b033909aef5eb899bb5be6f2bf8f51d138b32895c1083b3cf476757a62dc22c16fda910da55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-blob-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader-native", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader-native@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader-native@3.0.0#packages/chunked-blob-reader-native", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader-native", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader-native", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5439290985bea5e4ae338cc98a9e560dfaaf836328fdef32c4ebf7545d66d75cbb07c28a30a545b666560dedfa16f93cac6b96acf6471d767bad1eee339c96ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader-native" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader@3.0.0#packages/chunked-blob-reader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader/-/chunked-blob-reader-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1b9d4442c231748124e81a5b0188099dd654429929fbda7bbd6b17c9bb9948c7a4541201eee86c1331ba827614128b43ee99c9b9bc5c6c8bd5d65dbda64daa0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-stream-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-stream-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-stream-node@3.0.0#packages/hash-stream-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-stream-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-stream-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-stream-node/-/hash-stream-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2748bb75ef848170c41884c3e1fc7398c5fc0b208d1134c84579718cc88d52fbeeefa5e7dc6277d70411f39ca794f936c08d65aa892700525a0f57e234395b20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-stream-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "md5-js", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/md5-js@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/md5-js@3.0.0#packages/md5-js", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/md5-js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/md5-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/md5-js/-/md5-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e6d2faeb5738e50fee910904f1ec3dcbb39f12dc5507d590ad53530887fa9099a3a8d47f6530dd9ab3a0a291c13081ab6d9c0f5251149da09276ef131c11f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/md5-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confirm", + "group": "@inquirer", + "version": "3.1.9", + "bom-ref": "@inquirer/confirm@3.1.9", + "author": "Simon Boudrias", + "description": "Inquirer confirm prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/confirm@3.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/confirm/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/confirm/-/confirm-3.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "505d3d69e8f10a2e17aa6e8dfe32408855c0ad77e2f5a979d8015a483fb6b881e78591ad77577a94819344c3e8b95489c5b1848be1e43964986a2118ffeb3353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/confirm" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@inquirer", + "version": "8.2.2", + "bom-ref": "@inquirer/core@8.2.2", + "author": "Simon Boudrias", + "description": "Core Inquirer prompt API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/core@8.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/core/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/core/-/core-8.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bc4ae357e398c41655f7101269bbd07e4b64c84b330f197648b89f4c13ddb84aa6dd5ba3ede9f2242af5e0ee638438a2785b1a50b318f45137dc2ff038df85b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "cli-width", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|cli-width@4.1.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@4.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2eb99778fdd9b64b0e469aacba6c6c8d34d7b5aadf51a66c6f78b48eeca720b139d4ed15dfb30fbf6ee9161a8d5a6e006230089cd3af2b72566c3b82169a6c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/cli-width" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "@inquirer/core@8.2.2|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6afb09421c9dfbaf3480a5f21bfb107349d7682eab0643ce7f21d87056fdfa1764a90911f5b767909d003198647b4a1eb0fa883be985149f8874173b9acb7820" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "6.2.0", + "bom-ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afa94f7011b1657948732984bbb227c43321756d0a0f1a4b82814b720b9ab3109a27f48e219c0835ab4af4a63fb5ff99ae5cb038a5345038f70135d405fc495c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "figures", + "group": "@inquirer", + "version": "1.0.3", + "bom-ref": "@inquirer/figures@1.0.3", + "author": "Simon Boudrias", + "description": "Vendored version of figures, for CJS compatibility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/figures@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b5d7cc434c1f9a49b79fecb175740df59466a972f271b37f451c055f714e73fe2b27df1369aacb120c06b67c8a341c9369d4d13426e34110079dd8adec961f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/figures" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type", + "group": "@inquirer", + "version": "1.3.3", + "bom-ref": "@inquirer/type@1.3.3", + "author": "Simon Boudrias", + "description": "Inquirer core TS types", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/type@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/type/-/type-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5352dd0dba5ca55f6effcccc74e1961aaff92bd6b69a8854d5bd0e5f7a58d0b22020766d163e3e12ef7ff27b47dbb2587ed7942b22e0ef7c25d37a4ee9318e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/type" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "group": "@types", + "version": "0.0.4", + "bom-ref": "@types/mute-stream@0.0.4", + "description": "TypeScript definitions for mute-stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mute-stream@0.0.4#types/mute-stream", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mute-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mute-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mute-stream/-/mute-stream-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "08f33d9f3ac23cf24740d03d91e1fd09591523e591e6431afbb5c4b398dc190d15a001a72efdb8db0f252158300047e6138a2e7c945a4dcf4f34b425d22a00a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "group": "@types", + "version": "3.0.0", + "bom-ref": "@types/wrap-ansi@3.0.0", + "description": "TypeScript definitions for wrap-ansi", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/wrap-ansi@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/wrap-ansi/-/wrap-ansi-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96d229c7e90cee0fcc2d165f91b2fb12c0848dfcc271270ba64837ede5c4b71e649ab00a0644c9c1dd462008c348bf304e933a1f39f960ee2949bf75044c2ed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "input", + "group": "@inquirer", + "version": "2.1.9", + "bom-ref": "@inquirer/input@2.1.9", + "author": "Simon Boudrias", + "description": "Inquirer input text prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/input@2.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/input/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/input/-/input-2.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d714c21e621ee3cc7d086d7ef209401eb555747f907d887380151b832a15a69e4da2f9d78117234a7fd236e95ea717fd3a5f070eade0cf0dd908052bfa1d44ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/input" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "select", + "group": "@inquirer", + "version": "2.3.5", + "bom-ref": "@inquirer/select@2.3.5", + "author": "Simon Boudrias", + "description": "Inquirer select/list prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/select@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/select/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/select/-/select-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "232063f2812d99d1761b1e052533ed1326b7ecc0fab342804cab07aa09a5b3494aec441b8584aaf46425705aba701b187bf720434160d9c0aa6183e2fddfdfc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/select" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "plugin-not-found", + "group": "@oclif", + "version": "3.2.1", + "bom-ref": "@oclif/plugin-not-found@3.2.1", + "author": "Salesforce", + "description": "\"did you mean\" for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-not-found@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-not-found.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-not-found/-/plugin-not-found-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63617258b133893ae0750c1de0bb59718bf754e31e0e15b4a56ea16c4d2eddf25dc6cf1fdc92df38724f77c14fa2b56dda576c6a3e3371751603abcc40a78a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.15", + "bom-ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a66b5993c211e31a8fae5994a6365c83f7712363ad317a5911177dae63d41ac4bd7ad6bb80504a1545eac5f2f9132ff48cbf2c266b1b987b120039a5d27b4c3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "3.0.0", + "bom-ref": "fast-levenshtein@3.0.0", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84a28d6a39b8eae3664e58474b2664993a00739eae649c18abbcab722663a8ec6795f4301110d02661cf529ee6d66f70c7cbe039ef08682299e4abf69350dd09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7919c2b534ed199169402c2126250ebb13d05915d52980e7d1bd8f7877d72fafd98b9dd22c0cc01df5615562b602bc82fd61f4e6419fc611483ef4c5d125d0ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "async-retry", + "version": "1.3.3", + "bom-ref": "async-retry@1.3.3", + "description": "Retrying made simple, easy and async", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async-retry@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/async-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/async-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/async-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1faff8ecb70f71362ff4b5e307ad15bb76ccf72ede4046160d6767b0a5a76785a229e666c02e13803fe10076c0bbb7867ac2ab0356ff7e5ba826d4393d984cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.13.1", + "bom-ref": "retry@0.13.1", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.13.1", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d0050dc8f16d4281ed127a1fba8238f4dcb6e64455aea2cce02bda280a9c1822b861a0ef34a5fab8714914e439249f07ce7c5b5e470959e7a3d838663215676" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "change-case", + "version": "4.1.2", + "bom-ref": "change-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform a string between `camelCase`, `PascalCase`, `Capital Case`, `snake_case`, `param-case`, `CONSTANT_CASE` and others", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/change-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/change-case/-/change-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2c58db0b3d3adbe220b1b51226392bb34dc64aa0fc99d19c5c4bb4a43de896af8a22318bb76332b49dd04093f400be96db429666302b0e77056a4e31b968ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/change-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camel-case", + "version": "4.1.2", + "bom-ref": "camel-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform into a string with the separator denoted by the next word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camel-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83119606b4d3d49b8cc7a47ea393d35cc9949e19d5ccb43d48dbad0f862a2ad23a6a9f3deedded28409895aea0096124a655e794dc9b124660f46106c4a14283" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camel-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pascal-case", + "version": "3.1.2", + "bom-ref": "pascal-case@3.1.2", + "author": "Blake Embrey", + "description": "Transform into a string of capitalized words without separators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pascal-case@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/pascal-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b969464f76129caf71dc140968e75c670ae757a84fa5df23147d7fb9ca622d13e1ff6cc2549292d7d1381af607bda09c0029f77e85d9d1c2c1f56af1d4a19ee6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pascal-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "capital-case", + "version": "1.0.4", + "bom-ref": "capital-case@1.0.4", + "author": "Blake Embrey", + "description": "Transform into a space separated string with each word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/capital-case@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/capital-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/capital-case/-/capital-case-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76cdfb5bc0b2b478309e11864e2f3ca5c3f2475e6aa0d90ea58c2630c7e75aaa9680449aa4baaf0f1ea1b858d0e6fa964a7d99d3ad7bdd7340ecbb4c39e521d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/capital-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "no-case", + "version": "3.0.4", + "bom-ref": "no-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with spaces between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/no-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/no-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e000dde318087e468c541991d348e2c922a51cdb09a8070191e2d6e93402a69a8bc5a16ab439d4646f456495d45e3b66b68814ff384ba51bd5d251cd74af7ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/no-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case-first", + "version": "2.0.2", + "bom-ref": "upper-case-first@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string with the first character in upper cased", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case-first@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case-first/-/upper-case-first-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e75e29a581c168ac1f2512bfa4d0ba73f3b17c66b4a1b4a7025d74eaef7b11dd08eb6e4d8a7f7a2808edb5917a64bdded572eda61c67aab3a2f625a09bebbe6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case-first" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "constant-case", + "version": "3.0.4", + "bom-ref": "constant-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into upper case string with an underscore between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/constant-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/constant-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/constant-case/-/constant-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "236852062ed5becec112e243af97431dfcdbfd1ba3dc5caf17287b28b8a5023350c3705efb182a5010365bab1c54470bd212f57703d1b48a843d55022a44acc9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/constant-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case", + "version": "2.0.2", + "bom-ref": "upper-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to upper case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case/-/upper-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a07600c626dd93a6ec015088e01ba973c36196151096f5091f922bf40f1a871cb6091e6b6675420a71977cac78054a3a29553970ea08330a6d5bf0c150c2292" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "dot-case", + "version": "3.0.4", + "bom-ref": "dot-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with a period between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dot-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/dot-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afe672a587ac91addac6bf1789d9ee72d9e454a64528b085b8036012dfccf04b3dbbceeeee7c3c103e2e4986cdd702518d7ad9776e69c6850b0cb642899e3df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dot-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "header-case", + "version": "2.0.4", + "bom-ref": "header-case@2.0.4", + "author": "Blake Embrey", + "description": "Transform into a dash separated string of capitalized words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/header-case@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/header-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/header-case/-/header-case-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ffbee9394c4115670ad1d25a76cde77d382a35b8020b325c742443200b6eabcf2249dcdd6fe979301c75c941d4767684a37063cce8e28f6282607f4a65275d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/header-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lower-case", + "version": "2.0.2", + "bom-ref": "lower-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to lower case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lower-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/lower-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edf9b797734017d59f37a5b724e99fe5daf0a55a97efc26da0627703a5b46ba66795d338d70d9f5790f8f74a6c2854e931db3c4c9b1efde1cb145b0d1c78c782" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lower-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "param-case", + "version": "3.0.4", + "bom-ref": "param-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with dashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/param-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/param-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/param-case/-/param-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "457963ef3098a2445ea96a4e3c7f68622bd4ccb619e6f00f21f1260933558a8b02efc17c1741fdcbb4fb806d8cdfdca682eb7117981c144b326504a987d069dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/param-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-case", + "version": "3.0.4", + "bom-ref": "path-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with slashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/path-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-case/-/path-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ee2a0858d7a954eb71b3edfe141f85343e56116ca8d28e3edcad80d2a42b14a8129dd73d443c39b16e78fca5388a24e608e7ebdaf2f178942f10b0a2ddd67e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sentence-case", + "version": "3.0.4", + "bom-ref": "sentence-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case with spaces between words, then capitalize the string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sentence-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/sentence-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sentence-case/-/sentence-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0b4b42489da40c091a10ed8532b40a3fc54bb95b65e74315761c8ffab8ce94ec22134b546a3c496bdf457ab88ab230a33d949191545cb9ff80aecdc8b13584a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sentence-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "snake-case", + "version": "3.0.4", + "bom-ref": "snake-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with underscores between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/snake-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/snake-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c03a1e33f3d6c642f97da457cd17c575e3a8bba3bfc2a853dbab36203fec98cc3203792f4768d16d5c005a9915be010cc454e0dcbc4efd96327ef1af5849d32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/snake-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-yarn-workspace-root", + "version": "2.0.0", + "bom-ref": "find-yarn-workspace-root@2.0.0", + "author": "Square, Inc.", + "description": "Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/find-yarn-workspace-root@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/square/find-yarn-workspace-root.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-yarn-workspace-root/-/find-yarn-workspace-root-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d483276e3b782b3b107e7867ccd77cc141205d9e3823365a6669cb631ec3e45665687b76816db40ab8bc43e13fb79b488f8f9ea5306e6fed99c6efef3482f3a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-yarn-workspace-root" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "github-slugger", + "version": "2.0.0", + "bom-ref": "github-slugger@2.0.0", + "author": "Dan Flettre", + "description": "Generate a slug just like GitHub does for markdown headings.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/github-slugger@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/Flet/github-slugger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Flet/github-slugger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Flet/github-slugger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/github-slugger/-/github-slugger-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21a390f69b98b63ae4abb63462097d283667adffda89425852955ff3dcbc9326b16d11bb6354ab5ff8daba6aeff35bdceb5fa488c7a6a6e8ec337630ef0e6a73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/github-slugger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "got", + "version": "13.0.0", + "bom-ref": "got@13.0.0", + "description": "Human-friendly and powerful HTTP request library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/got@13.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/got.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/got#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/got/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/got/-/got-13.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5df064d42c4e39270370cafd3b5c8a90d690cb2f3ae4d6d8b3e17b76be07d0b64c5600a3d8b7b9f64e8fa9b347a0be53a1e684414621e9ceb231f55c73a489c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/got" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is", + "group": "@sindresorhus", + "version": "5.6.0", + "bom-ref": "@sindresorhus/is@5.6.0", + "author": "Sindre Sorhus", + "description": "Type check values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sindresorhus/is@5.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sindresorhus/is/-/is-5.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d5eedf062986895ac9f4d2d143a81c3cf94aa6afc0347d1535b6f4d08726731afd2c24219140bdc918c237b9cb8aa375c865d50ff8bc7bfe0876b7795ec32ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sindresorhus/is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-timer", + "group": "@szmarczak", + "version": "5.0.1", + "bom-ref": "@szmarczak/http-timer@5.0.1", + "author": "Szymon Marczak", + "description": "Timings for HTTP requests", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40szmarczak/http-timer@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http-timer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http-timer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http-timer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f9905f43e20183cc79561edb7ecb24062f38c616d63dab1f96113b24b76f8093549ba6df81df46f2af033a331c0406d139c735d51f63d9c2794c9102cfff73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@szmarczak/http-timer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "defer-to-connect", + "version": "2.0.1", + "bom-ref": "defer-to-connect@2.0.1", + "author": "Szymon Marczak", + "description": "The safe way to handle the `connect` socket event", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/defer-to-connect@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/defer-to-connect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2dbedb5ea571b555a606ad189b93913025dd6de2e76e9d239531d2d200bea621dd62c78dfca0fc0f64c00b638d450a28ee90ed4bd2dc0d706b1dcd2edd1e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/defer-to-connect" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-lookup", + "version": "7.0.0", + "bom-ref": "cacheable-lookup@7.0.0", + "author": "Szymon Marczak", + "description": "A cacheable dns.lookup(…) that respects TTL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-lookup@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/cacheable-lookup.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faa272c78c622ab6bc999adcc218cc44c5210f9351d51f1eb0f933218c57f7a26279c168c405c5bb3fc6a51dfe7afe0f13559a9878a9efcc15d2f7263d0b69f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-lookup" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-request", + "version": "10.2.14", + "bom-ref": "cacheable-request@10.2.14", + "author": "Jared Wray", + "description": "Wrap native HTTP requests with RFC compliant cache support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-request@10.2.14", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/cacheable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/cacheable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/cacheable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce40d3e56005e21492a148327e0e6d148c73f1740afb6e56fd32d5a2325330a05ac5ebcb041b4bc60aa0b80b95401f0f556efd1558c7714f8627db556c367d99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-request" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "group": "@types", + "version": "4.0.4", + "bom-ref": "@types/http-cache-semantics@4.0.4", + "description": "TypeScript definitions for http-cache-semantics", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-cache-semantics@4.0.4#types/http-cache-semantics", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-cache-semantics", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-cache-semantics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d66d1b20555cede256caf7bd4b4467b9181c42a17f5dde50b1464065e405af5437fe9f495a841012a995cbe0cf4cda465f086021eb40a1817c252737deadbd40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7abdbde4328f56c57cda3e64c351a3b7e00303f5d81ec6a397cd9c18d406d9eca83e4be05215fe9c32327a5ce12166dbb173f7f441dc23a979b58b36158a985d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "4.0.0", + "bom-ref": "mimic-response@4.0.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b92121fdc4c614d03ceb4fe8e5f2adb37bd0fa79606da3e23c08da5ef9523e2b627f17f9373dd91d4ddcf8c2f1951f8353a68f8d4584d522e31010c31cb0baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-url", + "version": "8.0.1", + "bom-ref": "normalize-url@8.0.1", + "author": "Sindre Sorhus", + "description": "Normalize a URL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-url@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/normalize-url.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20ef50be350c5b13d0421b3ad283aed740919160a26734949336d718657da6f8989757d761cbe4cd0e6357dcfc63aba7f0046855197812d0babfa8cda9b689ff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-url" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "responselike", + "version": "3.0.0", + "bom-ref": "responselike@3.0.0", + "author": "Luke Childs", + "description": "A response-like object for mocking a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/responselike@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/responselike.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/responselike#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/responselike/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/responselike/-/responselike-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e34c87c5b35c976fabcd7bd9b9592b62885ab61b122653135caaf21b9cbcb9c887bf5fb10cb1d0a608c6eb82543bd9eb12ada318b1fa219f01719cb0df0af07a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/responselike" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decompress-response", + "version": "6.0.0", + "bom-ref": "decompress-response@6.0.0", + "author": "Sindre Sorhus", + "description": "Decompress a HTTP response if needed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decompress-response@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decompress-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "696df9c9933a05bff8a099599dc307d8b0a866d2574d1c444b5eef137868462a305369161da24a1644810e70d1f9c9bd27ef5085799113221fbf4a638bd7a309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "mimic-response", + "version": "3.1.0", + "bom-ref": "decompress-response@6.0.0|mimic-response@3.1.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf4c9623ee050ebaf0792f199ade048f91dd266932d79f8bd9ee96827dfe88ae5f5b36fa4f77e1345ab6f8c79345bd3ae1ce96af837fc2fd03cd04e33731cd19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response/node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "form-data-encoder", + "version": "2.1.4", + "bom-ref": "form-data-encoder@2.1.4", + "author": "Nick K.", + "description": "Encode FormData content into the multipart/form-data format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data-encoder@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/octet-stream/form-data-encoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c8361280d32b6aabe7c621173b8862f3cf986716870ba40acdbe4df388910930de44eed900ba62aff95599ffee5d4867c14af63b81d4f2cfe7eb1fb23634241f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data-encoder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http2-wrapper", + "version": "2.2.1", + "bom-ref": "http2-wrapper@2.2.1", + "author": "Szymon Marczak", + "description": "HTTP2 client, just with the familiar `https` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http2-wrapper@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http2-wrapper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5799d5c353c03a07c8dcb99e6a3d84c667a0edf7a78e1454833d653d27b3cb50ae84f61b810b5b423e2365f10010c95a2febeea6cbe18ea0b28f3a1bd32c6c99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http2-wrapper" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "resolve-alpn", + "version": "1.2.1", + "bom-ref": "resolve-alpn@1.2.1", + "author": "Szymon Marczak", + "description": "Detects the ALPN protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-alpn@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/resolve-alpn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1ad45e25ef7fd915939a9099d0dc5be4276fa0493416cffaf6284e4e7436344f13e6e61e0692a91659f338ed3ec7b1b9ceb5c255105e1ea42572eaeed0dcafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-alpn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lowercase-keys", + "version": "3.0.0", + "bom-ref": "lowercase-keys@3.0.0", + "author": "Sindre Sorhus", + "description": "Lowercase the keys of an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lowercase-keys@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/lowercase-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a33082ea0750fa0957390b2f78a0f462c0f2f034901630d3cf8cf2cc41cd579f893f90fad8b99f0d9ea8d5cc9c171f68b86f78d0ce5d13c0bc0937b0763d9859" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lowercase-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-cancelable", + "version": "3.0.0", + "bom-ref": "p-cancelable@3.0.0", + "author": "Sindre Sorhus", + "description": "Create a promise that can be canceled", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-cancelable@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-cancelable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a55604773c6bb3968d0c993764e1c5ea5d69704032e738d4c083ab26eb65e430912247137718bdd27df918beac289db90905cac8ed4befe5987dca3be7da253" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-cancelable" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eabbc27de456f8e1196a0001e2530b48db933586562d5b4a71c2bbf554937ffff24d8e5538281ca47f343be6d92bc35ea6cee95277791be425320d7257fda265" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90df5d25bbe7c921d42c896e0c7cb7d961d152edce83b07db1b63bb6c14b72d42422a9cc877844ad881d3234d8baa99c5d7fa52b94f596752ddc6ef336cc2664" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71ba87ba7b105a724d13a2a155232c31e1f91ff2fd129ca66f3a93437b8bc0d08b675438f35a166a87ea1fb9cee95d3bc655f063a3e141d43621e756c7f64ae1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21f0f59cfdfb4ca8001d16206ee85cba2543988ea0c9049bc88697c33321ebaf445ba7996266a7784e3b50fd181f2e328565bf8b331e61a66979a8e5b2d2abe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e2538dabfb13b851b512d5bba8dcb3c992394eef8df45e7e5254085da73cec3c7b236d855f9679c57404e069b9cbb9d7be0aabb6e69e8dfa0da5c3f3c5b1ae3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-package-json", + "version": "2.10.0", + "bom-ref": "sort-package-json@2.10.0", + "author": "Keith Cirkel", + "description": "Sort an Object or package.json based on the well-known package.json keys", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-package-json@2.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-package-json/-/sort-package-json-2.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31879c7ef39b3302638c9b2487161fb8e003917a7564c3270850bcca1a7ef470ec93b1e1477dfa85dede881b3dea54d77e2aa650d23e59009e08c441865db9d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "detect-newline", + "version": "4.0.1", + "bom-ref": "sort-package-json@2.10.0|detect-newline@4.0.1", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a84dd57a0d585f3187421940ea3cde6d9376a957fa357f80ee6eea9610861b7d1d262c6b0108583ac263b270632640929ae38fa42937d35e397ebf055746f3a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/detect-newline" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "13.2.2", + "bom-ref": "sort-package-json@2.10.0|globby@13.2.2", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@13.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-13.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635ccd195fa9cd0761ec7dfd97dce00783c9aa344dab276f7580831b81c55cce17baf49a41094473dd48535c802cbf205130e89a00407f3dd725d9944bea28d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/globby" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "4.0.0", + "bom-ref": "sort-package-json@2.10.0|slash@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddd3ac0075d7524413a4e61ca00c4b228acc4e9e20210af9216de255bec0ee5148a74547867ca79bd8b3c7a4ecb1dac87152044809558ed9ced8af1b83e0a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/slash" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "4.1.0", + "bom-ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f822faf32e50d909c84c62301b792251683322a7af9ce127852ca73e7c58e841179428219905c8d1c86c102d1f0cd502093946d9dd54db0344deb5fe6983aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "detect-indent", + "version": "7.0.1", + "bom-ref": "detect-indent@7.0.1", + "author": "Sindre Sorhus", + "description": "Detect the indentation of code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-indent@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-indent/-/detect-indent-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31ced0850f2cf9c2eb9d47d4fc98bde2f1bfafc336ea6f1ffbebf2adeb38668a236910e9675792221fc4a732cdc255aebf3499dd46c316ca6316f4c35dee9efe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "get-stdin", + "version": "9.0.0", + "bom-ref": "get-stdin@9.0.0", + "author": "Sindre Sorhus", + "description": "Get stdin as a string or buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stdin@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stdin/-/get-stdin-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7552818df5a2b0b02271aac8d927fe26e044fc382157853334055ef7284426ecde44477726139313d7146894de49aefb7ec6d050ade970ea497cce7df9529968" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git-hooks-list", + "version": "3.1.0", + "bom-ref": "git-hooks-list@3.1.0", + "author": "fisker Cheung", + "description": "List of Git hooks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/git-hooks-list@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/fisker/git-hooks-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/git-hooks-list/-/git-hooks-list-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c5f15787791eeffb001b5ea7e04654d25ffd41251f50d6f10c47c240cf570483a197d3bfb3ca3dec01d0ef6238ffc679487d5b86823e2a05e8b52b784a1fe3c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/git-hooks-list" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-object-keys", + "version": "1.1.3", + "bom-ref": "sort-object-keys@1.1.3", + "author": "Keith Cirkel", + "description": "Sort an object's keys, including an optional key list", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-object-keys@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-object-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-object-keys/-/sort-object-keys-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39e69bcaf95914ecf68a60f73e2639e6b781337a3407ca1845df7ab7d6a1bcc7b99a0f391e1610004e174261acb5d422123bea803308ce04ff9f3d97b420fca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-object-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-jsonc", + "version": "1.0.1", + "bom-ref": "tiny-jsonc@1.0.1", + "description": "An absurdly small JSONC parser.", + "purl": "pkg:npm/tiny-jsonc@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/fabiospampinato/jsonc-simple-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tiny-jsonc/-/tiny-jsonc-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a4e810b1cef6bd0e88847c35ff962d0bd9c58a3cf10d62f8b1529ac5765dd83e2e1b6595210e7348f5852469caeffae206f74767c51e6636a6a80fa5210fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tiny-jsonc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "open", + "version": "10.1.0", + "bom-ref": "open@10.1.0", + "author": "Sindre Sorhus", + "description": "Open stuff like URLs, files, executables. Cross-platform.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/open@10.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/open.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/open#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/open/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/open/-/open-10.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a791e435a8fe547b6c1df9a8af4c3dcd1ddfe567de8bbb48e07f4a7092d2cfb71e9c4d9887eedc9e191447b34cd7d2b6eb6a15cf9d79549db797c9a041b886b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open" + } + ], + "components": [ + { + "type": "library", + "name": "is-wsl", + "version": "3.1.0", + "bom-ref": "open@10.1.0|is-wsl@3.1.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51c55f55f68ae127389bb5f77544a81e8a3340604415e0c2fb3568d3ab7df317bc0b31d265905e90d5c7fadbb435a947a25709fd0006a92e3a1de7fb41704833" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open/node_modules/is-wsl" + } + ] + } + ] + }, + { + "type": "library", + "name": "default-browser", + "version": "5.2.1", + "bom-ref": "default-browser@5.2.1", + "author": "Sindre Sorhus", + "description": "Get the default browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser@5.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser/-/default-browser-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "598ff74d4304d31dca3d875147110926f5d11d5e0fc8fa14b31b596bbf25c08b7045044785dd94f713ac71a4ff6137fcb825c8023789385055121ffb16d0fc5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser" + } + ] + }, + { + "type": "library", + "name": "bundle-name", + "version": "4.1.0", + "bom-ref": "bundle-name@4.1.0", + "author": "Sindre Sorhus", + "description": "Get bundle name from a bundle identifier (macOS): `com.apple.Safari` → `Safari`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bundle-name@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/bundle-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bundle-name/-/bundle-name-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63c0ce5ec4c83a046448fa43664e7b4db2f7594b55fc045612ead9c9da1747d2457133afde559db1cbe16a4ad496bd89ad7c53032c8c6eae8ac7c0329f0f3e5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-name" + } + ] + }, + { + "type": "library", + "name": "run-applescript", + "version": "7.0.0", + "bom-ref": "run-applescript@7.0.0", + "author": "Sindre Sorhus", + "description": "Run AppleScript and get the result", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-applescript@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/run-applescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-applescript/-/run-applescript-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5bcb8223f7d254aff3021415240ca2d62b71bd1d55e669b2b3f54e4c948008bafbb39223a271162cf1724bc57fb16a10fe98b8a20980ea17d74a020b7328fd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-applescript" + } + ] + }, + { + "type": "library", + "name": "default-browser-id", + "version": "5.0.0", + "bom-ref": "default-browser-id@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the bundle identifier of the default browser (macOS). Example: com.apple.Safari", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser-id@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser-id.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser-id/-/default-browser-id-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03aa7fa6effa7f205c0354d1cff1aa5983d58a996b7ed716da0642f6aefd9e0342280791fd7de070475740797828d5d5fb7c20209d423e4250dc81ccea572cc8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser-id" + } + ] + }, + { + "type": "library", + "name": "define-lazy-prop", + "version": "3.0.0", + "bom-ref": "define-lazy-prop@3.0.0", + "author": "Sindre Sorhus", + "description": "Define a lazily evaluated property on an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-lazy-prop@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/define-lazy-prop.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37e31e5d8a2aaf7a4e827f317f244f44437b8076a42d88e1b07856193ddf58088be08900b74883c35e108a2126d9b137d1ce575f9ab416d000dc22b97fdfc152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-lazy-prop" + } + ] + }, + { + "type": "library", + "name": "is-inside-container", + "version": "1.0.0", + "bom-ref": "is-inside-container@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a container (Docker/Podman)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-inside-container@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-inside-container.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-inside-container/-/is-inside-container-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28860b08226085f1d9c6a8d8044eeb132d0e06e4dde710874bbb47560bc22e4c7b4ad2286b1c0d5b784200b80452315f79193e306fd0c66a7fbed113105ded44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container" + } + ], + "components": [ + { + "type": "library", + "name": "is-docker", + "version": "3.0.0", + "bom-ref": "is-inside-container@1.0.0|is-docker@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a58dc8040e5127b3fec05c5a2c0792bfda708ce0fec540f90673f0d62f2e6b985116bd96b21ab8a4d5df7f4086399c9e1ff58b15bc1900ea42691e7f6b21275" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container/node_modules/is-docker" + } + ] + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "version": "4.2.0", + "bom-ref": "prompt-sync@4.2.0", + "description": "a synchronous prompt for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompt-sync@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/heapwolf/prompt-sync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompt-sync/-/prompt-sync-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06e133cdce73a6d3f92ec815e4c6444e30da29259f72197953d2ee8aef122a9ee26560f9b596a53b1bcd719470bfe776a61345afcc656f198535c44a7c93b327" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync" + } + ], + "components": [ + { + "type": "library", + "name": "strip-ansi", + "version": "5.2.0", + "bom-ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ee46cd6029b06ab0c288665adf7f096e83c30791c9e98ece553e62f53c087e980df45340d3a2d7c3674776514b17a4f98f98c309e96efbdcc680dc9fa56e258" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "4.1.1", + "bom-ref": "prompt-sync@4.2.0|ansi-regex@4.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b96fe24ff77fabdf4383a83f6006be2ace92d950f7c6442f593d15a423c5adcbd5a6c181bb930c074f3a9bdb1a7702d014d542b97e38cf316462bab565edee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/ansi-regex" + } + ] + } + ] + }, + { + "type": "library", + "name": "lodash.truncate", + "version": "4.4.2", + "bom-ref": "lodash.truncate@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.truncate` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.truncate@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8edb6645eedb46c7b9d8eb1620c0cb697c56a91026b4851c70043781aaef882a898da7d739f34c3b4c8c7cda5d0facdb19a4d4d0fe4dcfb7bb8004fa70a98947" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.truncate" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.2.3", + "bom-ref": "tmp@0.2.3", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d90fb9bd8823c2e60d2962671ac688182a08127cbb1dc65f287f743fa086ea0aa2cb20ef48005d065a35f5cfd3594473e25eff167b1e320c2699b20130d18f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "29.1.4", + "bom-ref": "ts-jest@29.1.4", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@29.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6221f00e14af0a222da0082c2ada0b142b9a903cc3b09d432c39d2a2e4da4e674e70ec08912cdb2d776e690e8ce4345586e642fcd61a699fe6b476d632ffd2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest" + } + ], + "components": [ + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "ts-jest@29.1.4|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest/node_modules/yargs-parser" + } + ] + } + ] + }, + { + "type": "library", + "name": "remapping", + "group": "@ampproject", + "version": "2.3.0", + "bom-ref": "@ampproject/remapping@2.3.0", + "author": "Justin Ridgewell", + "description": "Remap sequential sourcemaps through transformations to point at the original source code", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40ampproject/remapping@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ampproject/remapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ampproject/remapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ampproject/remapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df4899b403e0cfe2d3218a1e8afa98a3ce777f4da305849de6e1a71a9905574337c4eb7d68def77ab920600999538df1e157ea7272f15bd2a98374792c2e1863" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ampproject/remapping" + } + ] + }, + { + "type": "library", + "name": "js-tokens", + "version": "4.0.0", + "bom-ref": "js-tokens@4.0.0", + "author": "Simon Lydell", + "description": "A regex that tokenizes JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-tokens@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/lydell/js-tokens.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lydell/js-tokens#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lydell/js-tokens/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45d2547e5704ddc5332a232a420b02bb4e853eef5474824ed1b7986cf84737893a6a9809b627dca02b53f5b7313a9601b690f690233a49bce0e026aeb16fcf29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-tokens" + } + ] + }, + { + "type": "library", + "name": "helper-compilation-targets", + "group": "@babel", + "version": "7.23.6", + "bom-ref": "@babel/helper-compilation-targets@7.23.6", + "author": "The Babel Team", + "description": "Helper functions on Babel compilation targets", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-compilation-targets@7.23.6#packages/babel-helper-compilation-targets", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-compilation-targets", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f49079e3c199a10566ceb160a7ca3b2b17609131a6eb1b3d0d6d28fcf8a6ef65038f3af939b510e99cd83ea03e83d3934b66c142872d2c9ae4cb444308059181" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets" + } + ], + "components": [ + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets/node_modules/semver" + } + ] + } + ] + }, + { + "type": "library", + "name": "compat-data", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/compat-data@7.24.4", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/compat-data@7.24.4#packages/babel-compat-data", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-compat-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be0f068a1d8c2cafa43a41c9a788011089326888b4d23816a2dd83f503a699f2c2f2320d48ece608bb5ae81bf3fc94810aa9de815d0bf348e1c64a25e4658d7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/compat-data" + } + ] + }, + { + "type": "library", + "name": "helper-validator-option", + "group": "@babel", + "version": "7.23.5", + "bom-ref": "@babel/helper-validator-option@7.23.5", + "author": "The Babel Team", + "description": "Validate plugin/preset options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-option@7.23.5#packages/babel-helper-validator-option", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-option", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39b6d00e30bb2be775605e44db931f2803a6137d3e2aeff1f35d22c46268dc49324f30f42dbead410fbf41c9ea79c4c5186c64731290ec8d47f7772a79e082b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-option" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "5.1.1", + "bom-ref": "lru-cache@5.1.1", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@5.1.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a9340450037230bfe8d3034bad51555bae1f8996baf516fd1ee7a186cc014e5cdedd93f16f89a0d6f0b1e62b9d8395c1f858fda7ea023cbcdd5a7ac045828f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "3.1.1", + "bom-ref": "yallist@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b850641a58f1f9f663975189c01b67b09dc412e22e05e374efdc9a0033eb365430264bd36c2bc1a90cc2eb0873e4b054fb8772ba4cea14367da96fb4685f1e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yallist" + } + ] + }, + { + "type": "library", + "name": "helper-module-transforms", + "group": "@babel", + "version": "7.23.3", + "bom-ref": "@babel/helper-module-transforms@7.23.3", + "author": "The Babel Team", + "description": "Babel helper functions for implementing ES6 module transformations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-transforms@7.23.3#packages/babel-helper-module-transforms", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-transforms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-transforms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edb06ce040fd3a6b3075f0f3a73e0ca56812ad5ec55e5737cc86a0bcb1634b91fe324ed29ebdb5bd0e90c2bb2808631f342e1ee0b40f76850b12de32933d1245" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-transforms" + } + ] + }, + { + "type": "library", + "name": "helper-environment-visitor", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-environment-visitor@7.22.20", + "author": "The Babel Team", + "description": "Helper visitor to only visit nodes in the current 'this' context", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-environment-visitor@7.22.20#packages/babel-helper-environment-visitor", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-environment-visitor", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-environment-visitor", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdf79d488cc585ab7f8058567c7b605af95e7349ea07d604215ae9bb08ebb8b9577d44a703c7090749a21cac2a0e743b777d9a2a8db1b7cf3fc59a6dc316df84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-environment-visitor" + } + ] + }, + { + "type": "library", + "name": "helper-module-imports", + "group": "@babel", + "version": "7.24.3", + "bom-ref": "@babel/helper-module-imports@7.24.3", + "author": "The Babel Team", + "description": "Babel helper functions for inserting module loads", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-imports@7.24.3#packages/babel-helper-module-imports", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-imports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-imports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be229bd05f5fdacd01092db6412177d3ccfffb5616295ffbea6c2deb5341cd2e62ccccc33f076ad694ebcdff8b8b79e90565fd29d41b91e0add6348033b959aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-imports" + } + ] + }, + { + "type": "library", + "name": "helper-simple-access", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-simple-access@7.22.5", + "author": "The Babel Team", + "description": "Babel helper for ensuring that access to a given value is performed through simple accesses", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-simple-access@7.22.5#packages/babel-helper-simple-access", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-simple-access", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-simple-access", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f41fdf44fcaf818a46b7fbe58d2f5ecf3afa38aca599ee5644a7543e7d2b556d48bc9f13d01013a54e608ec56ff426c4b9e9228a43ea2301eda91ca247377e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-simple-access" + } + ] + }, + { + "type": "library", + "name": "helper-split-export-declaration", + "group": "@babel", + "version": "7.22.6", + "bom-ref": "@babel/helper-split-export-declaration@7.22.6", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-split-export-declaration@7.22.6#packages/babel-helper-split-export-declaration", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-split-export-declaration", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-split-export-declaration", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02c527c6e2e1458b22b0589a270be9d5017e2372a30f914ec6eb75e2afc6ce8bd47baa2b1cb7ac5b60bb77be789119b9de1e60aabcfab0597ab31738055b44fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-split-export-declaration" + } + ] + }, + { + "type": "library", + "name": "helpers", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/helpers@7.24.4", + "author": "The Babel Team", + "description": "Collection of helper functions used by Babel transforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helpers@7.24.4#packages/babel-helpers", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helpers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helpers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15ec1d9596d28b06951a5813d433c0343b821da0cc88ea3e0ff2036111588c73aebfaeb131227b7d0c30383c113403e400320eff3d44a05fe5d810969560010f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helpers" + } + ] + }, + { + "type": "library", + "name": "helper-function-name", + "group": "@babel", + "version": "7.23.0", + "bom-ref": "@babel/helper-function-name@7.23.0", + "author": "The Babel Team", + "description": "Helper function to change the property 'name' of every function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-function-name@7.23.0#packages/babel-helper-function-name", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-function-name", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-function-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "384ac4aacaf18d94c97226783a8f9ea19a9e5bd50888e72e60a449038640815f66c80fa93978619a97cd08a8c41ff6ae55f11854527acb54dce2bd1e200a6a8b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-function-name" + } + ] + }, + { + "type": "library", + "name": "helper-hoist-variables", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-hoist-variables@7.22.5", + "author": "The Babel Team", + "description": "Helper function to hoist variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-hoist-variables@7.22.5#packages/babel-helper-hoist-variables", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-hoist-variables", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-hoist-variables", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c068e4f50655cef92703ac8a2145116fccd8de0ad709c399b7effb59ccbc3b6b9cb7186996650f90e76582836199d55e7b673dd895db7f5c6932d54d6dfa3147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-hoist-variables" + } + ] + }, + { + "type": "library", + "name": "helper-string-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/helper-string-parser@7.24.1", + "author": "The Babel Team", + "description": "A utility package to parse strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-string-parser@7.24.1#packages/babel-helper-string-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-string-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-string-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "da87d10a39e703dcbec24f1bf4801112ba1e50fd36287a78df53769a12a78b2db22880caa5bac7bfd797c26f1c05e59061c266cefe6a282bbae4fe3b78217b09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-string-parser" + } + ] + }, + { + "type": "library", + "name": "to-fast-properties", + "version": "2.0.0", + "bom-ref": "to-fast-properties@2.0.0", + "author": "Sindre Sorhus", + "description": "Force V8 to use fast properties for an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-fast-properties@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/to-fast-properties.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fce68a2b4c58aecdc39b1458a8bff20dcf85c455156210e55cc8519afdf3f75e70d87175b67375a26077e788fc55418efe16d1cf20fa637b00eefec64bf71ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-fast-properties" + } + ] + }, + { + "type": "library", + "name": "gensync", + "version": "1.0.0-beta.2", + "bom-ref": "gensync@1.0.0-beta.2", + "author": "Logan Smyth", + "description": "Allows users to use generators in order to write common functions that can be both sync or async.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gensync@1.0.0-beta.2", + "externalReferences": [ + { + "url": "git+https://github.com/loganfsmyth/gensync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de137b35ab2462f3032d0639e609d6dcd43e99eb0401ea53aa583e5446e3ef3cea10c055361cdc19861ea85a3f4e5633e9e42215ca751dcb0264efa71a04bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gensync" + } + ] + }, + { + "type": "library", + "name": "resolve-uri", + "group": "@jridgewell", + "version": "3.1.2", + "bom-ref": "@jridgewell/resolve-uri@3.1.2", + "author": "Justin Ridgewell", + "description": "Resolve a URI relative to an optional base URI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/resolve-uri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d12128022233f6d3fb5b5923d63048b9e1054f45913192e0fd9492fe508c542adc15240f305b54eb6f58ccb354455e8d42053359ff98690bd42f98a59da292b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/resolve-uri" + } + ] + }, + { + "type": "library", + "name": "load-nyc-config", + "group": "@istanbuljs", + "version": "1.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0", + "description": "Utility function to load nyc configuration", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/load-nyc-config@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/load-nyc-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5637874a5233a6ffcdc83dcdd18b877d738f0c88b1700d6ad9957df30b0ca9c6253e6bf69f761bda560ff5730496768555783903b60b4de2eee95f38b900e399" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config" + } + ], + "components": [ + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from" + } + ] + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "5.3.1", + "bom-ref": "camelcase@5.3.1", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@5.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f6f124c1d7bd27c164badd48ed944384ddd95d400a5a257664388d6e3057f37f7ad1b8f7a01da1deb3279ef98c50f96e92bd10d057a52b74e751891d79df026" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "test-exclude", + "version": "6.0.0", + "bom-ref": "test-exclude@6.0.0", + "author": "Ben Coe", + "description": "test for inclusion or exclusion of paths using globs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/test-exclude@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/test-exclude.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/test-exclude/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7001963c8c8e1d4eb396683cf23c26ed54725e730dee257af0e1806d80e4fcc87fc42fe9cd53e542d63a9e0a081ffe7fb5c8ae8467ef11253c1ab1eb7310f9eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude" + } + ], + "components": [ + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "test-exclude@6.0.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/brace-expansion" + } + ] + } + ] + }, + { + "type": "library", + "name": "babel__generator", + "group": "@types", + "version": "7.6.8", + "bom-ref": "@types/babel__generator@7.6.8", + "description": "TypeScript definitions for @babel/generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__generator@7.6.8#types/babel__generator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012b23fada440ec12216bd5aad6ae537a57799d7e344c66de8bb4afd5a7f92b7852e7af9407e7e0e1bc3e6720d6195f3c09bd7786abed398945dc03356ba96b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__generator" + } + ] + }, + { + "type": "library", + "name": "babel__template", + "group": "@types", + "version": "7.4.4", + "bom-ref": "@types/babel__template@7.4.4", + "description": "TypeScript definitions for @babel/template", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__template@7.4.4#types/babel__template", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "87f354692c86e44cb1048a7c611c68e1131edbfa9082fca8c11c1533385884108e35b5bc3d4b20e2590532b86066151ee73dcbdcc88b0eebf227f09a3dad80f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__template" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "29.6.3", + "bom-ref": "babel-preset-jest@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@29.6.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d01ddb87147ab27597259b51fd19621d30cf4609f5b0d1ce474c95b6afc8890172b8e563152fb0ba2a3f478812364c9898a989078c0666fd8d65a9e62a64e734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "29.6.3", + "bom-ref": "babel-plugin-jest-hoist@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@29.6.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11201cfd126f193144cd1c0e4d3e3e94d0e4fc634732429b373b2f4f4a8a45f0f2c984ec931079ae75369e3203615c570811c7108d5cd18c07a1bdd6698ba33a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "ts-mocha", + "version": "10.0.0", + "bom-ref": "ts-mocha@10.0.0", + "author": "Piotr Witek", + "description": "Mocha thin wrapper that allows running TypeScript tests with TypeScript runtime (ts-node) to get rid of compilation complexity", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-mocha@10.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/piotrwitek/ts-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-mocha/-/ts-mocha-10.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5517e00cefa28ae24594d075f2dcce7f2a49db5c67db16ee6720ef26faa94db5a0900803d7b38d1abf2df9397cadc06d3817635e9e5efd193e777f5fed704747" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "ts-node", + "version": "7.0.1", + "bom-ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@7.0.1", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "055c156cf251b29ccd876c9fb25c93d4f49b979b88934dc46656f8f7744a1cde2a7a3fc3d3a9f570486394e246ebda05b04ece4fc5e3a5351c61fea92932cc87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/ts-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arrify", + "version": "1.0.1", + "bom-ref": "ts-mocha@10.0.0|arrify@1.0.1", + "author": "Sindre Sorhus", + "description": "Convert a value to an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arrify@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/arrify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/arrify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/arrify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc26337b1f4cf451908c218c1b28baff7d5cf0625b81bd2a1b2af1e475b13ddd1a0b0878701d988cc6f65dff54ba8a20accae53bd713aa7079ac8e461d94dc50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/arrify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "3.5.0", + "bom-ref": "ts-mocha@10.0.0|diff@3.5.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@3.5.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "038eaab4581dfa0ee90d98a7a67c22449b716c2d61a607f4bb33f7886f3db1c1e4d00502ec0d531b17f93a288e52ffc931947c18eb7c84bf74d215746cecb9c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "0.5.6", + "bom-ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "author": "James Halliday", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@0.5.6", + "externalReferences": [ + { + "url": "git+https://github.com/substack/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14ffa9f1107c396a45dd86410ab3f982d0039ad5c0a41e4030b9febddc80f8fcb10a3ac2b34d268f2528cecb0edf77300de4f7c0d19d2f127933ffd8aad1c027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "2.0.0", + "bom-ref": "ts-mocha@10.0.0|yn@2.0.0", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b93bfc27fc225938144e0fbdbcb4e2fff95e525e6f0d04baba28bf7a67936f6b2c63bbe5e9059fd9f15b2081a39e18ef6dd2a553479ded03e063586d4c2f3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/yn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "buffer-from", + "version": "1.1.2", + "bom-ref": "buffer-from@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer-from@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/LinusU/buffer-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/LinusU/buffer-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/LinusU/buffer-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "13e5d0091c126da6a20a1b6fea4e83c2073e6f1f81b3abee2891c7979928c7f05a29b8625f3a903b02b870edb6c84946a763829a3c15853dc79b18323c69c97d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-from" + } + ] + }, + { + "type": "library", + "name": "tsconfig-paths", + "version": "3.15.0", + "bom-ref": "tsconfig-paths@3.15.0", + "author": "Jonas Kello", + "description": "Load node modules according to tsconfig paths, in run-time or via API.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsconfig-paths@3.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/dividab/tsconfig-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80736460cc37bf727e3c1af39edccfa8f36a4415ec03dd43dbca85071dd29ab07c092a376ce1f2d759ffd4c799004c128ddb4a1a146bbe8db125a75a68b349a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ], + "components": [ + { + "type": "library", + "name": "json5", + "version": "1.0.2", + "bom-ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "author": "Aseem Kishore", + "description": "JSON for humans.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83531630b062cfc14a8b57b8c3453254bdf0fa225c7960050406819e718a3a935ae5ff132e4b646eb7b5facea8202c9d5809be1d15064e623efffc6fda1bd760" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "3.0.0", + "bom-ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdabc03115ce80154d17a9f210498bdc304ad7d891a437282305beb3043e09b1a2bbb963bbab7e264940d4c1f07a85ad69d82de0849552c5cbc83ab7e1d75cc0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/strip-bom" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + } + ] + }, + { + "type": "library", + "name": "json5", + "group": "@types", + "version": "0.0.29", + "bom-ref": "@types/json5@0.0.29", + "author": "Jason Swearingen", + "description": "TypeScript definitions for JSON5", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json5@0.0.29", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7512e30961d8838a1a03bedcc4eeb8a0efbb2700b09c8ce464f76bac2ef58d0990b6584ce79ea9c0aa396d4ceabd99dd9156de14b2088bef530b8d09345e6135" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "group": "@cspotcode", + "version": "0.8.1", + "bom-ref": "@cspotcode/source-map-support@0.8.1", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40cspotcode/source-map-support@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21c84d7fa74de2d1e8305227ffb384f0b599d7d63aabfebb0667fabe719112ff1149b0556fd2cf27111c9f0adcc17ea2c52bda886a2898052fbb8612c57ad583" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support" + } + ], + "components": [ + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.9", + "bom-ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.9", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc17a5b7ab5d73c6cf800b5b72676d349962ad5a139846f97b6802f783e7930116f6323a0801d47a81bce6d8d63f95aabaa7dabe832d330886e0ff76e9928ab9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support/node_modules/@jridgewell/trace-mapping" + } + ] + } + ] + }, + { + "type": "library", + "name": "node10", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node10@1.0.11", + "description": "A base TSConfig for working with Node 10.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node10@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0dc4630c2ba32bf90293f7147bc5f3f194a99bc992de634da6d6be8c6080e944840df92d94dbe6d7e22e67d7937036cd938d411f0a471de5be37594a0b3e333b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node10" + } + ] + }, + { + "type": "library", + "name": "node12", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node12@1.0.11", + "description": "A base TSConfig for working with Node 12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node12@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72a79fb91b21d76a56c86b08a0128903d96e16ede6471080f8e459bc0e24b4b4b322e094b56571188b978a01303b9ff2c1614c67640418a5af9191b5cc33136a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node12" + } + ] + }, + { + "type": "library", + "name": "node14", + "group": "@tsconfig", + "version": "1.0.3", + "bom-ref": "@tsconfig/node14@1.0.3", + "description": "A base TSConfig for working with Node 14.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node14@1.0.3#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cac4fc9a1762c562ba1f0de2d55d80791a99e567d78351b8de6aa86253369dceb7f3c16ae63717cabe6646ca9588bc7f18961da0bd1b7d70fc9e617e667fc8a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node14" + } + ] + }, + { + "type": "library", + "name": "node16", + "group": "@tsconfig", + "version": "1.0.4", + "bom-ref": "@tsconfig/node16@1.0.4", + "description": "A base TSConfig for working with Node 16.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node16@1.0.4#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf1854cb827c9727b28a71fb033975a5d778dc6261647fed3f6c1e37c4e7b506e5398f80d176d3f03264d7fa023ee38eca0fc96bbe7bac6d028077160bc39f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node16" + } + ] + }, + { + "type": "library", + "name": "acorn-walk", + "version": "8.3.2", + "bom-ref": "acorn-walk@8.3.2", + "description": "ECMAScript (ESTree) AST walker", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-walk@8.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "723932bf83ad34221eaa11eb7d2f354165e80813c4c51fc9eb6a3212a7a9570f16690792aa95b6ba1b8b3e1d66f5e5a10ee3a8fe35175539627ef7ac396a7fe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-walk" + } + ] + }, + { + "type": "library", + "name": "create-require", + "version": "1.1.1", + "bom-ref": "create-require@1.1.1", + "description": "Polyfill for Node.js module.createRequire (<= v12.2.0)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-require@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/nuxt-contrib/create-require.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "75c2855f78e7d0ca486978e2b2846f7b12095442b36aaef3dab64ac5ff8c4abf5391d9879ac5389b695c2e88eb8ff14797c9a4e55c4c99803e7ed4643ffde829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-require" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "4.0.2", + "bom-ref": "diff@4.0.2", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@4.0.2", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c966c4a480e013722f3f871cc53394e129834f4557e7afe9931edef262860771ce073067c5681043e600b0991bd2e6a9f56834c30aa6db48613546eae0d8ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache-lib", + "version": "3.0.1", + "bom-ref": "v8-compile-cache-lib@3.0.1", + "author": "Andrew Bradley", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache-lib@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/v8-compile-cache-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1aed88f25067cd667808fefb4ad141c037e9600c2c413c2ca55571a9d33bb9f45cf96a21ad3576aadc3848a2fd3adcca2b07e55fb9f2e1dc9945d8a7532b7c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache-lib" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "3.1.1", + "bom-ref": "yn@3.1.1", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "531e328065acbb673b8ac1567bc62ed5896e266a95871a8ad9c2d735003901c0b741f6c636933b7eed18f1bff3d7aa572e7171658bd685dddf84163d0cb982e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yn" + } + ] + }, + { + "type": "library", + "name": "tsimportlib", + "version": "0.0.5", + "bom-ref": "tsimportlib@0.0.5", + "author": "Andrew Bradley", + "purl": "pkg:npm/tsimportlib@0.0.5", + "externalReferences": [ + { + "url": "https://github.com/cspotcode/tsimportlib", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/tsimportlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsimportlib/-/tsimportlib-0.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9642ffc2dd80783f08fbed9d8794e45fcb912c58771262deba55094c334c5988a5f0b687b54b17e9ce61d7eb6b1d260cd4e9eb2b046b72448971e8ed8e14fad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsimportlib" + } + ] + }, + { + "type": "library", + "name": "colors", + "group": "@colors", + "version": "1.6.0", + "bom-ref": "@colors/colors@1.6.0", + "author": "DABH", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40colors/colors@1.6.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/DABH/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DABH/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DABH/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@colors/colors/-/colors-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "22bf803a26eaceb22c2fa6a3b77473dcbb2407b3a23151ea96d666b296d6fd326e4d5bb238c8ab56a0248df63a2484a22c783236a89c002f00c871c6ccd77f74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@colors/colors" + } + ] + }, + { + "type": "library", + "name": "diagnostics", + "group": "@dabh", + "version": "2.0.3", + "bom-ref": "@dabh/diagnostics@2.0.3", + "author": "Arnout Kazemier", + "description": "Tools for debugging your node.js modules and event loop", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40dabh/diagnostics@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/diagnostics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@dabh/diagnostics/-/diagnostics-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "86b9503888bb8407f3b0caa519217256e72bc77f0efa3eb088639ffff1f679cbc812a60de000c1492da22cc879505c83ba708d9e25083e4feadeb885bf8e7144" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@dabh/diagnostics" + } + ] + }, + { + "type": "library", + "name": "colorspace", + "version": "1.1.4", + "bom-ref": "colorspace@1.1.4", + "author": "Arnout Kazemier", + "description": "Generate HEX colors for a given namespace.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colorspace@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/colorspace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colorspace/-/colorspace-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "060bca262b95bb58a00541769048d10995e897ac228866d8e62a4bfe854fc26d012fdb08a4c23333c20aeefc2ec48233397315dc4cb9c3ebf1866d2b47f4cdf3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace" + } + ], + "components": [ + { + "type": "library", + "name": "color", + "version": "3.2.1", + "bom-ref": "colorspace@1.1.4|color@3.2.1", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68197b75923d10d37a7d4182ee65a93133cd1e659448d6a7f6db9637a6a187964b364f5b68b24e9d2325ad090772b7c5833dbf462823515023771dfa55c7a628" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "colorspace@1.1.4|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "colorspace@1.1.4|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-name" + } + ] + } + ] + }, + { + "type": "library", + "name": "text-hex", + "version": "1.0.0", + "bom-ref": "text-hex@1.0.0", + "author": "Arnout Kazemier", + "description": "Generate a hex color from the given text", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-hex@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/text-hex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-hex/-/text-hex-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae546356ce0278ca145a3528ae6cf63b3a3212c38b30e04e54bf4c1b8e9f8ecdc6e6554febb13f2e8e07172619fdca9cec82be6f973a4fa8ff8c04129c1af6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-hex" + } + ] + }, + { + "type": "library", + "name": "enabled", + "version": "2.0.0", + "bom-ref": "enabled@2.0.0", + "author": "Arnout Kazemier", + "description": "Check if a certain debug flag is enabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enabled@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/enabled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enabled/-/enabled-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00aacdf7c92ec0eccc21d022cd7188f3a505068a36e822f6d5433beb7cb587f18c489e3f38753d936625b26069c92705a3fc1b2f35902413025b8f883b7ffe39" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enabled" + } + ] + }, + { + "type": "library", + "name": "kuler", + "version": "2.0.0", + "bom-ref": "kuler@2.0.0", + "author": "Arnout Kazemier", + "description": "Color your terminal using CSS/hex color codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kuler@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/kuler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kuler/-/kuler-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eaf671fb2a559999702da1d5c30d113bbece8353581353ccd80c70e258b4a2a78e44830ab7a652c7ccf9f6ecd82fccbdabd4b30f0b5bddaa1f7cb10c6daa3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kuler" + } + ] + }, + { + "type": "library", + "name": "logform", + "version": "2.6.0", + "bom-ref": "logform@2.6.0", + "author": "Charlie Robbins", + "description": "An mutable object-based log format designed for chaining & objectMode streams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/logform@2.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/logform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/logform#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/logform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/logform/-/logform-2.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6e94778d3e9ea4fcb0fc1fdd68ed56050678398b504313b1e82b155b66218589d4b5463eb9a9ccb02f15fea557c03e840912345dbca72eb0ac0eba91c254e55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/logform" + } + ] + }, + { + "type": "library", + "name": "fecha", + "version": "4.2.3", + "bom-ref": "fecha@4.2.3", + "author": "Taylor Hakes", + "description": "Date formatting and parsing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fecha@4.2.3", + "externalReferences": [ + { + "url": "git+https://taylorhakes@github.com/taylorhakes/fecha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/taylorhakes/fecha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/taylorhakes/fecha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fecha/-/fecha-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38fd88514e877982898b78b4cf8035f641cc4282d5b381dcf833eaab123687f0cf6474e6fef8ec7c2e8fd1be2308ccb5e178b32c1aaf9dd43e522943efbd3b27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fecha" + } + ] + }, + { + "type": "library", + "name": "safe-stable-stringify", + "version": "2.4.3", + "bom-ref": "safe-stable-stringify@2.4.3", + "author": "Ruben Bridgewater", + "description": "Deterministic and safely JSON.stringify to quickly serialize JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-stable-stringify@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/BridgeAR/safe-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b66c30365894f4c31b1e55de25b033f8fb738d5fa1e931741ad5984543b494f868ef3910a64a16c2325b6bb480df9188551eb39c3ed8fe2a198305d3dd643d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "version": "1.4.1", + "bom-ref": "triple-beam@1.4.1", + "author": "Charlie Robbins", + "description": "Definitions of levels for logging purposes & shareable Symbol constants.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/triple-beam@1.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/triple-beam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/triple-beam/-/triple-beam-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6996e056266b83540d706f8b50b6bb9e16692536522e6fe65e71d79db01b8e63796926b4cbb57ec2fbfafb859a06da48489cd384acbe3c83f173536ad4427d9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/triple-beam" + } + ] + }, + { + "type": "library", + "name": "one-time", + "version": "1.0.0", + "bom-ref": "one-time@1.0.0", + "author": "Arnout Kazemier", + "description": "Run the supplied function exactly one time (once)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/one-time@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/one-time.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/one-time/-/one-time-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e435ce8912b0b9211c43f974906085e90de37000c5bf9b52991689724fceaa454570eceeb41d77e0a4527c5d310eb2f7f4c367ab16c705b51472364885381bda" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/one-time" + } + ] + }, + { + "type": "library", + "name": "fn.name", + "version": "1.1.0", + "bom-ref": "fn.name@1.1.0", + "author": "Arnout Kazemier", + "description": "Extract names from functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fn.name@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/fn.name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fn.name/-/fn.name-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1919e607980fc89a4085341d4994d2a7db9a3d2be5d3d2a861c310b6c07dad0a0e9b3b3d747e9f7de71c1fe67e72fe8febc1eee5b0ba263461e0087f98748d47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fn.name" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.3.0", + "bom-ref": "string_decoder@1.3.0", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "864457f14d568c915df0bb03276c90ff0596c5aa2912c0015355df90cf00fa3d3ef392401a9a6dd7a72bd56860e8a21b6f8a2453a32a97a04e8febaea7fc0a78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "stack-trace", + "version": "0.0.10", + "bom-ref": "stack-trace@0.0.10", + "author": "Felix Geisendörfer", + "description": "Get v8 stack traces as an array of CallSite objects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-trace@0.0.10", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-stack-trace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-trace/-/stack-trace-0.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "286cda85cee9b942a4cf232df88a807a9f9354d6ca3fe9362e6c21b9bdfd9b502c4d291a0eeb71e7a6830a8f872c3cdffc3dba0481d32563624c6d4a0098900a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-trace" + } + ] + }, + { + "type": "library", + "name": "winston-transport", + "version": "4.7.0", + "bom-ref": "winston-transport@4.7.0", + "author": "Charlie Robbins", + "description": "Base stream implementations for winston@3 and up.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston-transport@4.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/winstonjs/winston-transport.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston-transport/-/winston-transport-4.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a3063eb92b923b75e9f37abd88616ebed9b34856a2c60c7a83c373b0f0e861faf756fabbf8319e9e883bc7a0a85f2456766aec8df1bc9789e0c327de9588e36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston-transport" + } + ] + }, + { + "type": "library", + "name": "xlsx-populate", + "version": "1.21.0", + "bom-ref": "xlsx-populate@1.21.0", + "author": "Dave T. Johnson", + "description": "Excel XLSX parser/generator written in JavaScript with Node.js and browser support, jQuery/d3-style method chaining, and a focus on keeping existing workbook features and styles in tact.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xlsx-populate@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/dtjohnson/xlsx-populate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xlsx-populate/-/xlsx-populate-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2fd869bc05e857a3a2d4eca4fcd364285d33e4618d522a4e55f20fd4b98667341dc9cd7aae77f3fdf4fc6bdb25de2b2b7eb0a9426ad9a2773ea340d89ed6147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate" + } + ], + "components": [ + { + "type": "library", + "name": "sax", + "version": "1.3.0", + "bom-ref": "xlsx-populate@1.21.0|sax@1.3.0", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2cfa8026c3dccb975575712f41b5937b240774716e5ed101f85b72d610ae9ae0b68b100d8e4e919858363ee976ac04bb73eb0926deed71470f79991b89e7d58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate/node_modules/sax" + } + ] + } + ] + }, + { + "type": "library", + "name": "cfb", + "version": "1.2.2", + "bom-ref": "cfb@1.2.2", + "author": "sheetjs", + "description": "Compound File Binary File Format extractor", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/cfb@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-cfb.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-cfb/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "29f75466c48ec35f7f39b1166acbc13ff01ce2b799bc019ab9986ce92fe0a8d857848edc2b0be51fbba58fe74e1189dc6b86e6e121a8f02d5b4c042f9d38e040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cfb" + } + ] + }, + { + "type": "library", + "name": "adler-32", + "version": "1.3.1", + "bom-ref": "adler-32@1.3.1", + "author": "sheetjs", + "description": "Pure-JS ADLER-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/adler-32@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-adler32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/opensource", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-adler32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca7678c3f9d452fe6baec47c5141a87b5542f61663e95e6153d430d4794c0c9184270e52ed37d312b5938cccace8ceefaf461670faacdea02be2cb349c37cff8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/adler-32" + } + ] + }, + { + "type": "library", + "name": "crc-32", + "version": "1.2.2", + "bom-ref": "crc-32@1.2.2", + "author": "sheetjs", + "description": "Pure-JS CRC-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/crc-32@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44e9b308aad39cec326cf709029000e960568a3db71d57c654d2aaaab669bb264e1ea2b60b01d2be91aecadfd434dbda22311df17e48146a78321f887b520725" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/crc-32" + } + ] + }, + { + "type": "library", + "name": "jszip", + "version": "3.10.1", + "bom-ref": "jszip@3.10.1", + "author": "Stuart Knightley", + "description": "Create, read and edit .zip files with JavaScript http://stuartk.com/jszip", + "licenses": [ + { + "expression": "(MIT OR GPL-3.0-or-later)" + } + ], + "purl": "pkg:npm/jszip@3.10.1", + "externalReferences": [ + { + "url": "git+https://github.com/Stuk/jszip.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Stuk/jszip#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Stuk/jszip/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c570ef79cc93a462eba85aef92b512a31c5f248e401fb53ccf1c6d55c969b14b4c0aae09436f742d8f005b973b1a09ebfd8fe82be6d031ba8adaa9ad937a4de2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip" + } + ], + "components": [ + { + "type": "library", + "name": "readable-stream", + "version": "2.3.8", + "bom-ref": "jszip@3.10.1|readable-stream@2.3.8", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@2.3.8", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f29d00524e173838087b04a2d25f04a63b3e1159d688aecda03204194d07844efe67263c0f520c63ba1dbb9951ac55c683bd4bd79286f10acf9ae9b8e514ed74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.1.2", + "bom-ref": "jszip@3.10.1|safe-buffer@5.1.2", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.1.2", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19dd94641243917958ec66c9c5fb04f3f9ef2a45045351b7f1cd6c88de903fa6bd3d3f4c98707c1a7a6c71298c252a05f0b388aedf2e77fc0fb688f2b381bafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.1.1", + "bom-ref": "jszip@3.10.1|string_decoder@1.1.1", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ff4a19ef0e2e851db6d57ef8aba3e5a88e2173bfeb3c30f30705ccd578f7d4a4324bc282d3d21b759786300426e2f29240bde104767907c8fc933ff9b345fc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/string_decoder" + } + ] + } + ] + }, + { + "type": "library", + "name": "lie", + "version": "3.3.0", + "bom-ref": "lie@3.3.0", + "description": "A basic but performant promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lie@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/lie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51a88c27379646512e8f302ec392e8918d4be5e70d41864a7e6c99f4bef00c76ffa797ad29ac5786884172bc341186f2f86fcd039daf452378377f5dc47008c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lie" + } + ] + }, + { + "type": "library", + "name": "immediate", + "version": "3.0.6", + "bom-ref": "immediate@3.0.6", + "description": "A cross browser microtask library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/immediate@3.0.6", + "externalReferences": [ + { + "url": "git://github.com/calvinmetcalf/immediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d7385b72a838cd0c043155f631b85ee0f4897f21b5a69a5420d8c60a387f04c484f5aa0eb1738cf24b71da10401382cd5bb5fcf1ab5e5c894898ee08d25d119" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/immediate" + } + ] + }, + { + "type": "library", + "name": "pako", + "version": "1.0.11", + "bom-ref": "pako@1.0.11", + "description": "zlib port to javascript - fast, modularized, with browser support", + "licenses": [ + { + "expression": "(MIT AND Zlib)" + } + ], + "purl": "pkg:npm/pako@1.0.11", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/pako.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/pako", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/pako/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e212c1f0fcb8cd971ee6ce3277d5f3a29ab056fff218d855d4197c353982ab5efadc778adbe130553bfe95e19e2f5dc39e1db07dbaa8c153d70883b4cf8b5a63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pako" + } + ] + }, + { + "type": "library", + "name": "core-util-is", + "version": "1.0.3", + "bom-ref": "core-util-is@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "The `util.is*` functions introduced in Node v0.12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-util-is@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/core-util-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/core-util-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/core-util-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65006f8b50dca49e060ea6a78ee719d878f7c043b9a590d2f3d0566e472bbddc64b09a2bc140c365a997f65745929f5ac369660432e090e6c40380d6349f4561" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-util-is" + } + ] + }, + { + "type": "library", + "name": "isarray", + "version": "1.0.0", + "bom-ref": "isarray@1.0.0", + "author": "Julian Gruber", + "description": "Array#isArray for older browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/isarray@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/isarray.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/isarray", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/isarray/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54b82121634ce842d0ce8ef3c26720d0d99357258a623bc878cf37ca3a74c110d39949eb33aefc7d06dc281a3a9f6089105d2cce81bfff2b60f932a56bcf402d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isarray" + } + ] + }, + { + "type": "library", + "name": "process-nextick-args", + "version": "2.0.1", + "bom-ref": "process-nextick-args@2.0.1", + "description": "process.nextTick but always with args", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/process-nextick-args@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/process-nextick-args.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de8b943a9421b60adb39ad7b27bfaec4e4e92136166863fbfc0868477f80fbfd5ef6c92bcde9468bf757cc4632bdbc6e6c417a5a7db2a6c7132a22891459f56a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/process-nextick-args" + } + ] + }, + { + "type": "library", + "name": "setimmediate", + "version": "1.0.5", + "bom-ref": "setimmediate@1.0.5", + "author": "YuzuJS", + "description": "A shim for the setImmediate efficient script yielding API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/setimmediate@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/YuzuJS/setImmediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3004c9759a7cb0ba8397febc2df4266cff3328f2d0355e81219a0882bb1c14343e46cbcafc1c5e0d03a0cb128aa21d32ffc87706a5459c2a90fe077eade8885c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setimmediate" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.2.1", + "bom-ref": "sax@1.2.1", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d9adcba2f1d33a99bb355e723b23bc207aa056c7cae3e52ec92ad753c617912457ee4ea1095f5bdc7ae4282af79cca608fed1b9a871a2495a9be9d6873b64" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "xmlbuilder", + "version": "11.0.1", + "bom-ref": "xmlbuilder@11.0.1", + "author": "Ozgur Ozcitak", + "description": "An XML builder for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlbuilder@11.0.1", + "externalReferences": [ + { + "url": "git://github.com/oozcitak/xmlbuilder-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c396c23f905131ee02ef6de71cd3fa212c6e747ee810a7caf21f3313b96f6f49ad462745d858a9e1b14c7ba227b71bdf3eaf9e9a4d0214078921b78d91dc9bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlbuilder" + } + ] + }, + { + "type": "library", + "name": "zip-lib", + "version": "1.0.4", + "bom-ref": "zip-lib@1.0.4", + "author": "fpsqdb", + "description": "zip and unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/zip-lib@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/fpsqdb/zip-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/zip-lib/-/zip-lib-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b5cc0c2d4b13fddc60110330c685add0148fdd054af6f57faf0ece46452f1ba4045bc1a06550d3873844f050de44e0f4beb306f500c52eb789f5e4ce61ce7a4f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/zip-lib" + } + ] + }, + { + "type": "library", + "name": "yauzl", + "version": "3.1.3", + "bom-ref": "yauzl@3.1.3", + "author": "Josh Wolfe", + "description": "yet another unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yauzl@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yauzl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yauzl/-/yauzl-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "24209d9a52495afecbd2afcaca539e93245a52b744a14c5691655c828ae8b1344e0855a24bda7634d3c4f586fdd5a93b6f53794b1019125896a6ca5b65c722bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yauzl" + } + ] + }, + { + "type": "library", + "name": "buffer-crc32", + "version": "0.2.13", + "bom-ref": "buffer-crc32@0.2.13", + "author": "Brian J. Brennan", + "description": "A pure javascript CRC32 algorithm that plays nice with binary data", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/brianloveswords/buffer-crc32/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/buffer-crc32@0.2.13", + "externalReferences": [ + { + "url": "git://github.com/brianloveswords/buffer-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54ef47b7ffa9dd237b48a5aa72b804ce319b4522584f1f90d694d00b4c2b5aa1f1d2fa49ada43a1ad1f1f2dbdc835ae52b56f2854e6071cc603a08fb0744c391" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-crc32" + } + ] + }, + { + "type": "library", + "name": "pend", + "version": "1.2.0", + "bom-ref": "pend@1.2.0", + "author": "Andrew Kelley", + "description": "dead-simple optimistic async helper", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pend@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/andrewrk/node-pend.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andrewrk/node-pend#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andrewrk/node-pend/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1776acbf8d94b97721773b7ec57a9f5b538695505efa6c5ada6a88d29839c801d93ef16663763a76b49ffc643503ce9681610df4ace1fd6ae029aea219c1d72e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pend" + } + ] + }, + { + "type": "library", + "name": "yazl", + "version": "2.5.1", + "bom-ref": "yazl@2.5.1", + "author": "Josh Wolfe", + "description": "yet another zip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yazl@2.5.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yazl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yazl/-/yazl-2.5.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6110d8b63cb8879c76fa401568b7e7499da019d31a2c8fba777d697ece7223043967308d8fb19089677d3a04f4c539a1dfe6a743108f31e6a16b48e04de6faf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yazl" + } + ] + } + ], + "dependencies": [ + { + "ref": "@mitre/saf@1.4.7", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@aws-sdk/client-securityhub@3.590.0", + "@e965/xlsx@0.20.1", + "@mitre/emass_client@3.10.0", + "@mitre/hdf-converters@2.10.8", + "@mitre/heimdall-lite@2.10.9", + "@mitre/inspec-objects@1.0.1", + "@oclif/core@3.26.9", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-plugins@5.2.2", + "@oclif/plugin-version@2.2.2", + "@oclif/plugin-warn-if-update-available@3.1.4", + "@oclif/test@3.2.15", + "@smithy/node-http-handler@3.0.0", + "@types/chai@4.3.14", + "@types/express@4.17.21", + "@types/flat@5.0.5", + "@types/fs-extra@11.0.4", + "@types/get-installed-path@4.0.3", + "@types/jest@29.5.12", + "@types/js-yaml@4.0.9", + "@types/lodash@4.17.4", + "@types/mocha@10.0.6", + "@types/mock-fs@4.13.4", + "@types/mustache@4.2.5", + "@types/node@20.14.1", + "@types/objects-to-csv@1.3.3", + "@types/prompt-sync@4.2.3", + "@types/tmp@0.2.6", + "@types/uuid@9.0.8", + "@types/xml2js@0.4.14", + "@typescript-eslint/eslint-plugin@7.12.0", + "accurate-search@1.2.15", + "ajv@8.16.0", + "axios@1.7.2", + "chai@4.4.1", + "colors@1.4.0", + "csv-parse@4.16.3", + "dotenv@16.4.5", + "eslint-config-oclif-typescript@1.0.3", + "eslint-config-oclif@4.0.0", + "eslint-plugin-unicorn@52.0.0", + "eslint@8.57.0", + "express@4.19.2", + "fast-xml-parser@4.4.0", + "flat@5.0.2", + "form-data@4.0.0", + "fs-extra@11.2.0", + "get-installed-path@4.0.8", + "htmlparser2@9.1.0", + "https@1.0.0", + "inquirer-file-tree-selection-prompt@2.0.2", + "inquirer@8.0.0", + "inspecjs@2.10.8", + "jest-mock@29.7.0", + "jest@29.7.0", + "js-yaml@4.1.0", + "json-colorizer@2.2.2", + "lodash@4.17.21", + "markdown-diff@2.0.0", + "markdown-table-ts@1.0.3", + "marked@12.0.2", + "mocha@10.4.0", + "mock-fs@5.2.0", + "moment@2.30.1", + "mustache@4.2.0", + "objects-to-csv@1.3.6", + "oclif@4.13.0", + "open@10.1.0", + "prompt-sync@4.2.0", + "run-script-os@1.1.6", + "table@6.8.2", + "tmp@0.2.3", + "ts-jest@29.1.4", + "ts-mocha@10.0.0", + "ts-node@10.9.2", + "tsimportlib@0.0.5", + "tslib@2.6.3", + "typescript@5.1.6", + "uuid@9.0.1", + "winston@3.13.0", + "xlsx-populate@1.21.0", + "xml2js@0.6.2", + "yaml@2.4.3", + "zip-lib@1.0.4" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0", + "dependsOn": [ + "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/util@3.0.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/util@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/util@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/types@3.577.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-utf8-browser@3.259.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-locate-window@3.535.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "tslib@2.6.3" + }, + { + "ref": "@aws-sdk/middleware-host-header@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-logger@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/config-resolver@3.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/core@2.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/fetch-http-handler@3.0.1", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/invalid-dependency@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-content-length@3.0.0", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-endpoint@3.0.1", + "dependsOn": [ + "@smithy/middleware-serde@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-retry@3.0.3", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/service-error-classification@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "tslib@2.6.3", + "uuid@9.0.1" + ] + }, + { + "ref": "@smithy/middleware-serde@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-stack@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-config-provider@3.1.0", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-http-handler@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/protocol-http@4.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/smithy-client@3.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-stack@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/types@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/url-parser@3.0.0", + "dependsOn": [ + "@smithy/querystring-parser@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-base64@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-browser@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-node@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-browser@3.0.3", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-node@3.0.3", + "dependsOn": [ + "@smithy/config-resolver@3.0.1", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-endpoints@2.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-middleware@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-retry@3.0.0", + "dependsOn": [ + "@smithy/service-error-classification@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-utf8@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/signature-v4@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/is-array-buffer@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-hex-encoding@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-uri-escape@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "strnum@1.0.5" + }, + { + "ref": "@smithy/property-provider@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-stream@3.0.1", + "dependsOn": [ + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/credential-provider-imds@3.1.0", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/shared-ini-file-loader@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-config-provider@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "bowser@2.11.0" + }, + { + "ref": "@smithy/querystring-builder@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-buffer-from@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/service-error-classification@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0" + ] + }, + { + "ref": "uuid@9.0.1" + }, + { + "ref": "@smithy/querystring-parser@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@e965/xlsx@0.20.1" + }, + { + "ref": "@mitre/emass_client@3.10.0", + "dependsOn": [ + "@mitre/emass_client@3.10.0|axios@0.21.4" + ] + }, + { + "ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "dependsOn": [ + "follow-redirects@1.15.6" + ] + }, + { + "ref": "follow-redirects@1.15.6" + }, + { + "ref": "@mitre/hdf-converters@2.10.8", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@e965/xlsx@0.20.1", + "@mdi/js@7.4.47", + "@mitre/jsonix@3.0.7", + "@smithy/node-http-handler@3.0.0", + "@types/csv2json@1.4.5", + "@types/ms@0.7.34", + "@types/mustache@4.2.5", + "@types/papaparse@5.3.14", + "@types/revalidator@0.3.12", + "@types/triple-beam@1.3.5", + "@types/validator@13.12.0", + "@types/xml2js@0.4.14", + "axios@1.7.2", + "compare-versions@6.1.0", + "csv2json@2.0.2", + "fast-xml-parser@4.4.0", + "html-entities@2.5.2", + "htmlparser2@9.1.0", + "inspecjs@2.10.8", + "lodash@4.17.21", + "moment@2.30.1", + "ms@2.1.3", + "mustache@4.2.0", + "papaparse@5.4.1", + "revalidator@0.3.1", + "run-script-os@1.1.6", + "semver@7.6.2", + "tailwindcss@3.4.3", + "tw-elements@1.1.0", + "validator@13.12.0", + "winston@3.13.0", + "xml-formatter@3.6.2", + "xml-parser-xo@4.1.1", + "xml2js@0.6.2", + "yaml@2.4.3" + ] + }, + { + "ref": "@mdi/js@7.4.47" + }, + { + "ref": "@mitre/jsonix@3.0.7", + "dependsOn": [ + "@xmldom/xmldom@0.8.10", + "amdefine@0.0.4", + "xmlhttprequest@1.8.0" + ] + }, + { + "ref": "@xmldom/xmldom@0.8.10" + }, + { + "ref": "amdefine@0.0.4" + }, + { + "ref": "xmlhttprequest@1.8.0" + }, + { + "ref": "@types/csv2json@1.4.5", + "dependsOn": [ + "@types/pumpify@1.4.4" + ] + }, + { + "ref": "@types/pumpify@1.4.4", + "dependsOn": [ + "@types/duplexify@3.6.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/duplexify@3.6.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/node@20.14.1", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/ms@0.7.34" + }, + { + "ref": "@types/mustache@4.2.5" + }, + { + "ref": "@types/papaparse@5.3.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/revalidator@0.3.12" + }, + { + "ref": "@types/triple-beam@1.3.5" + }, + { + "ref": "@types/validator@13.12.0" + }, + { + "ref": "@types/xml2js@0.4.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "axios@1.7.2", + "dependsOn": [ + "follow-redirects@1.15.6", + "form-data@4.0.0", + "proxy-from-env@1.1.0" + ] + }, + { + "ref": "compare-versions@6.1.0" + }, + { + "ref": "csv2json@2.0.2", + "dependsOn": [ + "csv-parser@2.3.5", + "exec-promise@0.7.0", + "minimist@1.2.8", + "promise-toolbox@0.14.0", + "pump@3.0.0", + "pumpify@2.0.1", + "strip-bom-stream@4.0.0", + "through2@3.0.2" + ] + }, + { + "ref": "csv-parser@2.3.5", + "dependsOn": [ + "minimist@1.2.8", + "through2@3.0.2" + ] + }, + { + "ref": "minimist@1.2.8" + }, + { + "ref": "through2@3.0.2", + "dependsOn": [ + "inherits@2.0.4", + "readable-stream@3.6.2" + ] + }, + { + "ref": "exec-promise@0.7.0", + "dependsOn": [ + "log-symbols@1.0.2" + ] + }, + { + "ref": "log-symbols@1.0.2", + "dependsOn": [ + "log-symbols@1.0.2|chalk@1.1.3" + ] + }, + { + "ref": "log-symbols@1.0.2|chalk@1.1.3", + "dependsOn": [ + "log-symbols@1.0.2|ansi-styles@2.2.1", + "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "has-ansi@2.0.0", + "log-symbols@1.0.2|strip-ansi@3.0.1", + "log-symbols@1.0.2|supports-color@2.0.0" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-styles@2.2.1" + }, + { + "ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "log-symbols@1.0.2|ansi-regex@2.1.1" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-regex@2.1.1" + }, + { + "ref": "log-symbols@1.0.2|supports-color@2.0.0" + }, + { + "ref": "has-ansi@2.0.0", + "dependsOn": [ + "has-ansi@2.0.0|ansi-regex@2.1.1" + ] + }, + { + "ref": "has-ansi@2.0.0|ansi-regex@2.1.1" + }, + { + "ref": "promise-toolbox@0.14.0", + "dependsOn": [ + "make-error@1.3.6" + ] + }, + { + "ref": "make-error@1.3.6" + }, + { + "ref": "pump@3.0.0", + "dependsOn": [ + "end-of-stream@1.4.4", + "once@1.4.0" + ] + }, + { + "ref": "end-of-stream@1.4.4", + "dependsOn": [ + "once@1.4.0" + ] + }, + { + "ref": "once@1.4.0", + "dependsOn": [ + "wrappy@1.0.2" + ] + }, + { + "ref": "pumpify@2.0.1", + "dependsOn": [ + "duplexify@4.1.3", + "inherits@2.0.4", + "pump@3.0.0" + ] + }, + { + "ref": "duplexify@4.1.3", + "dependsOn": [ + "end-of-stream@1.4.4", + "inherits@2.0.4", + "readable-stream@3.6.2", + "stream-shift@1.0.3" + ] + }, + { + "ref": "inherits@2.0.4" + }, + { + "ref": "readable-stream@3.6.2", + "dependsOn": [ + "inherits@2.0.4", + "string_decoder@1.3.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "stream-shift@1.0.3" + }, + { + "ref": "strip-bom-stream@4.0.0", + "dependsOn": [ + "first-chunk-stream@3.0.0", + "strip-bom-buf@2.0.0" + ] + }, + { + "ref": "first-chunk-stream@3.0.0" + }, + { + "ref": "strip-bom-buf@2.0.0", + "dependsOn": [ + "is-utf8@0.2.1" + ] + }, + { + "ref": "is-utf8@0.2.1" + }, + { + "ref": "fast-xml-parser@4.4.0", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "html-entities@2.5.2" + }, + { + "ref": "htmlparser2@9.1.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "domutils@3.1.0", + "entities@4.5.0" + ] + }, + { + "ref": "inspecjs@2.10.8" + }, + { + "ref": "lodash@4.17.21" + }, + { + "ref": "moment@2.30.1" + }, + { + "ref": "ms@2.1.3" + }, + { + "ref": "mustache@4.2.0" + }, + { + "ref": "papaparse@5.4.1" + }, + { + "ref": "revalidator@0.3.1" + }, + { + "ref": "run-script-os@1.1.6" + }, + { + "ref": "semver@7.6.2" + }, + { + "ref": "tailwindcss@3.4.3", + "dependsOn": [ + "@alloc/quick-lru@5.2.0", + "arg@5.0.2", + "chokidar@3.5.3", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "postcss-import@15.1.0", + "postcss-js@4.0.1", + "postcss-load-config@4.0.2", + "postcss-nested@6.0.1", + "postcss-selector-parser@6.0.16", + "postcss@8.4.38", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "@alloc/quick-lru@5.2.0" + }, + { + "ref": "arg@5.0.2" + }, + { + "ref": "chokidar@3.5.3", + "dependsOn": [ + "anymatch@3.1.3", + "braces@3.0.2", + "fsevents@2.3.3", + "chokidar@3.5.3|glob-parent@5.1.2", + "is-binary-path@2.1.0", + "is-glob@4.0.3", + "normalize-path@3.0.0", + "readdirp@3.6.0" + ] + }, + { + "ref": "chokidar@3.5.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "didyoumean@1.2.2" + }, + { + "ref": "dlv@1.1.3" + }, + { + "ref": "fast-glob@3.3.2", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "@nodelib/fs.walk@1.2.8", + "fast-glob@3.3.2|glob-parent@5.1.2", + "merge2@1.4.1", + "micromatch@4.0.5" + ] + }, + { + "ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "@nodelib/fs.stat@2.0.5" + }, + { + "ref": "@nodelib/fs.walk@1.2.8", + "dependsOn": [ + "@nodelib/fs.scandir@2.1.5", + "fastq@1.17.1" + ] + }, + { + "ref": "is-glob@4.0.3", + "dependsOn": [ + "is-extglob@2.1.1" + ] + }, + { + "ref": "merge2@1.4.1" + }, + { + "ref": "micromatch@4.0.5", + "dependsOn": [ + "braces@3.0.2", + "picomatch@2.3.1" + ] + }, + { + "ref": "glob-parent@6.0.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "jiti@1.21.0" + }, + { + "ref": "lilconfig@2.1.0" + }, + { + "ref": "braces@3.0.2", + "dependsOn": [ + "fill-range@7.0.1" + ] + }, + { + "ref": "picomatch@2.3.1" + }, + { + "ref": "normalize-path@3.0.0" + }, + { + "ref": "object-hash@3.0.0" + }, + { + "ref": "picocolors@1.0.0" + }, + { + "ref": "postcss-import@15.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "postcss-value-parser@4.2.0" + }, + { + "ref": "postcss@8.4.38", + "dependsOn": [ + "nanoid@3.3.7", + "picocolors@1.0.0", + "source-map-js@1.2.0" + ] + }, + { + "ref": "read-cache@1.0.0", + "dependsOn": [ + "pify@2.3.0" + ] + }, + { + "ref": "pify@2.3.0" + }, + { + "ref": "resolve@1.22.8", + "dependsOn": [ + "is-core-module@2.13.1", + "path-parse@1.0.7", + "supports-preserve-symlinks-flag@1.0.0" + ] + }, + { + "ref": "postcss-js@4.0.1", + "dependsOn": [ + "camelcase-css@2.0.1", + "postcss@8.4.38" + ] + }, + { + "ref": "camelcase-css@2.0.1" + }, + { + "ref": "postcss-load-config@4.0.2", + "dependsOn": [ + "postcss-load-config@4.0.2|lilconfig@3.1.1", + "postcss@8.4.38", + "ts-node@10.9.2", + "yaml@2.4.3" + ] + }, + { + "ref": "postcss-load-config@4.0.2|lilconfig@3.1.1" + }, + { + "ref": "ts-node@10.9.2", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1", + "@tsconfig/node10@1.0.11", + "@tsconfig/node12@1.0.11", + "@tsconfig/node14@1.0.3", + "@tsconfig/node16@1.0.4", + "@types/node@20.14.1", + "acorn-walk@8.3.2", + "acorn@8.11.3", + "ts-node@10.9.2|arg@4.1.3", + "create-require@1.1.1", + "diff@4.0.2", + "make-error@1.3.6", + "typescript@5.1.6", + "v8-compile-cache-lib@3.0.1", + "yn@3.1.1" + ] + }, + { + "ref": "ts-node@10.9.2|arg@4.1.3" + }, + { + "ref": "yaml@2.4.3" + }, + { + "ref": "postcss-nested@6.0.1", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "postcss-selector-parser@6.0.16", + "dependsOn": [ + "cssesc@3.0.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "cssesc@3.0.0" + }, + { + "ref": "util-deprecate@1.0.2" + }, + { + "ref": "nanoid@3.3.7" + }, + { + "ref": "source-map-js@1.2.0" + }, + { + "ref": "is-core-module@2.13.1", + "dependsOn": [ + "hasown@2.0.2" + ] + }, + { + "ref": "path-parse@1.0.7" + }, + { + "ref": "supports-preserve-symlinks-flag@1.0.0" + }, + { + "ref": "sucrase@3.35.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "sucrase@3.35.0|commander@4.1.1", + "sucrase@3.35.0|glob@10.3.12", + "lines-and-columns@1.2.4", + "mz@2.7.0", + "pirates@4.0.6", + "ts-interface-checker@0.1.13" + ] + }, + { + "ref": "sucrase@3.35.0|commander@4.1.1" + }, + { + "ref": "sucrase@3.35.0|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "sucrase@3.35.0|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "sucrase@3.35.0|minipass@7.0.4" + }, + { + "ref": "@jridgewell/gen-mapping@0.3.5", + "dependsOn": [ + "@jridgewell/set-array@1.2.1", + "@jridgewell/sourcemap-codec@1.4.15", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "@jridgewell/set-array@1.2.1" + }, + { + "ref": "@jridgewell/sourcemap-codec@1.4.15" + }, + { + "ref": "@jridgewell/trace-mapping@0.3.25", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "foreground-child@3.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "foreground-child@3.1.1|signal-exit@4.1.0" + ] + }, + { + "ref": "foreground-child@3.1.1|signal-exit@4.1.0" + }, + { + "ref": "cross-spawn@7.0.3", + "dependsOn": [ + "path-key@3.1.1", + "shebang-command@2.0.0", + "which@2.0.2" + ] + }, + { + "ref": "jackspeak@2.3.6", + "dependsOn": [ + "@isaacs/cliui@8.0.2", + "@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2", + "dependsOn": [ + "string-width@4.2.3", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.5h3h9846p8.g5nk6qdc128", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "wrap-ansi@7.0.0", + "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "eastasianwidth@0.2.0", + "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1" + }, + { + "ref": "string-width@4.2.3", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "emoji-regex@8.0.0" + }, + { + "ref": "is-fullwidth-code-point@3.0.0" + }, + { + "ref": "strip-ansi@6.0.1", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "ansi-regex@5.0.1" + }, + { + "ref": "wrap-ansi@7.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-styles@4.3.0", + "dependsOn": [ + "color-convert@2.0.1" + ] + }, + { + "ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@pkgjs/parseargs@0.11.0" + }, + { + "ref": "minimatch@9.0.4", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "path-scurry@1.10.2", + "dependsOn": [ + "path-scurry@1.10.2|lru-cache@10.2.0", + "path-scurry@1.10.2|minipass@7.0.4" + ] + }, + { + "ref": "path-scurry@1.10.2|lru-cache@10.2.0" + }, + { + "ref": "path-scurry@1.10.2|minipass@7.0.4" + }, + { + "ref": "lines-and-columns@1.2.4" + }, + { + "ref": "mz@2.7.0", + "dependsOn": [ + "any-promise@1.3.0", + "object-assign@4.1.1", + "thenify-all@1.6.0" + ] + }, + { + "ref": "any-promise@1.3.0" + }, + { + "ref": "object-assign@4.1.1" + }, + { + "ref": "thenify-all@1.6.0", + "dependsOn": [ + "thenify@3.3.1" + ] + }, + { + "ref": "thenify@3.3.1", + "dependsOn": [ + "any-promise@1.3.0" + ] + }, + { + "ref": "pirates@4.0.6" + }, + { + "ref": "ts-interface-checker@0.1.13" + }, + { + "ref": "tw-elements@1.1.0", + "dependsOn": [ + "@popperjs/core@2.11.8", + "chart.js@3.9.1", + "chartjs-plugin-datalabels@2.2.0", + "deepmerge@4.3.1", + "detect-autofill@1.1.4", + "perfect-scrollbar@1.5.5", + "tw-elements@1.1.0|tailwindcss@3.3.0" + ] + }, + { + "ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "dependsOn": [ + "arg@5.0.2", + "chokidar@3.5.3", + "color-name@1.1.4", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "tw-elements@1.1.0|postcss-import@14.1.0", + "postcss-js@4.0.1", + "tw-elements@1.1.0|postcss-load-config@3.1.4", + "tw-elements@1.1.0|postcss-nested@6.0.0", + "postcss-selector-parser@6.0.16", + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "quick-lru@5.1.1", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "dependsOn": [ + "lilconfig@2.1.0", + "postcss@8.4.38", + "ts-node@10.9.2", + "tw-elements@1.1.0|yaml@1.10.2" + ] + }, + { + "ref": "tw-elements@1.1.0|yaml@1.10.2" + }, + { + "ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "@popperjs/core@2.11.8" + }, + { + "ref": "chart.js@3.9.1" + }, + { + "ref": "chartjs-plugin-datalabels@2.2.0", + "dependsOn": [ + "chart.js@3.9.1" + ] + }, + { + "ref": "deepmerge@4.3.1" + }, + { + "ref": "detect-autofill@1.1.4", + "dependsOn": [ + "custom-event-polyfill@1.0.7" + ] + }, + { + "ref": "custom-event-polyfill@1.0.7" + }, + { + "ref": "perfect-scrollbar@1.5.5" + }, + { + "ref": "color-name@1.1.4" + }, + { + "ref": "quick-lru@5.1.1" + }, + { + "ref": "validator@13.12.0" + }, + { + "ref": "winston@3.13.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@dabh/diagnostics@2.0.3", + "async@3.2.5", + "is-stream@2.0.1", + "logform@2.6.0", + "one-time@1.0.0", + "readable-stream@3.6.2", + "safe-stable-stringify@2.4.3", + "stack-trace@0.0.10", + "triple-beam@1.4.1", + "winston-transport@4.7.0" + ] + }, + { + "ref": "xml-formatter@3.6.2", + "dependsOn": [ + "xml-parser-xo@4.1.1" + ] + }, + { + "ref": "xml-parser-xo@4.1.1" + }, + { + "ref": "xml2js@0.6.2", + "dependsOn": [ + "sax@1.2.1", + "xmlbuilder@11.0.1" + ] + }, + { + "ref": "@mitre/heimdall-lite@2.10.9", + "dependsOn": [ + "express@4.19.2" + ] + }, + { + "ref": "express@4.19.2", + "dependsOn": [ + "accepts@1.3.8", + "array-flatten@1.1.1", + "body-parser@1.20.2", + "content-disposition@0.5.4", + "content-type@1.0.5", + "cookie-signature@1.0.6", + "cookie@0.6.0", + "express@4.19.2|debug@2.6.9", + "depd@2.0.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "finalhandler@1.2.0", + "fresh@0.5.2", + "http-errors@2.0.0", + "merge-descriptors@1.0.1", + "methods@1.1.2", + "on-finished@2.4.1", + "parseurl@1.3.3", + "path-to-regexp@0.1.7", + "proxy-addr@2.0.7", + "qs@6.11.0", + "range-parser@1.2.1", + "safe-buffer@5.2.1", + "send@0.18.0", + "serve-static@1.15.0", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "type-is@1.6.18", + "utils-merge@1.0.1", + "vary@1.1.2" + ] + }, + { + "ref": "express@4.19.2|debug@2.6.9", + "dependsOn": [ + "express@4.19.2|ms@2.0.0" + ] + }, + { + "ref": "express@4.19.2|ms@2.0.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1", + "dependsOn": [ + "@types/flat@5.0.5", + "@types/he@1.2.3", + "@types/json-diff@0.7.0", + "@types/jstoxml@2.0.4", + "@types/lodash@4.17.4", + "@types/mustache@4.2.5", + "@types/pretty@2.0.3", + "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "flat@5.0.2", + "he@1.2.0", + "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "inspecjs@2.10.8", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json-diff@0.9.1", + "jstoxml@3.2.10", + "lodash@4.17.21", + "mustache@4.2.0", + "pretty@2.0.0", + "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "winston@3.13.0", + "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "@mitre/inspec-objects@1.0.1|entities@3.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "rimraf@3.0.2", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "terminal-link@2.1.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "dependsOn": [ + "@types/node@20.14.1", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "dependsOn": [ + "execa@5.1.1", + "p-limit@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "micromatch@4.0.5", + "parse-json@5.2.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "is-generator-fn@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "p-limit@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/babel__traverse@7.20.5", + "@types/prettier@2.7.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "natural-compare@1.4.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "semver@7.6.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "ansi-regex@5.0.1", + "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "execa@5.1.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "jest-pnp-resolver@1.2.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "leven@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "string-length@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "prompts@2.4.2", + "yargs@17.7.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + }, + { + "ref": "@types/flat@5.0.5" + }, + { + "ref": "@types/he@1.2.3" + }, + { + "ref": "@types/json-diff@0.7.0" + }, + { + "ref": "@types/jstoxml@2.0.4" + }, + { + "ref": "@types/lodash@4.17.4" + }, + { + "ref": "@types/pretty@2.0.3" + }, + { + "ref": "flat@5.0.2" + }, + { + "ref": "he@1.2.0" + }, + { + "ref": "domelementtype@2.3.0" + }, + { + "ref": "chalk@4.1.2", + "dependsOn": [ + "ansi-styles@4.3.0", + "chalk@4.1.2|supports-color@7.2.0" + ] + }, + { + "ref": "chalk@4.1.2|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "slash@3.0.0" + }, + { + "ref": "@bcoe/v8-coverage@0.2.3" + }, + { + "ref": "collect-v8-coverage@1.0.2" + }, + { + "ref": "exit@0.1.2" + }, + { + "ref": "glob@7.2.3", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "glob@7.2.3|minimatch@3.1.2", + "once@1.4.0", + "path-is-absolute@1.0.1" + ] + }, + { + "ref": "glob@7.2.3|minimatch@3.1.2", + "dependsOn": [ + "glob@7.2.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "glob@7.2.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "graceful-fs@4.2.11" + }, + { + "ref": "istanbul-lib-coverage@3.2.2" + }, + { + "ref": "@babel/core@7.24.4", + "dependsOn": [ + "@ampproject/remapping@2.3.0", + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-compilation-targets@7.23.6", + "@babel/helper-module-transforms@7.23.3", + "@babel/helpers@7.24.4", + "@babel/parser@7.24.4", + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "convert-source-map@2.0.0", + "debug@4.3.4", + "gensync@1.0.0-beta.2", + "json5@2.2.3", + "@babel/core@7.24.4|semver@6.3.1" + ] + }, + { + "ref": "@babel/core@7.24.4|semver@6.3.1" + }, + { + "ref": "@babel/parser@7.24.4" + }, + { + "ref": "@istanbuljs/schema@0.1.3" + }, + { + "ref": "istanbul-lib-report@3.0.1", + "dependsOn": [ + "istanbul-lib-coverage@3.2.2", + "make-dir@4.0.0", + "istanbul-lib-report@3.0.1|supports-color@7.2.0" + ] + }, + { + "ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "istanbul-lib-source-maps@4.0.1", + "dependsOn": [ + "debug@4.3.4", + "istanbul-lib-coverage@3.2.2", + "source-map@0.6.1" + ] + }, + { + "ref": "istanbul-reports@3.1.7", + "dependsOn": [ + "html-escaper@2.0.2", + "istanbul-lib-report@3.0.1" + ] + }, + { + "ref": "merge-stream@2.0.0" + }, + { + "ref": "supports-color@8.1.1", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "string-length@4.0.2", + "dependsOn": [ + "char-regex@1.0.2", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "terminal-link@2.1.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "supports-hyperlinks@2.3.0" + ] + }, + { + "ref": "ansi-escapes@4.3.2", + "dependsOn": [ + "type-fest@0.21.3" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0", + "dependsOn": [ + "has-flag@4.0.0", + "supports-hyperlinks@2.3.0|supports-color@7.2.0" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "v8-to-istanbul@9.2.0", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "@types/istanbul-lib-coverage@2.0.6", + "convert-source-map@2.0.0" + ] + }, + { + "ref": "@types/istanbul-lib-coverage@2.0.6" + }, + { + "ref": "babel-plugin-istanbul@6.1.1", + "dependsOn": [ + "@babel/helper-plugin-utils@7.24.0", + "@istanbuljs/load-nyc-config@1.1.0", + "@istanbuljs/schema@0.1.3", + "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "test-exclude@6.0.0" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "babel-plugin-istanbul@6.1.1|semver@6.3.1" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1" + }, + { + "ref": "fast-json-stable-stringify@2.1.0" + }, + { + "ref": "write-file-atomic@4.0.2", + "dependsOn": [ + "imurmurhash@0.1.4", + "signal-exit@3.0.7" + ] + }, + { + "ref": "execa@5.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "get-stream@6.0.1", + "human-signals@2.1.0", + "is-stream@2.0.1", + "merge-stream@2.0.0", + "npm-run-path@4.0.1", + "onetime@5.1.2", + "signal-exit@3.0.7", + "strip-final-newline@2.0.0" + ] + }, + { + "ref": "p-limit@3.1.0", + "dependsOn": [ + "yocto-queue@0.1.0" + ] + }, + { + "ref": "co@4.6.0" + }, + { + "ref": "is-generator-fn@2.1.0" + }, + { + "ref": "stack-utils@2.0.6", + "dependsOn": [ + "stack-utils@2.0.6|escape-string-regexp@2.0.0" + ] + }, + { + "ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0" + }, + { + "ref": "parse-json@5.2.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "error-ex@1.3.2", + "json-parse-even-better-errors@2.3.1", + "lines-and-columns@1.2.4" + ] + }, + { + "ref": "strip-json-comments@3.1.1" + }, + { + "ref": "@types/graceful-fs@4.1.9", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "anymatch@3.1.3", + "dependsOn": [ + "normalize-path@3.0.0", + "picomatch@2.3.1" + ] + }, + { + "ref": "fb-watchman@2.0.2", + "dependsOn": [ + "bser@2.1.1" + ] + }, + { + "ref": "fsevents@2.3.3" + }, + { + "ref": "walker@1.0.8", + "dependsOn": [ + "makeerror@1.0.12" + ] + }, + { + "ref": "@babel/code-frame@7.24.2", + "dependsOn": [ + "@babel/highlight@7.24.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "@types/stack-utils@2.0.3" + }, + { + "ref": "jest-pnp-resolver@1.2.3", + "dependsOn": [ + "jest-resolve@29.7.0" + ] + }, + { + "ref": "detect-newline@3.1.0" + }, + { + "ref": "source-map-support@0.5.13", + "dependsOn": [ + "buffer-from@1.1.2", + "source-map@0.6.1" + ] + }, + { + "ref": "type-detect@4.0.8" + }, + { + "ref": "callsites@3.1.0" + }, + { + "ref": "cjs-module-lexer@1.2.3" + }, + { + "ref": "strip-bom@4.0.0" + }, + { + "ref": "@babel/generator@7.24.4", + "dependsOn": [ + "@babel/types@7.24.0", + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25", + "@babel/generator@7.24.4|jsesc@2.5.2" + ] + }, + { + "ref": "@babel/generator@7.24.4|jsesc@2.5.2" + }, + { + "ref": "@babel/plugin-syntax-typescript@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-function-name@7.23.0", + "@babel/helper-hoist-variables@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "debug@4.3.4", + "@babel/traverse@7.24.1|globals@11.12.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1|globals@11.12.0" + }, + { + "ref": "@babel/types@7.24.0", + "dependsOn": [ + "@babel/helper-string-parser@7.24.1", + "@babel/helper-validator-identifier@7.22.20", + "to-fast-properties@2.0.0" + ] + }, + { + "ref": "@types/babel__traverse@7.20.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/prettier@2.7.3" + }, + { + "ref": "babel-preset-current-node-syntax@1.0.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/plugin-syntax-async-generators@7.8.4", + "@babel/plugin-syntax-bigint@7.8.3", + "@babel/plugin-syntax-class-properties@7.12.13", + "@babel/plugin-syntax-import-meta@7.10.4", + "@babel/plugin-syntax-json-strings@7.8.3", + "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "@babel/plugin-syntax-numeric-separator@7.10.4", + "@babel/plugin-syntax-object-rest-spread@7.8.3", + "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "@babel/plugin-syntax-optional-chaining@7.8.3", + "@babel/plugin-syntax-top-level-await@7.14.5" + ] + }, + { + "ref": "natural-compare@1.4.0" + }, + { + "ref": "leven@3.1.0" + }, + { + "ref": "react-is@18.2.0" + }, + { + "ref": "rimraf@3.0.2", + "dependsOn": [ + "glob@7.2.3" + ] + }, + { + "ref": "@types/istanbul-reports@3.0.4", + "dependsOn": [ + "@types/istanbul-lib-report@3.0.3" + ] + }, + { + "ref": "@types/yargs@17.0.32", + "dependsOn": [ + "@types/yargs-parser@21.0.3" + ] + }, + { + "ref": "import-local@3.1.0", + "dependsOn": [ + "pkg-dir@4.2.0", + "resolve-cwd@3.0.0" + ] + }, + { + "ref": "prompts@2.4.2", + "dependsOn": [ + "kleur@3.0.3", + "sisteransi@1.0.5" + ] + }, + { + "ref": "kleur@3.0.3" + }, + { + "ref": "sisteransi@1.0.5" + }, + { + "ref": "yargs@17.7.2", + "dependsOn": [ + "cliui@8.0.1", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs@17.7.2|yargs-parser@21.1.1" + ] + }, + { + "ref": "yargs@17.7.2|yargs-parser@21.1.1" + }, + { + "ref": "json-diff@0.9.1", + "dependsOn": [ + "cli-color@2.0.4", + "difflib@0.2.4", + "dreamopt@0.8.0" + ] + }, + { + "ref": "cli-color@2.0.4", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "memoizee@0.4.15", + "timers-ext@0.1.7" + ] + }, + { + "ref": "d@1.0.2", + "dependsOn": [ + "es5-ext@0.10.64", + "type@2.7.2" + ] + }, + { + "ref": "es5-ext@0.10.64", + "dependsOn": [ + "es6-iterator@2.0.3", + "es6-symbol@3.1.4", + "esniff@2.0.1", + "next-tick@1.1.0" + ] + }, + { + "ref": "type@2.7.2" + }, + { + "ref": "es6-iterator@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "es6-symbol@3.1.4", + "dependsOn": [ + "d@1.0.2", + "ext@1.7.0" + ] + }, + { + "ref": "ext@1.7.0", + "dependsOn": [ + "type@2.7.2" + ] + }, + { + "ref": "esniff@2.0.1", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "event-emitter@0.3.5", + "type@2.7.2" + ] + }, + { + "ref": "event-emitter@0.3.5", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64" + ] + }, + { + "ref": "next-tick@1.1.0" + }, + { + "ref": "memoizee@0.4.15", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-weak-map@2.0.3", + "event-emitter@0.3.5", + "is-promise@2.2.2", + "lru-queue@0.1.0", + "next-tick@1.1.0", + "timers-ext@0.1.7" + ] + }, + { + "ref": "es6-weak-map@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "is-promise@2.2.2" + }, + { + "ref": "lru-queue@0.1.0", + "dependsOn": [ + "es5-ext@0.10.64" + ] + }, + { + "ref": "timers-ext@0.1.7", + "dependsOn": [ + "es5-ext@0.10.64", + "next-tick@1.1.0" + ] + }, + { + "ref": "difflib@0.2.4", + "dependsOn": [ + "heap@0.2.7" + ] + }, + { + "ref": "heap@0.2.7" + }, + { + "ref": "dreamopt@0.8.0", + "dependsOn": [ + "wordwrap@1.0.0" + ] + }, + { + "ref": "wordwrap@1.0.0" + }, + { + "ref": "jstoxml@3.2.10" + }, + { + "ref": "pretty@2.0.0", + "dependsOn": [ + "condense-newlines@0.2.1", + "extend-shallow@2.0.1", + "js-beautify@1.15.1" + ] + }, + { + "ref": "condense-newlines@0.2.1", + "dependsOn": [ + "extend-shallow@2.0.1", + "is-whitespace@0.3.0", + "kind-of@3.2.2" + ] + }, + { + "ref": "extend-shallow@2.0.1", + "dependsOn": [ + "is-extendable@0.1.1" + ] + }, + { + "ref": "is-whitespace@0.3.0" + }, + { + "ref": "kind-of@3.2.2", + "dependsOn": [ + "is-buffer@1.1.6" + ] + }, + { + "ref": "is-buffer@1.1.6" + }, + { + "ref": "is-extendable@0.1.1" + }, + { + "ref": "js-beautify@1.15.1", + "dependsOn": [ + "config-chain@1.1.13", + "editorconfig@1.0.4", + "js-beautify@1.15.1|glob@10.3.12", + "js-cookie@3.0.5", + "nopt@7.2.0" + ] + }, + { + "ref": "js-beautify@1.15.1|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "js-beautify@1.15.1|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "js-beautify@1.15.1|minipass@7.0.4" + }, + { + "ref": "config-chain@1.1.13", + "dependsOn": [ + "ini@1.3.8", + "proto-list@1.2.4" + ] + }, + { + "ref": "ini@1.3.8" + }, + { + "ref": "proto-list@1.2.4" + }, + { + "ref": "editorconfig@1.0.4", + "dependsOn": [ + "@one-ini/wasm@0.1.1", + "commander@10.0.1", + "editorconfig@1.0.4|minimatch@9.0.1", + "semver@7.6.2" + ] + }, + { + "ref": "editorconfig@1.0.4|minimatch@9.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "@one-ini/wasm@0.1.1" + }, + { + "ref": "commander@10.0.1" + }, + { + "ref": "brace-expansion@2.0.1", + "dependsOn": [ + "balanced-match@1.0.2" + ] + }, + { + "ref": "js-cookie@3.0.5" + }, + { + "ref": "nopt@7.2.0", + "dependsOn": [ + "abbrev@2.0.0" + ] + }, + { + "ref": "abbrev@2.0.0" + }, + { + "ref": "@types/babel__core@7.20.5", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "@types/babel__generator@7.6.8", + "@types/babel__template@7.4.4", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@babel/template@7.24.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "bs-logger@0.2.6", + "dependsOn": [ + "fast-json-stable-stringify@2.1.0" + ] + }, + { + "ref": "json5@2.2.3" + }, + { + "ref": "lodash.memoize@4.1.2" + }, + { + "ref": "@oclif/core@3.26.9", + "dependsOn": [ + "@types/cli-progress@3.11.5", + "ansi-escapes@4.3.2", + "ansi-styles@4.3.0", + "cardinal@2.1.1", + "chalk@4.1.2", + "clean-stack@3.0.1", + "cli-progress@3.12.0", + "color@4.2.3", + "@oclif/core@3.26.9|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "hyperlinker@1.0.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "@oclif/core@3.26.9|js-yaml@3.14.1", + "minimatch@9.0.4", + "natural-orderby@2.0.3", + "object-treeify@1.1.33", + "password-prompt@1.1.3", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "supports-color@8.1.1", + "supports-hyperlinks@2.3.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/core@3.26.9|debug@4.3.5", + "dependsOn": [ + "@oclif/core@3.26.9|ms@2.1.2" + ] + }, + { + "ref": "@oclif/core@3.26.9|ms@2.1.2" + }, + { + "ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "dependsOn": [ + "@oclif/core@3.26.9|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@oclif/core@3.26.9|argparse@1.0.10", + "dependsOn": [ + "@oclif/core@3.26.9|sprintf-js@1.0.3" + ] + }, + { + "ref": "@oclif/core@3.26.9|sprintf-js@1.0.3" + }, + { + "ref": "@types/cli-progress@3.11.5", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "type-fest@0.21.3" + }, + { + "ref": "color-convert@2.0.1", + "dependsOn": [ + "color-name@1.1.4" + ] + }, + { + "ref": "cardinal@2.1.1", + "dependsOn": [ + "ansicolors@0.3.2", + "redeyed@2.1.1" + ] + }, + { + "ref": "ansicolors@0.3.2" + }, + { + "ref": "redeyed@2.1.1", + "dependsOn": [ + "esprima@4.0.1" + ] + }, + { + "ref": "esprima@4.0.1" + }, + { + "ref": "has-flag@4.0.0" + }, + { + "ref": "clean-stack@3.0.1", + "dependsOn": [ + "escape-string-regexp@4.0.0" + ] + }, + { + "ref": "escape-string-regexp@4.0.0" + }, + { + "ref": "cli-progress@3.12.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "color@4.2.3", + "dependsOn": [ + "color-convert@2.0.1", + "color-string@1.9.1" + ] + }, + { + "ref": "color-string@1.9.1", + "dependsOn": [ + "color-name@1.1.4", + "simple-swizzle@0.2.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2", + "dependsOn": [ + "simple-swizzle@0.2.2|is-arrayish@0.3.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2" + }, + { + "ref": "ejs@3.1.10", + "dependsOn": [ + "jake@10.8.7" + ] + }, + { + "ref": "jake@10.8.7", + "dependsOn": [ + "async@3.2.5", + "chalk@4.1.2", + "filelist@1.0.4", + "jake@10.8.7|minimatch@3.1.2" + ] + }, + { + "ref": "jake@10.8.7|minimatch@3.1.2", + "dependsOn": [ + "jake@10.8.7|brace-expansion@1.1.11" + ] + }, + { + "ref": "jake@10.8.7|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "async@3.2.5" + }, + { + "ref": "filelist@1.0.4", + "dependsOn": [ + "filelist@1.0.4|minimatch@5.1.6" + ] + }, + { + "ref": "filelist@1.0.4|minimatch@5.1.6", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "balanced-match@1.0.2" + }, + { + "ref": "concat-map@0.0.1" + }, + { + "ref": "get-package-type@0.1.0" + }, + { + "ref": "globby@11.1.0", + "dependsOn": [ + "array-union@2.1.0", + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "slash@3.0.0" + ] + }, + { + "ref": "array-union@2.1.0" + }, + { + "ref": "dir-glob@3.0.1", + "dependsOn": [ + "path-type@4.0.0" + ] + }, + { + "ref": "path-type@4.0.0" + }, + { + "ref": "ignore@5.3.1" + }, + { + "ref": "hyperlinker@1.0.0" + }, + { + "ref": "indent-string@4.0.0" + }, + { + "ref": "is-wsl@2.2.0", + "dependsOn": [ + "is-docker@2.2.1" + ] + }, + { + "ref": "is-docker@2.2.1" + }, + { + "ref": "natural-orderby@2.0.3" + }, + { + "ref": "object-treeify@1.1.33" + }, + { + "ref": "password-prompt@1.1.3", + "dependsOn": [ + "ansi-escapes@4.3.2", + "cross-spawn@7.0.3" + ] + }, + { + "ref": "slice-ansi@4.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "astral-regex@2.0.0", + "is-fullwidth-code-point@3.0.0" + ] + }, + { + "ref": "astral-regex@2.0.0" + }, + { + "ref": "widest-line@3.1.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0", + "dependsOn": [ + "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0" + }, + { + "ref": "ansis@3.2.0" + }, + { + "ref": "cli-spinners@2.9.2" + }, + { + "ref": "cosmiconfig@9.0.0", + "dependsOn": [ + "env-paths@2.2.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "parse-json@5.2.0", + "typescript@5.1.6" + ] + }, + { + "ref": "env-paths@2.2.1" + }, + { + "ref": "import-fresh@3.3.0", + "dependsOn": [ + "parent-module@1.0.1", + "resolve-from@4.0.0" + ] + }, + { + "ref": "js-yaml@4.1.0", + "dependsOn": [ + "argparse@2.0.1" + ] + }, + { + "ref": "error-ex@1.3.2", + "dependsOn": [ + "is-arrayish@0.2.1" + ] + }, + { + "ref": "json-parse-even-better-errors@2.3.1" + }, + { + "ref": "typescript@5.1.6" + }, + { + "ref": "debug@4.3.4", + "dependsOn": [ + "debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "debug@4.3.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "npm@10.8.0", + "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "semver@7.6.2", + "validate-npm-package-name@5.0.1", + "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2", + "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "semver@7.6.2", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + }, + { + "ref": "hosted-git-info@7.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2|lru-cache@10.2.2" + ] + }, + { + "ref": "hosted-git-info@7.0.2|lru-cache@10.2.2" + }, + { + "ref": "validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/config@8.3.2", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|abbrev@2.0.0", + "npm@10.8.0|archy@1.0.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|chalk@5.3.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|cli-columns@4.0.0", + "npm@10.8.0|fastest-levenshtein@1.0.16", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|init-package-json@6.0.3", + "npm@10.8.0|is-cidr@5.0.5", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|libnpmaccess@8.0.6", + "npm@10.8.0|libnpmdiff@6.1.2", + "npm@10.8.0|libnpmexec@8.1.1", + "npm@10.8.0|libnpmfund@5.0.10", + "npm@10.8.0|libnpmhook@10.0.5", + "npm@10.8.0|libnpmorg@6.0.6", + "npm@10.8.0|libnpmpack@7.0.2", + "npm@10.8.0|libnpmpublish@9.0.8", + "npm@10.8.0|libnpmsearch@7.0.5", + "npm@10.8.0|libnpmteam@6.0.5", + "npm@10.8.0|libnpmversion@6.0.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|ms@2.1.3", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-audit-report@5.0.0", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-profile@10.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|npm-user-validate@2.0.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|qrcode-terminal@0.12.0", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|spdx-expression-parse@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|supports-color@9.4.0", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|text-table@0.2.0", + "npm@10.8.0|tiny-relative-date@1.3.0", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|validate-npm-package-name@5.0.1", + "npm@10.8.0|which@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0" + }, + { + "ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/query@3.1.0", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|bin-links@4.0.4", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|common-ancestor-path@1.0.1", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|json-stringify-nice@1.1.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|proggy@2.0.0", + "npm@10.8.0|promise-all-reject-late@1.0.1", + "npm@10.8.0|promise-call-limit@3.0.1", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "dependsOn": [ + "npm@10.8.0|npm-bundled@3.0.1", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-bundled@3.0.1", + "dependsOn": [ + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|read-package-json-fast@3.0.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "dependsOn": [ + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|cacache@18.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass-collect@2.0.1", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|unique-filename@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2" + }, + { + "ref": "npm@10.8.0|pacote@18.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-packlist@8.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|proc-log@4.2.0" + }, + { + "ref": "npm@10.8.0|semver@7.6.2" + }, + { + "ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/query@3.1.0", + "dependsOn": [ + "npm@10.8.0|postcss-selector-parser@6.0.16" + ] + }, + { + "ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "dependsOn": [ + "npm@10.8.0|cssesc@3.0.0", + "npm@10.8.0|util-deprecate@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|cssesc@3.0.0" + }, + { + "ref": "npm@10.8.0|util-deprecate@1.0.2" + }, + { + "ref": "npm@10.8.0|@npmcli/redact@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|bin-links@4.0.4", + "dependsOn": [ + "npm@10.8.0|cmd-shim@6.0.3", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|read-cmd-shim@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|cmd-shim@6.0.3" + }, + { + "ref": "npm@10.8.0|read-cmd-shim@4.0.0" + }, + { + "ref": "npm@10.8.0|write-file-atomic@5.0.1", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|common-ancestor-path@1.0.1" + }, + { + "ref": "npm@10.8.0|hosted-git-info@7.0.2", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2" + ] + }, + { + "ref": "npm@10.8.0|json-stringify-nice@1.1.4" + }, + { + "ref": "npm@10.8.0|lru-cache@10.2.2" + }, + { + "ref": "npm@10.8.0|minimatch@9.0.4", + "dependsOn": [ + "npm@10.8.0|brace-expansion@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|nopt@7.2.1", + "dependsOn": [ + "npm@10.8.0|abbrev@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|npm-install-checks@6.3.0", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-package-arg@11.0.2", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "dependsOn": [ + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-json-stream@1.0.1", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|just-diff-apply@5.5.0", + "npm@10.8.0|just-diff@6.0.2" + ] + }, + { + "ref": "npm@10.8.0|proggy@2.0.0" + }, + { + "ref": "npm@10.8.0|promise-all-reject-late@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-call-limit@3.0.1" + }, + { + "ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ssri@10.0.6", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|treeverse@3.0.0" + }, + { + "ref": "npm@10.8.0|walk-up-path@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/config@8.3.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ci-info@4.0.0" + }, + { + "ref": "npm@10.8.0|ini@4.1.2" + }, + { + "ref": "npm@10.8.0|glob@10.3.15", + "dependsOn": [ + "npm@10.8.0|foreground-child@3.1.1", + "npm@10.8.0|jackspeak@2.3.6", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|path-scurry@1.11.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/git@5.0.7", + "dependsOn": [ + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-inflight@1.0.1", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "dependsOn": [ + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|promise-inflight@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-retry@2.0.1", + "dependsOn": [ + "npm@10.8.0|err-code@2.0.3", + "npm@10.8.0|retry@0.12.0" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0", + "dependsOn": [ + "npm@10.8.0|which@4.0.0|isexe@3.1.1" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1" + }, + { + "ref": "npm@10.8.0|normalize-package-data@6.0.1", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|is-core-module@2.13.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0", + "dependsOn": [ + "npm@10.8.0|env-paths@2.2.1", + "npm@10.8.0|exponential-backoff@3.1.1", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0" + }, + { + "ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|tuf-js@2.2.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + }, + { + "ref": "npm@10.8.0|tuf-js@2.2.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/models@2.0.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|make-fetch-happen@13.0.1" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/models@2.0.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0" + }, + { + "ref": "npm@10.8.0|debug@4.3.4", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2" + }, + { + "ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/agent@2.2.2", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|http-cache-semantics@4.1.1", + "npm@10.8.0|is-lambda@1.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|negotiator@0.6.3", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|abbrev@2.0.0" + }, + { + "ref": "npm@10.8.0|archy@1.0.0" + }, + { + "ref": "npm@10.8.0|fs-minipass@3.0.3", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass-collect@2.0.1", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass@7.1.1" + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5", + "dependsOn": [ + "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|yallist@4.0.0" + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "dependsOn": [ + "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|p-map@4.0.0", + "dependsOn": [ + "npm@10.8.0|aggregate-error@3.1.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1", + "dependsOn": [ + "npm@10.8.0|chownr@2.0.0", + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|mkdirp@1.0.4", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "dependsOn": [ + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0" + }, + { + "ref": "npm@10.8.0|unique-filename@3.0.0", + "dependsOn": [ + "npm@10.8.0|unique-slug@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|unique-slug@4.0.0", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4" + ] + }, + { + "ref": "npm@10.8.0|imurmurhash@0.1.4" + }, + { + "ref": "npm@10.8.0|chalk@5.3.0" + }, + { + "ref": "npm@10.8.0|cli-columns@4.0.0", + "dependsOn": [ + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|string-width@4.2.3", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|emoji-regex@8.0.0" + }, + { + "ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0" + }, + { + "ref": "npm@10.8.0|strip-ansi@6.0.1", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|ansi-regex@5.0.1" + }, + { + "ref": "npm@10.8.0|fastest-levenshtein@1.0.16" + }, + { + "ref": "npm@10.8.0|foreground-child@3.1.1", + "dependsOn": [ + "npm@10.8.0|cross-spawn@7.0.3", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3", + "dependsOn": [ + "npm@10.8.0|path-key@3.1.1", + "npm@10.8.0|shebang-command@2.0.0", + "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "dependsOn": [ + "npm@10.8.0|isexe@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|path-key@3.1.1" + }, + { + "ref": "npm@10.8.0|shebang-command@2.0.0", + "dependsOn": [ + "npm@10.8.0|shebang-regex@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|shebang-regex@3.0.0" + }, + { + "ref": "npm@10.8.0|isexe@2.0.0" + }, + { + "ref": "npm@10.8.0|signal-exit@4.1.0" + }, + { + "ref": "npm@10.8.0|jackspeak@2.3.6", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2", + "npm@10.8.0|@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "dependsOn": [ + "BomRef.6h760ft6oi8.7sr4bitkllo", + "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.uih8rvtlbdo.33q7f9m1mj", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "npm@10.8.0|wrap-ansi@7.0.0", + "npm@10.8.0|wrap-ansi@8.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "dependsOn": [ + "npm@10.8.0|color-convert@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|color-convert@2.0.1", + "dependsOn": [ + "npm@10.8.0|color-name@1.1.4" + ] + }, + { + "ref": "npm@10.8.0|color-name@1.1.4" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0", + "dependsOn": [ + "npm@10.8.0|ansi-styles@6.2.1", + "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + }, + { + "ref": "npm@10.8.0|ansi-styles@6.2.1" + }, + { + "ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0" + }, + { + "ref": "npm@10.8.0|path-scurry@1.11.1", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|graceful-fs@4.2.11" + }, + { + "ref": "npm@10.8.0|init-package-json@6.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|promzard@1.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|promzard@1.0.2", + "dependsOn": [ + "npm@10.8.0|read@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|read@3.0.1", + "dependsOn": [ + "npm@10.8.0|mute-stream@1.0.0" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0", + "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-exceptions@2.5.0" + }, + { + "ref": "npm@10.8.0|spdx-license-ids@3.0.17" + }, + { + "ref": "npm@10.8.0|validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0|is-cidr@5.0.5", + "dependsOn": [ + "npm@10.8.0|cidr-regex@4.0.5" + ] + }, + { + "ref": "npm@10.8.0|cidr-regex@4.0.5", + "dependsOn": [ + "npm@10.8.0|ip-regex@5.0.0" + ] + }, + { + "ref": "npm@10.8.0|ip-regex@5.0.0" + }, + { + "ref": "npm@10.8.0|libnpmaccess@8.0.6", + "dependsOn": [ + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmdiff@6.1.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|binary-extensions@2.3.0", + "npm@10.8.0|diff@5.2.0", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|binary-extensions@2.3.0" + }, + { + "ref": "npm@10.8.0|diff@5.2.0" + }, + { + "ref": "npm@10.8.0|libnpmexec@8.1.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmfund@5.0.10", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmhook@10.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|aproba@2.0.0" + }, + { + "ref": "npm@10.8.0|libnpmorg@6.0.6", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmpack@7.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6" + ] + }, + { + "ref": "npm@10.8.0|libnpmpublish@9.0.8", + "dependsOn": [ + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|sigstore@2.3.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|@sigstore/sign@2.3.1", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|@sigstore/verify@1.2.0" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/core@1.1.0" + }, + { + "ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmsearch@7.0.5", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmteam@6.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmversion@6.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|http-proxy-agent@7.0.2", + "npm@10.8.0|https-proxy-agent@7.0.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|socks-proxy-agent@8.0.3" + ] + }, + { + "ref": "npm@10.8.0|agent-base@7.1.1", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|socks@2.8.3" + ] + }, + { + "ref": "npm@10.8.0|socks@2.8.3", + "dependsOn": [ + "npm@10.8.0|ip-address@9.0.5", + "npm@10.8.0|smart-buffer@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|ip-address@9.0.5", + "dependsOn": [ + "npm@10.8.0|jsbn@1.1.0", + "npm@10.8.0|sprintf-js@1.1.3" + ] + }, + { + "ref": "npm@10.8.0|jsbn@1.1.0" + }, + { + "ref": "npm@10.8.0|sprintf-js@1.1.3" + }, + { + "ref": "npm@10.8.0|smart-buffer@4.2.0" + }, + { + "ref": "npm@10.8.0|http-cache-semantics@4.1.1" + }, + { + "ref": "npm@10.8.0|is-lambda@1.0.1" + }, + { + "ref": "npm@10.8.0|minipass-fetch@3.0.5", + "dependsOn": [ + "npm@10.8.0|encoding@0.1.13", + "npm@10.8.0|minipass-sized@1.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|encoding@0.1.13", + "dependsOn": [ + "npm@10.8.0|iconv-lite@0.6.3" + ] + }, + { + "ref": "npm@10.8.0|iconv-lite@0.6.3", + "dependsOn": [ + "npm@10.8.0|safer-buffer@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|safer-buffer@2.1.2" + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3", + "dependsOn": [ + "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2", + "dependsOn": [ + "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|negotiator@0.6.3" + }, + { + "ref": "npm@10.8.0|err-code@2.0.3" + }, + { + "ref": "npm@10.8.0|retry@0.12.0" + }, + { + "ref": "npm@10.8.0|brace-expansion@2.0.1", + "dependsOn": [ + "npm@10.8.0|balanced-match@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|balanced-match@1.0.2" + }, + { + "ref": "npm@10.8.0|ms@2.1.3" + }, + { + "ref": "npm@10.8.0|env-paths@2.2.1" + }, + { + "ref": "npm@10.8.0|exponential-backoff@3.1.1" + }, + { + "ref": "npm@10.8.0|is-core-module@2.13.1", + "dependsOn": [ + "npm@10.8.0|hasown@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|hasown@2.0.2", + "dependsOn": [ + "npm@10.8.0|function-bind@1.1.2" + ] + }, + { + "ref": "npm@10.8.0|function-bind@1.1.2" + }, + { + "ref": "npm@10.8.0|npm-audit-report@5.0.0" + }, + { + "ref": "npm@10.8.0|npm-profile@10.0.0", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "dependsOn": [ + "npm@10.8.0|jsonparse@1.3.1", + "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|jsonparse@1.3.1" + }, + { + "ref": "npm@10.8.0|npm-user-validate@2.0.1" + }, + { + "ref": "npm@10.8.0|aggregate-error@3.1.0", + "dependsOn": [ + "npm@10.8.0|clean-stack@2.2.0", + "npm@10.8.0|indent-string@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|clean-stack@2.2.0" + }, + { + "ref": "npm@10.8.0|indent-string@4.0.0" + }, + { + "ref": "npm@10.8.0|npm-packlist@8.0.2", + "dependsOn": [ + "npm@10.8.0|ignore-walk@6.0.5" + ] + }, + { + "ref": "npm@10.8.0|ignore-walk@6.0.5", + "dependsOn": [ + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|just-diff-apply@5.5.0" + }, + { + "ref": "npm@10.8.0|just-diff@6.0.2" + }, + { + "ref": "npm@10.8.0|qrcode-terminal@0.12.0" + }, + { + "ref": "npm@10.8.0|mute-stream@1.0.0" + }, + { + "ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|supports-color@9.4.0" + }, + { + "ref": "npm@10.8.0|chownr@2.0.0" + }, + { + "ref": "npm@10.8.0|mkdirp@1.0.4" + }, + { + "ref": "npm@10.8.0|text-table@0.2.0" + }, + { + "ref": "npm@10.8.0|tiny-relative-date@1.3.0" + }, + { + "ref": "@oclif/plugin-version@2.2.2", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "ansis@3.2.0" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-version@2.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "lodash@4.17.21" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "dependsOn": [ + "content-type@1.0.5", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "is-stream@2.0.1", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "dependsOn": [ + "error-ex@1.3.2", + "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "content-type@1.0.5" + }, + { + "ref": "is-stream@2.0.1" + }, + { + "ref": "is-arrayish@0.2.1" + }, + { + "ref": "safe-buffer@5.2.1" + }, + { + "ref": "@oclif/test@3.2.15", + "dependsOn": [ + "@oclif/core@3.26.9", + "chai@4.4.1", + "fancy-test@3.0.15" + ] + }, + { + "ref": "chai@4.4.1", + "dependsOn": [ + "assertion-error@1.1.0", + "check-error@1.0.3", + "deep-eql@4.1.3", + "get-func-name@2.0.2", + "loupe@2.3.7", + "pathval@1.1.1", + "type-detect@4.0.8" + ] + }, + { + "ref": "fancy-test@3.0.15", + "dependsOn": [ + "@types/chai@4.3.14", + "@types/lodash@4.17.4", + "@types/node@20.14.1", + "@types/sinon@17.0.3", + "lodash@4.17.21", + "mock-stdin@1.0.0", + "nock@13.5.4", + "sinon@16.1.3", + "stdout-stderr@0.1.13" + ] + }, + { + "ref": "@types/chai@4.3.14" + }, + { + "ref": "@types/sinon@17.0.3", + "dependsOn": [ + "@types/sinonjs__fake-timers@8.1.5" + ] + }, + { + "ref": "@types/sinonjs__fake-timers@8.1.5" + }, + { + "ref": "mock-stdin@1.0.0" + }, + { + "ref": "nock@13.5.4", + "dependsOn": [ + "debug@4.3.4", + "json-stringify-safe@5.0.1", + "propagate@2.0.1" + ] + }, + { + "ref": "json-stringify-safe@5.0.1" + }, + { + "ref": "propagate@2.0.1" + }, + { + "ref": "sinon@16.1.3", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "@sinonjs/fake-timers@10.3.0", + "@sinonjs/samsam@8.0.0", + "sinon@16.1.3|diff@5.2.0", + "nise@5.1.9", + "sinon@16.1.3|supports-color@7.2.0" + ] + }, + { + "ref": "sinon@16.1.3|diff@5.2.0" + }, + { + "ref": "sinon@16.1.3|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "@sinonjs/commons@3.0.1", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/fake-timers@10.3.0", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0", + "dependsOn": [ + "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "lodash.get@4.4.2", + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "lodash.get@4.4.2" + }, + { + "ref": "nise@5.1.9", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "@sinonjs/text-encoding@0.7.2", + "just-extend@6.2.0", + "nise@5.1.9|path-to-regexp@6.2.2" + ] + }, + { + "ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "nise@5.1.9|path-to-regexp@6.2.2" + }, + { + "ref": "@sinonjs/text-encoding@0.7.2" + }, + { + "ref": "just-extend@6.2.0" + }, + { + "ref": "stdout-stderr@0.1.13", + "dependsOn": [ + "debug@4.3.4", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@smithy/abort-controller@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@types/express@4.17.21", + "dependsOn": [ + "@types/body-parser@1.19.5", + "@types/express-serve-static-core@4.19.0", + "@types/qs@6.9.15", + "@types/serve-static@1.15.7" + ] + }, + { + "ref": "@types/body-parser@1.19.5", + "dependsOn": [ + "@types/connect@3.4.38", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/connect@3.4.38", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/express-serve-static-core@4.19.0", + "dependsOn": [ + "@types/node@20.14.1", + "@types/qs@6.9.15", + "@types/range-parser@1.2.7", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/qs@6.9.15" + }, + { + "ref": "@types/range-parser@1.2.7" + }, + { + "ref": "@types/send@0.17.4", + "dependsOn": [ + "@types/mime@1.3.5", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/mime@1.3.5" + }, + { + "ref": "@types/serve-static@1.15.7", + "dependsOn": [ + "@types/http-errors@2.0.4", + "@types/node@20.14.1", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/http-errors@2.0.4" + }, + { + "ref": "@types/fs-extra@11.0.4", + "dependsOn": [ + "@types/jsonfile@6.1.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/jsonfile@6.1.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/get-installed-path@4.0.3" + }, + { + "ref": "@types/jest@29.5.12", + "dependsOn": [ + "expect@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "expect@29.7.0", + "dependsOn": [ + "@jest/expect-utils@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/expect-utils@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3" + ] + }, + { + "ref": "jest-get-type@29.6.3" + }, + { + "ref": "jest-matcher-utils@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-diff@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "diff-sequences@29.6.3", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "diff-sequences@29.6.3" + }, + { + "ref": "pretty-format@29.7.0", + "dependsOn": [ + "@jest/schemas@29.6.3", + "pretty-format@29.7.0|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "pretty-format@29.7.0|ansi-styles@5.2.0" + }, + { + "ref": "jest-message-util@29.7.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@jest/types@29.6.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/types@29.6.3", + "dependsOn": [ + "@jest/schemas@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "jest-util@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-util@29.7.0|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "jest-util@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/schemas@29.6.3", + "dependsOn": [ + "@sinclair/typebox@0.27.8" + ] + }, + { + "ref": "@sinclair/typebox@0.27.8" + }, + { + "ref": "@types/js-yaml@4.0.9" + }, + { + "ref": "@types/mocha@10.0.6" + }, + { + "ref": "@types/mock-fs@4.13.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "@types/objects-to-csv@1.3.3" + }, + { + "ref": "@types/prompt-sync@4.2.3" + }, + { + "ref": "@types/tmp@0.2.6" + }, + { + "ref": "@types/uuid@9.0.8" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0", + "dependsOn": [ + "@eslint-community/regexpp@4.10.0", + "@typescript-eslint/parser@7.7.1", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/type-utils@7.12.0", + "@typescript-eslint/utils@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "eslint@8.57.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "natural-compare@1.4.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@eslint-community/regexpp@4.10.0" + }, + { + "ref": "@typescript-eslint/parser@7.7.1", + "dependsOn": [ + "@typescript-eslint/scope-manager@7.7.1", + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/typescript-estree@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/scope-manager@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1" + ] + }, + { + "ref": "@typescript-eslint/types@7.7.1" + }, + { + "ref": "@typescript-eslint/visitor-keys@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/typescript-estree@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "ts-api-utils@1.3.0", + "dependsOn": [ + "typescript@5.1.6" + ] + }, + { + "ref": "eslint-visitor-keys@3.4.3" + }, + { + "ref": "eslint@8.57.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@eslint-community/regexpp@4.10.0", + "@eslint/eslintrc@2.1.4", + "@eslint/js@8.57.0", + "@humanwhocodes/config-array@0.11.14", + "@humanwhocodes/module-importer@1.0.1", + "@nodelib/fs.walk@1.2.8", + "@ungap/structured-clone@1.2.0", + "eslint@8.57.0|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "escape-string-regexp@4.0.0", + "eslint-scope@7.2.2", + "eslint-visitor-keys@3.4.3", + "espree@9.6.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "find-up@5.0.0", + "glob-parent@6.0.2", + "globals@13.24.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "is-path-inside@3.0.3", + "js-yaml@4.1.0", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint@8.57.0|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "strip-ansi@6.0.1", + "text-table@0.2.0" + ] + }, + { + "ref": "eslint@8.57.0|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint@8.57.0|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint@8.57.0|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint@8.57.0|minimatch@3.1.2", + "dependsOn": [ + "eslint@8.57.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint@8.57.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "@typescript-eslint/utils@7.12.0", + "debug@4.3.4", + "eslint@8.57.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@eslint-community/eslint-utils@4.4.0", + "dependsOn": [ + "eslint-visitor-keys@3.4.3", + "eslint@8.57.0" + ] + }, + { + "ref": "graphemer@1.4.0" + }, + { + "ref": "accurate-search@1.2.15" + }, + { + "ref": "ajv@8.16.0", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "json-schema-traverse@1.0.0", + "require-from-string@2.0.2", + "uri-js@4.4.1" + ] + }, + { + "ref": "fast-deep-equal@3.1.3" + }, + { + "ref": "json-schema-traverse@1.0.0" + }, + { + "ref": "require-from-string@2.0.2" + }, + { + "ref": "uri-js@4.4.1", + "dependsOn": [ + "punycode@2.3.1" + ] + }, + { + "ref": "punycode@2.3.1" + }, + { + "ref": "form-data@4.0.0", + "dependsOn": [ + "asynckit@0.4.0", + "combined-stream@1.0.8", + "mime-types@2.1.35" + ] + }, + { + "ref": "proxy-from-env@1.1.0" + }, + { + "ref": "assertion-error@1.1.0" + }, + { + "ref": "check-error@1.0.3", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "get-func-name@2.0.2" + }, + { + "ref": "deep-eql@4.1.3", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "loupe@2.3.7", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "pathval@1.1.1" + }, + { + "ref": "colors@1.4.0" + }, + { + "ref": "csv-parse@4.16.3" + }, + { + "ref": "dotenv@16.4.5" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "functional-red-black-tree@1.0.1", + "ignore@5.3.1", + "regexpp@3.2.0", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "enquirer@2.4.1", + "escape-string-regexp@4.0.0", + "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "functional-red-black-tree@1.0.1", + "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "import-fresh@3.3.0", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "progress@2.0.3", + "regexpp@3.2.0", + "semver@7.6.2", + "strip-ansi@6.0.1", + "strip-json-comments@3.1.1", + "table@6.8.2", + "text-table@0.2.0", + "v8-compile-cache@2.4.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "dependsOn": [ + "@babel/highlight@7.24.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "import-fresh@3.3.0", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0", + "dependsOn": [ + "@types/json-schema@7.0.15", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "eslint-utils@3.0.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + }, + { + "ref": "@types/json-schema@7.0.15" + }, + { + "ref": "tsutils@3.21.0", + "dependsOn": [ + "tsutils@3.21.0|tslib@1.14.1", + "typescript@5.1.6" + ] + }, + { + "ref": "tsutils@3.21.0|tslib@1.14.1" + }, + { + "ref": "esrecurse@4.3.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "eslint-utils@3.0.0", + "dependsOn": [ + "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/highlight@7.24.2", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@babel/highlight@7.24.2|chalk@2.4.2", + "js-tokens@4.0.0", + "picocolors@1.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "dependsOn": [ + "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "@babel/highlight@7.24.2|supports-color@5.5.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "dependsOn": [ + "@babel/highlight@7.24.2|color-convert@1.9.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "dependsOn": [ + "@babel/highlight@7.24.2|color-name@1.1.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-name@1.1.3" + }, + { + "ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5" + }, + { + "ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "dependsOn": [ + "@babel/highlight@7.24.2|has-flag@3.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|has-flag@3.0.0" + }, + { + "ref": "globals@13.24.0", + "dependsOn": [ + "globals@13.24.0|type-fest@0.20.2" + ] + }, + { + "ref": "globals@13.24.0|type-fest@0.20.2" + }, + { + "ref": "doctrine@3.0.0", + "dependsOn": [ + "esutils@2.0.3" + ] + }, + { + "ref": "enquirer@2.4.1", + "dependsOn": [ + "ansi-colors@4.1.1", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-colors@4.1.1" + }, + { + "ref": "acorn-jsx@5.3.2", + "dependsOn": [ + "acorn@8.11.3" + ] + }, + { + "ref": "esquery@1.5.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "esutils@2.0.3" + }, + { + "ref": "file-entry-cache@6.0.1", + "dependsOn": [ + "flat-cache@3.2.0" + ] + }, + { + "ref": "functional-red-black-tree@1.0.1" + }, + { + "ref": "imurmurhash@0.1.4" + }, + { + "ref": "json-stable-stringify-without-jsonify@1.0.1" + }, + { + "ref": "levn@0.4.1", + "dependsOn": [ + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "lodash.merge@4.6.2" + }, + { + "ref": "optionator@0.9.3", + "dependsOn": [ + "@aashutoshrathi/word-wrap@1.2.6", + "deep-is@0.1.4", + "optionator@0.9.3|fast-levenshtein@2.0.6", + "levn@0.4.1", + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "optionator@0.9.3|fast-levenshtein@2.0.6" + }, + { + "ref": "progress@2.0.3" + }, + { + "ref": "regexpp@3.2.0" + }, + { + "ref": "table@6.8.2", + "dependsOn": [ + "ajv@8.16.0", + "lodash.truncate@4.4.2", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "text-table@0.2.0" + }, + { + "ref": "v8-compile-cache@2.4.0" + }, + { + "ref": "confusing-browser-globals@1.0.10" + }, + { + "ref": "eslint-plugin-mocha@9.0.0", + "dependsOn": [ + "eslint-utils@3.0.0", + "eslint@8.57.0", + "ramda@0.27.2" + ] + }, + { + "ref": "ramda@0.27.2" + }, + { + "ref": "eslint-plugin-node@11.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1", + "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "eslint@8.57.0", + "ignore@5.3.1", + "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "resolve@1.22.8", + "eslint-plugin-node@11.1.0|semver@6.3.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "dependsOn": [ + "eslint-plugin-node@11.1.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|semver@6.3.1" + }, + { + "ref": "eslint-plugin-es@3.0.1", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "eslint@8.57.0", + "regexpp@3.2.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif@4.0.0", + "dependsOn": [ + "eslint-config-xo-space@0.27.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0", + "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "clean-regexp@1.0.0", + "eslint-template-visitor@2.3.2", + "eslint-utils@3.0.0", + "eslint@8.57.0", + "is-builtin-module@3.2.1", + "lodash@4.17.21", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "safe-regex@2.1.1", + "semver@7.6.2" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0" + }, + { + "ref": "eslint-config-xo-space@0.27.0", + "dependsOn": [ + "eslint-config-xo@0.35.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-config-xo@0.35.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint@8.57.0" + ] + }, + { + "ref": "@babel/helper-validator-identifier@7.22.20" + }, + { + "ref": "clean-regexp@1.0.0", + "dependsOn": [ + "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + }, + { + "ref": "eslint-template-visitor@2.3.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/eslint-parser@7.24.1", + "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "esquery@1.5.0", + "multimap@1.1.0" + ] + }, + { + "ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "@babel/eslint-parser@7.24.1|semver@6.3.1" + ] + }, + { + "ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1|semver@6.3.1" + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "dependsOn": [ + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + }, + { + "ref": "multimap@1.1.0" + }, + { + "ref": "is-builtin-module@3.2.1", + "dependsOn": [ + "builtin-modules@3.3.0" + ] + }, + { + "ref": "pluralize@8.0.0" + }, + { + "ref": "read-pkg-up@7.0.1", + "dependsOn": [ + "read-pkg-up@7.0.1|find-up@4.1.0", + "read-pkg@5.2.0", + "read-pkg-up@7.0.1|type-fest@0.8.1" + ] + }, + { + "ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-locate@4.1.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-limit@2.3.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|type-fest@0.8.1" + }, + { + "ref": "regexp-tree@0.1.27" + }, + { + "ref": "safe-regex@2.1.1", + "dependsOn": [ + "regexp-tree@0.1.27" + ] + }, + { + "ref": "eslint-plugin-unicorn@52.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@eslint-community/eslint-utils@4.4.0", + "@eslint/eslintrc@2.1.4", + "ci-info@4.0.0", + "clean-regexp@1.0.0", + "core-js-compat@3.37.0", + "eslint@8.57.0", + "esquery@1.5.0", + "indent-string@4.0.0", + "is-builtin-module@3.2.1", + "jsesc@3.0.2", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "regjsparser@0.10.0", + "semver@7.6.2", + "strip-indent@3.0.0" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "debug@4.3.4", + "espree@9.6.1", + "globals@13.24.0", + "ignore@5.3.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1" + }, + { + "ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "espree@9.6.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "acorn@8.11.3", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "parent-module@1.0.1", + "dependsOn": [ + "callsites@3.1.0" + ] + }, + { + "ref": "resolve-from@4.0.0" + }, + { + "ref": "ci-info@4.0.0" + }, + { + "ref": "core-js-compat@3.37.0", + "dependsOn": [ + "browserslist@4.23.0" + ] + }, + { + "ref": "browserslist@4.23.0", + "dependsOn": [ + "caniuse-lite@1.0.30001612", + "electron-to-chromium@1.4.747", + "node-releases@2.0.14", + "update-browserslist-db@1.0.13" + ] + }, + { + "ref": "caniuse-lite@1.0.30001612" + }, + { + "ref": "electron-to-chromium@1.4.747" + }, + { + "ref": "node-releases@2.0.14" + }, + { + "ref": "update-browserslist-db@1.0.13", + "dependsOn": [ + "browserslist@4.23.0", + "escalade@3.1.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "escalade@3.1.2" + }, + { + "ref": "estraverse@5.3.0" + }, + { + "ref": "builtin-modules@3.3.0" + }, + { + "ref": "jsesc@3.0.2" + }, + { + "ref": "p-try@2.2.0" + }, + { + "ref": "path-exists@4.0.0" + }, + { + "ref": "read-pkg@5.2.0", + "dependsOn": [ + "@types/normalize-package-data@2.4.4", + "read-pkg@5.2.0|normalize-package-data@2.5.0", + "parse-json@5.2.0", + "read-pkg@5.2.0|type-fest@0.6.0" + ] + }, + { + "ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "dependsOn": [ + "read-pkg@5.2.0|hosted-git-info@2.8.9", + "resolve@1.22.8", + "read-pkg@5.2.0|semver@5.7.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "read-pkg@5.2.0|hosted-git-info@2.8.9" + }, + { + "ref": "read-pkg@5.2.0|semver@5.7.2" + }, + { + "ref": "read-pkg@5.2.0|type-fest@0.6.0" + }, + { + "ref": "@types/normalize-package-data@2.4.4" + }, + { + "ref": "validate-npm-package-license@3.0.4", + "dependsOn": [ + "spdx-correct@3.2.0", + "spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "regjsparser@0.10.0", + "dependsOn": [ + "regjsparser@0.10.0|jsesc@0.5.0" + ] + }, + { + "ref": "regjsparser@0.10.0|jsesc@0.5.0" + }, + { + "ref": "strip-indent@3.0.0", + "dependsOn": [ + "min-indent@1.0.1" + ] + }, + { + "ref": "min-indent@1.0.1" + }, + { + "ref": "@eslint/js@8.57.0" + }, + { + "ref": "@humanwhocodes/config-array@0.11.14", + "dependsOn": [ + "@humanwhocodes/object-schema@2.0.3", + "debug@4.3.4", + "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "dependsOn": [ + "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@humanwhocodes/object-schema@2.0.3" + }, + { + "ref": "@humanwhocodes/module-importer@1.0.1" + }, + { + "ref": "@nodelib/fs.scandir@2.1.5", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "run-parallel@1.2.0" + ] + }, + { + "ref": "run-parallel@1.2.0", + "dependsOn": [ + "queue-microtask@1.2.3" + ] + }, + { + "ref": "queue-microtask@1.2.3" + }, + { + "ref": "fastq@1.17.1", + "dependsOn": [ + "reusify@1.0.4" + ] + }, + { + "ref": "reusify@1.0.4" + }, + { + "ref": "@ungap/structured-clone@1.2.0" + }, + { + "ref": "path-key@3.1.1" + }, + { + "ref": "shebang-command@2.0.0", + "dependsOn": [ + "shebang-regex@3.0.0" + ] + }, + { + "ref": "shebang-regex@3.0.0" + }, + { + "ref": "which@2.0.2", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "isexe@2.0.0" + }, + { + "ref": "eslint-scope@7.2.2", + "dependsOn": [ + "esrecurse@4.3.0", + "estraverse@5.3.0" + ] + }, + { + "ref": "acorn@8.11.3" + }, + { + "ref": "flat-cache@3.2.0", + "dependsOn": [ + "flatted@3.3.1", + "keyv@4.5.4", + "rimraf@3.0.2" + ] + }, + { + "ref": "flatted@3.3.1" + }, + { + "ref": "keyv@4.5.4", + "dependsOn": [ + "json-buffer@3.0.1" + ] + }, + { + "ref": "json-buffer@3.0.1" + }, + { + "ref": "find-up@5.0.0", + "dependsOn": [ + "locate-path@6.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "locate-path@6.0.0", + "dependsOn": [ + "p-locate@5.0.0" + ] + }, + { + "ref": "p-locate@5.0.0", + "dependsOn": [ + "p-limit@3.1.0" + ] + }, + { + "ref": "is-extglob@2.1.1" + }, + { + "ref": "is-path-inside@3.0.3" + }, + { + "ref": "prelude-ls@1.2.1" + }, + { + "ref": "type-check@0.4.0", + "dependsOn": [ + "prelude-ls@1.2.1" + ] + }, + { + "ref": "@aashutoshrathi/word-wrap@1.2.6" + }, + { + "ref": "deep-is@0.1.4" + }, + { + "ref": "accepts@1.3.8", + "dependsOn": [ + "mime-types@2.1.35", + "negotiator@0.6.3" + ] + }, + { + "ref": "mime-types@2.1.35", + "dependsOn": [ + "mime-db@1.52.0" + ] + }, + { + "ref": "negotiator@0.6.3" + }, + { + "ref": "array-flatten@1.1.1" + }, + { + "ref": "body-parser@1.20.2", + "dependsOn": [ + "bytes@3.1.2", + "content-type@1.0.5", + "body-parser@1.20.2|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "on-finished@2.4.1", + "qs@6.11.0", + "raw-body@2.5.2", + "type-is@1.6.18", + "unpipe@1.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|debug@2.6.9", + "dependsOn": [ + "body-parser@1.20.2|ms@2.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|ms@2.0.0" + }, + { + "ref": "bytes@3.1.2" + }, + { + "ref": "depd@2.0.0" + }, + { + "ref": "destroy@1.2.0" + }, + { + "ref": "http-errors@2.0.0", + "dependsOn": [ + "depd@2.0.0", + "inherits@2.0.4", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "toidentifier@1.0.1" + ] + }, + { + "ref": "iconv-lite@0.4.24", + "dependsOn": [ + "safer-buffer@2.1.2" + ] + }, + { + "ref": "safer-buffer@2.1.2" + }, + { + "ref": "on-finished@2.4.1", + "dependsOn": [ + "ee-first@1.1.1" + ] + }, + { + "ref": "qs@6.11.0", + "dependsOn": [ + "side-channel@1.0.6" + ] + }, + { + "ref": "raw-body@2.5.2", + "dependsOn": [ + "bytes@3.1.2", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "unpipe@1.0.0" + ] + }, + { + "ref": "unpipe@1.0.0" + }, + { + "ref": "type-is@1.6.18", + "dependsOn": [ + "media-typer@0.3.0", + "mime-types@2.1.35" + ] + }, + { + "ref": "content-disposition@0.5.4", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "cookie-signature@1.0.6" + }, + { + "ref": "cookie@0.6.0" + }, + { + "ref": "encodeurl@1.0.2" + }, + { + "ref": "escape-html@1.0.3" + }, + { + "ref": "etag@1.8.1" + }, + { + "ref": "finalhandler@1.2.0", + "dependsOn": [ + "finalhandler@1.2.0|debug@2.6.9", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "on-finished@2.4.1", + "parseurl@1.3.3", + "statuses@2.0.1", + "unpipe@1.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|debug@2.6.9", + "dependsOn": [ + "finalhandler@1.2.0|ms@2.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|ms@2.0.0" + }, + { + "ref": "parseurl@1.3.3" + }, + { + "ref": "statuses@2.0.1" + }, + { + "ref": "fresh@0.5.2" + }, + { + "ref": "setprototypeof@1.2.0" + }, + { + "ref": "toidentifier@1.0.1" + }, + { + "ref": "merge-descriptors@1.0.1" + }, + { + "ref": "methods@1.1.2" + }, + { + "ref": "ee-first@1.1.1" + }, + { + "ref": "path-to-regexp@0.1.7" + }, + { + "ref": "proxy-addr@2.0.7", + "dependsOn": [ + "forwarded@0.2.0", + "ipaddr.js@1.9.1" + ] + }, + { + "ref": "forwarded@0.2.0" + }, + { + "ref": "ipaddr.js@1.9.1" + }, + { + "ref": "side-channel@1.0.6", + "dependsOn": [ + "call-bind@1.0.7", + "es-errors@1.3.0", + "get-intrinsic@1.2.4", + "object-inspect@1.13.1" + ] + }, + { + "ref": "call-bind@1.0.7", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "set-function-length@1.2.2" + ] + }, + { + "ref": "es-define-property@1.0.0", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "get-intrinsic@1.2.4", + "dependsOn": [ + "es-errors@1.3.0", + "function-bind@1.1.2", + "has-proto@1.0.3", + "has-symbols@1.0.3", + "hasown@2.0.2" + ] + }, + { + "ref": "es-errors@1.3.0" + }, + { + "ref": "function-bind@1.1.2" + }, + { + "ref": "set-function-length@1.2.2", + "dependsOn": [ + "define-data-property@1.1.4", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "gopd@1.0.1", + "has-property-descriptors@1.0.2" + ] + }, + { + "ref": "define-data-property@1.1.4", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "gopd@1.0.1" + ] + }, + { + "ref": "gopd@1.0.1", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "has-property-descriptors@1.0.2", + "dependsOn": [ + "es-define-property@1.0.0" + ] + }, + { + "ref": "has-proto@1.0.3" + }, + { + "ref": "has-symbols@1.0.3" + }, + { + "ref": "hasown@2.0.2", + "dependsOn": [ + "function-bind@1.1.2" + ] + }, + { + "ref": "object-inspect@1.13.1" + }, + { + "ref": "range-parser@1.2.1" + }, + { + "ref": "send@0.18.0", + "dependsOn": [ + "send@0.18.0|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "fresh@0.5.2", + "http-errors@2.0.0", + "mime@1.6.0", + "ms@2.1.3", + "on-finished@2.4.1", + "range-parser@1.2.1", + "statuses@2.0.1" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9", + "dependsOn": [ + "send@0.18.0|debug@2.6.9|ms@2.0.0" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9|ms@2.0.0" + }, + { + "ref": "mime@1.6.0" + }, + { + "ref": "serve-static@1.15.0", + "dependsOn": [ + "encodeurl@1.0.2", + "escape-html@1.0.3", + "parseurl@1.3.3", + "send@0.18.0" + ] + }, + { + "ref": "media-typer@0.3.0" + }, + { + "ref": "utils-merge@1.0.1" + }, + { + "ref": "vary@1.1.2" + }, + { + "ref": "asynckit@0.4.0" + }, + { + "ref": "combined-stream@1.0.8", + "dependsOn": [ + "delayed-stream@1.0.0" + ] + }, + { + "ref": "delayed-stream@1.0.0" + }, + { + "ref": "mime-db@1.52.0" + }, + { + "ref": "fs-extra@11.2.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "jsonfile@6.1.0", + "universalify@2.0.1" + ] + }, + { + "ref": "jsonfile@6.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "universalify@2.0.1" + ] + }, + { + "ref": "universalify@2.0.1" + }, + { + "ref": "get-installed-path@4.0.8", + "dependsOn": [ + "global-modules@1.0.0" + ] + }, + { + "ref": "global-modules@1.0.0", + "dependsOn": [ + "global-prefix@1.0.2", + "is-windows@1.0.2", + "resolve-dir@1.0.1" + ] + }, + { + "ref": "global-prefix@1.0.2", + "dependsOn": [ + "expand-tilde@2.0.2", + "homedir-polyfill@1.0.3", + "ini@1.3.8", + "is-windows@1.0.2", + "global-prefix@1.0.2|which@1.3.1" + ] + }, + { + "ref": "global-prefix@1.0.2|which@1.3.1", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "expand-tilde@2.0.2", + "dependsOn": [ + "homedir-polyfill@1.0.3" + ] + }, + { + "ref": "homedir-polyfill@1.0.3", + "dependsOn": [ + "parse-passwd@1.0.0" + ] + }, + { + "ref": "parse-passwd@1.0.0" + }, + { + "ref": "is-windows@1.0.2" + }, + { + "ref": "resolve-dir@1.0.1", + "dependsOn": [ + "expand-tilde@2.0.2", + "global-modules@1.0.0" + ] + }, + { + "ref": "domhandler@5.0.3", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "domutils@3.1.0", + "dependsOn": [ + "dom-serializer@2.0.0", + "domelementtype@2.3.0", + "domhandler@5.0.3" + ] + }, + { + "ref": "dom-serializer@2.0.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "entities@4.5.0" + ] + }, + { + "ref": "entities@4.5.0" + }, + { + "ref": "https@1.0.0" + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2", + "dependsOn": [ + "chalk@4.1.2", + "cli-cursor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1" + ] + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "cli-cursor@3.1.0", + "dependsOn": [ + "restore-cursor@3.1.0" + ] + }, + { + "ref": "restore-cursor@3.1.0", + "dependsOn": [ + "onetime@5.1.2", + "signal-exit@3.0.7" + ] + }, + { + "ref": "onetime@5.1.2", + "dependsOn": [ + "mimic-fn@2.1.0" + ] + }, + { + "ref": "mimic-fn@2.1.0" + }, + { + "ref": "signal-exit@3.0.7" + }, + { + "ref": "figures@3.2.0", + "dependsOn": [ + "figures@3.2.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "figures@3.2.0|escape-string-regexp@1.0.5" + }, + { + "ref": "inquirer@8.0.0", + "dependsOn": [ + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-cursor@3.1.0", + "cli-width@3.0.0", + "external-editor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "mute-stream@0.0.8", + "run-async@2.4.1", + "rxjs@6.6.7", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "through@2.3.8" + ] + }, + { + "ref": "cli-width@3.0.0" + }, + { + "ref": "external-editor@3.1.0", + "dependsOn": [ + "chardet@0.7.0", + "iconv-lite@0.4.24", + "external-editor@3.1.0|tmp@0.0.33" + ] + }, + { + "ref": "external-editor@3.1.0|tmp@0.0.33", + "dependsOn": [ + "os-tmpdir@1.0.2" + ] + }, + { + "ref": "chardet@0.7.0" + }, + { + "ref": "os-tmpdir@1.0.2" + }, + { + "ref": "mute-stream@0.0.8" + }, + { + "ref": "run-async@2.4.1" + }, + { + "ref": "rxjs@6.6.7", + "dependsOn": [ + "rxjs@6.6.7|tslib@1.14.1" + ] + }, + { + "ref": "rxjs@6.6.7|tslib@1.14.1" + }, + { + "ref": "through@2.3.8" + }, + { + "ref": "jest-mock@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-util@29.7.0" + ] + }, + { + "ref": "@types/istanbul-lib-report@3.0.3", + "dependsOn": [ + "@types/istanbul-lib-coverage@2.0.6" + ] + }, + { + "ref": "@types/yargs-parser@21.0.3" + }, + { + "ref": "jest@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/types@29.6.3", + "import-local@3.1.0", + "jest-cli@29.7.0" + ] + }, + { + "ref": "@jest/core@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/reporters@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@jest/core@29.7.0|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-changed-files@29.7.0", + "jest-config@29.7.0", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve-dependencies@29.7.0", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "jest-watcher@29.7.0", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@jest/core@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/console@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "@jest/reporters@29.7.0", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@jest/console@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "istanbul-lib-instrument@6.0.2", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@jest/test-result@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/types@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@jest/transform@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "convert-source-map@2.0.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "fs.realpath@1.0.0" + }, + { + "ref": "inflight@1.0.6", + "dependsOn": [ + "once@1.4.0", + "wrappy@1.0.2" + ] + }, + { + "ref": "path-is-absolute@1.0.1" + }, + { + "ref": "istanbul-lib-instrument@6.0.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "semver@7.6.2" + ] + }, + { + "ref": "make-dir@4.0.0", + "dependsOn": [ + "semver@7.6.2" + ] + }, + { + "ref": "source-map@0.6.1" + }, + { + "ref": "html-escaper@2.0.2" + }, + { + "ref": "jest-worker@29.7.0", + "dependsOn": [ + "@types/node@20.14.1", + "jest-util@29.7.0", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "char-regex@1.0.2" + }, + { + "ref": "convert-source-map@2.0.0" + }, + { + "ref": "jest-changed-files@29.7.0", + "dependsOn": [ + "execa@5.1.1", + "jest-util@29.7.0", + "p-limit@3.1.0" + ] + }, + { + "ref": "get-stream@6.0.1" + }, + { + "ref": "human-signals@2.1.0" + }, + { + "ref": "npm-run-path@4.0.1", + "dependsOn": [ + "path-key@3.1.1" + ] + }, + { + "ref": "strip-final-newline@2.0.0" + }, + { + "ref": "yocto-queue@0.1.0" + }, + { + "ref": "jest-config@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/test-sequencer@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "babel-jest@29.7.0", + "chalk@4.1.2", + "jest-config@29.7.0|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-circus@29.7.0", + "jest-environment-node@29.7.0", + "jest-get-type@29.6.3", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "micromatch@4.0.5", + "parse-json@5.2.0", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "jest-config@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/test-sequencer@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "jest-haste-map@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "babel-jest@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "babel-preset-jest@29.6.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "jest-circus@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "dedent@1.5.3", + "is-generator-fn@2.1.0", + "jest-each@29.7.0", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "p-limit@3.1.0", + "pretty-format@29.7.0", + "pure-rand@6.1.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/environment@29.7.0", + "dependsOn": [ + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/expect@29.7.0", + "dependsOn": [ + "expect@29.7.0", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "jest-snapshot@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-jsx@7.24.1", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/types@7.24.0", + "@jest/expect-utils@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "expect@29.7.0", + "graceful-fs@4.2.11", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "natural-compare@1.4.0", + "pretty-format@29.7.0", + "semver@7.6.2" + ] + }, + { + "ref": "dedent@1.5.3" + }, + { + "ref": "jest-each@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "jest-util@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-runtime@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/globals@29.7.0", + "@jest/source-map@29.6.3", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "pure-rand@6.1.0" + }, + { + "ref": "jest-environment-node@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/fake-timers@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@sinonjs/fake-timers@10.3.0", + "@types/node@20.14.1", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "jest-regex-util@29.6.3" + }, + { + "ref": "jest-resolve@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-pnp-resolver@1.2.3", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "resolve.exports@2.0.2", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "jest-runner@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/environment@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "emittery@0.13.1", + "graceful-fs@4.2.11", + "jest-docblock@29.7.0", + "jest-environment-node@29.7.0", + "jest-haste-map@29.7.0", + "jest-leak-detector@29.7.0", + "jest-message-util@29.7.0", + "jest-resolve@29.7.0", + "jest-runtime@29.7.0", + "jest-util@29.7.0", + "jest-watcher@29.7.0", + "jest-worker@29.7.0", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "jest-validate@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "jest-validate@29.7.0|camelcase@6.3.0", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "leven@3.1.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-validate@29.7.0|camelcase@6.3.0" + }, + { + "ref": "bser@2.1.1", + "dependsOn": [ + "node-int64@0.4.0" + ] + }, + { + "ref": "node-int64@0.4.0" + }, + { + "ref": "makeerror@1.0.12", + "dependsOn": [ + "tmpl@1.0.5" + ] + }, + { + "ref": "tmpl@1.0.5" + }, + { + "ref": "jest-resolve-dependencies@29.7.0", + "dependsOn": [ + "jest-regex-util@29.6.3", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "resolve.exports@2.0.2" + }, + { + "ref": "emittery@0.13.1" + }, + { + "ref": "jest-docblock@29.7.0", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "jest-leak-detector@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-watcher@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "emittery@0.13.1", + "jest-util@29.7.0", + "string-length@4.0.2" + ] + }, + { + "ref": "@jest/globals@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/types@29.6.3", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/source-map@29.6.3", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@babel/plugin-syntax-jsx@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/helper-plugin-utils@7.24.0" + }, + { + "ref": "@babel/plugin-syntax-async-generators@7.8.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-bigint@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-class-properties@7.12.13", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-import-meta@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-json-strings@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "pkg-dir@4.2.0", + "dependsOn": [ + "pkg-dir@4.2.0|find-up@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|find-up@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-locate@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-limit@2.3.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0", + "dependsOn": [ + "resolve-cwd@3.0.0|resolve-from@5.0.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0|resolve-from@5.0.0" + }, + { + "ref": "jest-cli@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "chalk@4.1.2", + "create-jest@29.7.0", + "exit@0.1.2", + "import-local@3.1.0", + "jest-config@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "yargs@17.7.2" + ] + }, + { + "ref": "create-jest@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-config@29.7.0", + "jest-util@29.7.0", + "prompts@2.4.2" + ] + }, + { + "ref": "cliui@8.0.1", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "get-caller-file@2.0.5" + }, + { + "ref": "require-directory@2.1.1" + }, + { + "ref": "y18n@5.0.8" + }, + { + "ref": "argparse@2.0.1" + }, + { + "ref": "json-colorizer@2.2.2", + "dependsOn": [ + "json-colorizer@2.2.2|chalk@2.4.2", + "lodash.get@4.4.2" + ] + }, + { + "ref": "json-colorizer@2.2.2|chalk@2.4.2", + "dependsOn": [ + "json-colorizer@2.2.2|ansi-styles@3.2.1", + "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "json-colorizer@2.2.2|supports-color@5.5.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "dependsOn": [ + "json-colorizer@2.2.2|color-convert@1.9.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "dependsOn": [ + "json-colorizer@2.2.2|color-name@1.1.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-name@1.1.3" + }, + { + "ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5" + }, + { + "ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "dependsOn": [ + "json-colorizer@2.2.2|has-flag@3.0.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|has-flag@3.0.0" + }, + { + "ref": "markdown-diff@2.0.0", + "dependsOn": [ + "markdown-diff@2.0.0|diff@5.2.0", + "marked@12.0.2" + ] + }, + { + "ref": "markdown-diff@2.0.0|diff@5.2.0" + }, + { + "ref": "marked@12.0.2" + }, + { + "ref": "markdown-table-ts@1.0.3" + }, + { + "ref": "mocha@10.4.0", + "dependsOn": [ + "ansi-colors@4.1.1", + "browser-stdout@1.3.1", + "chokidar@3.5.3", + "debug@4.3.4", + "mocha@10.4.0|diff@5.0.0", + "escape-string-regexp@4.0.0", + "find-up@5.0.0", + "mocha@10.4.0|glob@8.1.0", + "he@1.2.0", + "js-yaml@4.1.0", + "mocha@10.4.0|log-symbols@4.1.0", + "mocha@10.4.0|minimatch@5.0.1", + "ms@2.1.3", + "serialize-javascript@6.0.0", + "strip-json-comments@3.1.1", + "supports-color@8.1.1", + "workerpool@6.2.1", + "yargs-parser@20.2.4", + "yargs-unparser@2.0.0", + "mocha@10.4.0|yargs@16.2.0" + ] + }, + { + "ref": "mocha@10.4.0|diff@5.0.0" + }, + { + "ref": "mocha@10.4.0|glob@8.1.0", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "mocha@10.4.0|minimatch@5.0.1", + "once@1.4.0" + ] + }, + { + "ref": "mocha@10.4.0|minimatch@5.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "mocha@10.4.0|log-symbols@4.1.0", + "dependsOn": [ + "chalk@4.1.2", + "is-unicode-supported@0.1.0" + ] + }, + { + "ref": "mocha@10.4.0|yargs@16.2.0", + "dependsOn": [ + "mocha@10.4.0|cliui@7.0.4", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs-parser@20.2.4" + ] + }, + { + "ref": "mocha@10.4.0|cliui@7.0.4", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "browser-stdout@1.3.1" + }, + { + "ref": "fill-range@7.0.1", + "dependsOn": [ + "to-regex-range@5.0.1" + ] + }, + { + "ref": "to-regex-range@5.0.1", + "dependsOn": [ + "is-number@7.0.0" + ] + }, + { + "ref": "is-number@7.0.0" + }, + { + "ref": "is-binary-path@2.1.0", + "dependsOn": [ + "binary-extensions@2.3.0" + ] + }, + { + "ref": "binary-extensions@2.3.0" + }, + { + "ref": "readdirp@3.6.0", + "dependsOn": [ + "picomatch@2.3.1" + ] + }, + { + "ref": "wrappy@1.0.2" + }, + { + "ref": "is-unicode-supported@0.1.0" + }, + { + "ref": "serialize-javascript@6.0.0", + "dependsOn": [ + "randombytes@2.1.0" + ] + }, + { + "ref": "randombytes@2.1.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "workerpool@6.2.1" + }, + { + "ref": "yargs-parser@20.2.4" + }, + { + "ref": "yargs-unparser@2.0.0", + "dependsOn": [ + "yargs-unparser@2.0.0|camelcase@6.3.0", + "decamelize@4.0.0", + "flat@5.0.2", + "is-plain-obj@2.1.0" + ] + }, + { + "ref": "yargs-unparser@2.0.0|camelcase@6.3.0" + }, + { + "ref": "decamelize@4.0.0" + }, + { + "ref": "is-plain-obj@2.1.0" + }, + { + "ref": "mock-fs@5.2.0" + }, + { + "ref": "objects-to-csv@1.3.6", + "dependsOn": [ + "async-csv@2.1.3" + ] + }, + { + "ref": "async-csv@2.1.3", + "dependsOn": [ + "csv@5.5.3" + ] + }, + { + "ref": "csv@5.5.3", + "dependsOn": [ + "csv-generate@3.4.3", + "csv-parse@4.16.3", + "csv-stringify@5.6.5", + "stream-transform@2.1.3" + ] + }, + { + "ref": "csv-generate@3.4.3" + }, + { + "ref": "csv-stringify@5.6.5" + }, + { + "ref": "stream-transform@2.1.3", + "dependsOn": [ + "mixme@0.5.10" + ] + }, + { + "ref": "mixme@0.5.10" + }, + { + "ref": "oclif@4.13.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0", + "@aws-sdk/client-s3@3.583.0", + "@inquirer/confirm@3.1.9", + "@inquirer/input@2.1.9", + "@inquirer/select@2.3.5", + "oclif@4.13.0|@oclif/core@4.0.1", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-not-found@3.2.1", + "@oclif/plugin-warn-if-update-available@3.1.4", + "async-retry@1.3.3", + "chalk@4.1.2", + "change-case@4.1.2", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "find-yarn-workspace-root@2.0.0", + "oclif@4.13.0|fs-extra@8.1.0", + "github-slugger@2.0.0", + "got@13.0.0", + "lodash@4.17.21", + "normalize-package-data@6.0.1", + "semver@7.6.2", + "sort-package-json@2.10.0", + "tiny-jsonc@1.0.1", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "oclif@4.13.0|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "oclif@4.13.0|debug@4.3.5", + "dependsOn": [ + "oclif@4.13.0|ms@2.1.2" + ] + }, + { + "ref": "oclif@4.13.0|ms@2.1.2" + }, + { + "ref": "oclif@4.13.0|fs-extra@8.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "oclif@4.13.0|jsonfile@4.0.0", + "oclif@4.13.0|universalify@0.1.2" + ] + }, + { + "ref": "oclif@4.13.0|jsonfile@4.0.0", + "dependsOn": [ + "graceful-fs@4.2.11" + ] + }, + { + "ref": "oclif@4.13.0|universalify@0.1.2" + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/xml-builder@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-waiter@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0", + "dependsOn": [ + "@aws-crypto/sha1-browser@3.0.0", + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "@aws-sdk/middleware-expect-continue@3.577.0", + "@aws-sdk/middleware-flexible-checksums@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-location-constraint@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/middleware-signing@3.577.0", + "@aws-sdk/middleware-ssec@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/signature-v4-multi-region@3.582.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/eventstream-serde-browser@3.0.0", + "@smithy/eventstream-serde-config-resolver@3.0.0", + "@smithy/eventstream-serde-node@3.0.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-blob-browser@3.0.0", + "@smithy/hash-node@3.0.0", + "@smithy/hash-stream-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/md5-js@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/region-config-resolver@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-node@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-env@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-process@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/token-providers@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso-oidc@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sts@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/credential-provider-node@3.577.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-http@3.577.0", + "@aws-sdk/credential-provider-ini@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-user-agent@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-endpoints@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-http@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-ini@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-sso@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso@3.577.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-arn-parser@3.568.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@aws-crypto/crc32c@3.0.0", + "@aws-sdk/types@3.577.0", + "@smithy/is-array-buffer@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/crc32c@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-signing@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-ssec@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "dependsOn": [ + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-browser@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-universal@3.0.0", + "dependsOn": [ + "@smithy/eventstream-codec@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-codec@3.0.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-node@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-blob-browser@3.0.0", + "dependsOn": [ + "@smithy/chunked-blob-reader-native@3.0.0", + "@smithy/chunked-blob-reader@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader-native@3.0.0", + "dependsOn": [ + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-stream-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/md5-js@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@inquirer/confirm@3.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/core@8.2.2", + "dependsOn": [ + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "@types/mute-stream@0.0.4", + "@types/node@20.14.1", + "@types/wrap-ansi@3.0.0", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-spinners@2.9.2", + "@inquirer/core@8.2.2|cli-width@4.1.0", + "@inquirer/core@8.2.2|mute-stream@1.0.0", + "@inquirer/core@8.2.2|signal-exit@4.1.0", + "strip-ansi@6.0.1", + "@inquirer/core@8.2.2|wrap-ansi@6.2.0" + ] + }, + { + "ref": "@inquirer/core@8.2.2|cli-width@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|mute-stream@1.0.0" + }, + { + "ref": "@inquirer/core@8.2.2|signal-exit@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@inquirer/figures@1.0.3" + }, + { + "ref": "@inquirer/type@1.3.3" + }, + { + "ref": "@types/mute-stream@0.0.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/wrap-ansi@3.0.0" + }, + { + "ref": "@inquirer/input@2.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/select@2.3.5", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "ansi-escapes@4.3.2", + "chalk@4.1.2" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1", + "dependsOn": [ + "@inquirer/confirm@3.1.9", + "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "ansis@3.2.0", + "fast-levenshtein@3.0.0" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "fast-levenshtein@3.0.0", + "dependsOn": [ + "fastest-levenshtein@1.0.16" + ] + }, + { + "ref": "fastest-levenshtein@1.0.16" + }, + { + "ref": "async-retry@1.3.3", + "dependsOn": [ + "retry@0.13.1" + ] + }, + { + "ref": "retry@0.13.1" + }, + { + "ref": "change-case@4.1.2", + "dependsOn": [ + "camel-case@4.1.2", + "capital-case@1.0.4", + "constant-case@3.0.4", + "dot-case@3.0.4", + "header-case@2.0.4", + "no-case@3.0.4", + "param-case@3.0.4", + "pascal-case@3.1.2", + "path-case@3.0.4", + "sentence-case@3.0.4", + "snake-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "camel-case@4.1.2", + "dependsOn": [ + "pascal-case@3.1.2", + "tslib@2.6.3" + ] + }, + { + "ref": "pascal-case@3.1.2", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "capital-case@1.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "no-case@3.0.4", + "dependsOn": [ + "lower-case@2.0.2", + "tslib@2.6.3" + ] + }, + { + "ref": "upper-case-first@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "constant-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case@2.0.2" + ] + }, + { + "ref": "upper-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "dot-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "header-case@2.0.4", + "dependsOn": [ + "capital-case@1.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "lower-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "param-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "path-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "sentence-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "snake-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "find-yarn-workspace-root@2.0.0", + "dependsOn": [ + "micromatch@4.0.5" + ] + }, + { + "ref": "github-slugger@2.0.0" + }, + { + "ref": "got@13.0.0", + "dependsOn": [ + "@sindresorhus/is@5.6.0", + "@szmarczak/http-timer@5.0.1", + "cacheable-lookup@7.0.0", + "cacheable-request@10.2.14", + "decompress-response@6.0.0", + "form-data-encoder@2.1.4", + "get-stream@6.0.1", + "http2-wrapper@2.2.1", + "lowercase-keys@3.0.0", + "p-cancelable@3.0.0", + "responselike@3.0.0" + ] + }, + { + "ref": "@sindresorhus/is@5.6.0" + }, + { + "ref": "@szmarczak/http-timer@5.0.1", + "dependsOn": [ + "defer-to-connect@2.0.1" + ] + }, + { + "ref": "defer-to-connect@2.0.1" + }, + { + "ref": "cacheable-lookup@7.0.0" + }, + { + "ref": "cacheable-request@10.2.14", + "dependsOn": [ + "@types/http-cache-semantics@4.0.4", + "get-stream@6.0.1", + "http-cache-semantics@4.1.1", + "keyv@4.5.4", + "mimic-response@4.0.0", + "normalize-url@8.0.1", + "responselike@3.0.0" + ] + }, + { + "ref": "@types/http-cache-semantics@4.0.4" + }, + { + "ref": "http-cache-semantics@4.1.1" + }, + { + "ref": "mimic-response@4.0.0" + }, + { + "ref": "normalize-url@8.0.1" + }, + { + "ref": "responselike@3.0.0", + "dependsOn": [ + "lowercase-keys@3.0.0" + ] + }, + { + "ref": "decompress-response@6.0.0", + "dependsOn": [ + "decompress-response@6.0.0|mimic-response@3.1.0" + ] + }, + { + "ref": "decompress-response@6.0.0|mimic-response@3.1.0" + }, + { + "ref": "form-data-encoder@2.1.4" + }, + { + "ref": "http2-wrapper@2.2.1", + "dependsOn": [ + "quick-lru@5.1.1", + "resolve-alpn@1.2.1" + ] + }, + { + "ref": "resolve-alpn@1.2.1" + }, + { + "ref": "lowercase-keys@3.0.0" + }, + { + "ref": "p-cancelable@3.0.0" + }, + { + "ref": "normalize-package-data@6.0.1", + "dependsOn": [ + "hosted-git-info@7.0.2", + "is-core-module@2.13.1", + "semver@7.6.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "spdx-correct@3.2.0", + "dependsOn": [ + "spdx-expression-parse@3.0.1", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-expression-parse@3.0.1", + "dependsOn": [ + "spdx-exceptions@2.5.0", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-license-ids@3.0.17" + }, + { + "ref": "spdx-exceptions@2.5.0" + }, + { + "ref": "sort-package-json@2.10.0", + "dependsOn": [ + "detect-indent@7.0.1", + "sort-package-json@2.10.0|detect-newline@4.0.1", + "get-stdin@9.0.0", + "git-hooks-list@3.1.0", + "sort-package-json@2.10.0|globby@13.2.2", + "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "semver@7.6.2", + "sort-object-keys@1.1.3" + ] + }, + { + "ref": "sort-package-json@2.10.0|detect-newline@4.0.1" + }, + { + "ref": "sort-package-json@2.10.0|globby@13.2.2", + "dependsOn": [ + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "sort-package-json@2.10.0|slash@4.0.0" + ] + }, + { + "ref": "sort-package-json@2.10.0|slash@4.0.0" + }, + { + "ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0" + }, + { + "ref": "detect-indent@7.0.1" + }, + { + "ref": "get-stdin@9.0.0" + }, + { + "ref": "git-hooks-list@3.1.0" + }, + { + "ref": "sort-object-keys@1.1.3" + }, + { + "ref": "tiny-jsonc@1.0.1" + }, + { + "ref": "open@10.1.0", + "dependsOn": [ + "default-browser@5.2.1", + "define-lazy-prop@3.0.0", + "is-inside-container@1.0.0", + "open@10.1.0|is-wsl@3.1.0" + ] + }, + { + "ref": "open@10.1.0|is-wsl@3.1.0", + "dependsOn": [ + "is-inside-container@1.0.0" + ] + }, + { + "ref": "default-browser@5.2.1", + "dependsOn": [ + "bundle-name@4.1.0", + "default-browser-id@5.0.0" + ] + }, + { + "ref": "bundle-name@4.1.0", + "dependsOn": [ + "run-applescript@7.0.0" + ] + }, + { + "ref": "run-applescript@7.0.0" + }, + { + "ref": "default-browser-id@5.0.0" + }, + { + "ref": "define-lazy-prop@3.0.0" + }, + { + "ref": "is-inside-container@1.0.0", + "dependsOn": [ + "is-inside-container@1.0.0|is-docker@3.0.0" + ] + }, + { + "ref": "is-inside-container@1.0.0|is-docker@3.0.0" + }, + { + "ref": "prompt-sync@4.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|strip-ansi@5.2.0" + ] + }, + { + "ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|ansi-regex@4.1.1" + ] + }, + { + "ref": "prompt-sync@4.2.0|ansi-regex@4.1.1" + }, + { + "ref": "lodash.truncate@4.4.2" + }, + { + "ref": "tmp@0.2.3" + }, + { + "ref": "ts-jest@29.1.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-jest@29.7.0", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "jest-util@29.7.0", + "jest@29.7.0", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "typescript@5.1.6", + "ts-jest@29.1.4|yargs-parser@21.1.1" + ] + }, + { + "ref": "ts-jest@29.1.4|yargs-parser@21.1.1" + }, + { + "ref": "@ampproject/remapping@2.3.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "js-tokens@4.0.0" + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6", + "dependsOn": [ + "@babel/compat-data@7.24.4", + "@babel/helper-validator-option@7.23.5", + "browserslist@4.23.0", + "lru-cache@5.1.1", + "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + ] + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + }, + { + "ref": "@babel/compat-data@7.24.4" + }, + { + "ref": "@babel/helper-validator-option@7.23.5" + }, + { + "ref": "lru-cache@5.1.1", + "dependsOn": [ + "yallist@3.1.1" + ] + }, + { + "ref": "yallist@3.1.1" + }, + { + "ref": "@babel/helper-module-transforms@7.23.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-module-imports@7.24.3", + "@babel/helper-simple-access@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/helper-validator-identifier@7.22.20" + ] + }, + { + "ref": "@babel/helper-environment-visitor@7.22.20" + }, + { + "ref": "@babel/helper-module-imports@7.24.3", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-simple-access@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-split-export-declaration@7.22.6", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helpers@7.24.4", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-function-name@7.23.0", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-hoist-variables@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-string-parser@7.24.1" + }, + { + "ref": "to-fast-properties@2.0.0" + }, + { + "ref": "gensync@1.0.0-beta.2" + }, + { + "ref": "@jridgewell/resolve-uri@3.1.2" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0", + "dependsOn": [ + "camelcase@5.3.1", + "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "get-package-type@0.1.0", + "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + }, + { + "ref": "camelcase@5.3.1" + }, + { + "ref": "test-exclude@6.0.0", + "dependsOn": [ + "@istanbuljs/schema@0.1.3", + "glob@7.2.3", + "test-exclude@6.0.0|minimatch@3.1.2" + ] + }, + { + "ref": "test-exclude@6.0.0|minimatch@3.1.2", + "dependsOn": [ + "test-exclude@6.0.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@types/babel__generator@7.6.8", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/babel__template@7.4.4", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "babel-preset-jest@29.6.3", + "dependsOn": [ + "@babel/core@7.24.4", + "babel-plugin-jest-hoist@29.6.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "babel-plugin-jest-hoist@29.6.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "ts-mocha@10.0.0", + "dependsOn": [ + "mocha@10.4.0", + "ts-mocha@10.0.0|ts-node@7.0.1", + "tsconfig-paths@3.15.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "dependsOn": [ + "ts-mocha@10.0.0|arrify@1.0.1", + "buffer-from@1.1.2", + "ts-mocha@10.0.0|diff@3.5.0", + "make-error@1.3.6", + "minimist@1.2.8", + "ts-mocha@10.0.0|mkdirp@0.5.6", + "source-map-support@0.5.13", + "ts-mocha@10.0.0|yn@2.0.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|arrify@1.0.1" + }, + { + "ref": "ts-mocha@10.0.0|diff@3.5.0" + }, + { + "ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "ts-mocha@10.0.0|yn@2.0.0" + }, + { + "ref": "buffer-from@1.1.2" + }, + { + "ref": "tsconfig-paths@3.15.0", + "dependsOn": [ + "@types/json5@0.0.29", + "tsconfig-paths@3.15.0|json5@1.0.2", + "minimist@1.2.8", + "tsconfig-paths@3.15.0|strip-bom@3.0.0" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0" + }, + { + "ref": "@types/json5@0.0.29" + }, + { + "ref": "@cspotcode/source-map-support@0.8.1", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9" + ] + }, + { + "ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "@tsconfig/node10@1.0.11" + }, + { + "ref": "@tsconfig/node12@1.0.11" + }, + { + "ref": "@tsconfig/node14@1.0.3" + }, + { + "ref": "@tsconfig/node16@1.0.4" + }, + { + "ref": "acorn-walk@8.3.2" + }, + { + "ref": "create-require@1.1.1" + }, + { + "ref": "diff@4.0.2" + }, + { + "ref": "v8-compile-cache-lib@3.0.1" + }, + { + "ref": "yn@3.1.1" + }, + { + "ref": "tsimportlib@0.0.5" + }, + { + "ref": "@colors/colors@1.6.0" + }, + { + "ref": "@dabh/diagnostics@2.0.3", + "dependsOn": [ + "colorspace@1.1.4", + "enabled@2.0.0", + "kuler@2.0.0" + ] + }, + { + "ref": "colorspace@1.1.4", + "dependsOn": [ + "colorspace@1.1.4|color@3.2.1", + "text-hex@1.0.0" + ] + }, + { + "ref": "colorspace@1.1.4|color@3.2.1", + "dependsOn": [ + "colorspace@1.1.4|color-convert@1.9.3", + "color-string@1.9.1" + ] + }, + { + "ref": "colorspace@1.1.4|color-convert@1.9.3", + "dependsOn": [ + "colorspace@1.1.4|color-name@1.1.3" + ] + }, + { + "ref": "colorspace@1.1.4|color-name@1.1.3" + }, + { + "ref": "text-hex@1.0.0" + }, + { + "ref": "enabled@2.0.0" + }, + { + "ref": "kuler@2.0.0" + }, + { + "ref": "logform@2.6.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@types/triple-beam@1.3.5", + "fecha@4.2.3", + "ms@2.1.3", + "safe-stable-stringify@2.4.3", + "triple-beam@1.4.1" + ] + }, + { + "ref": "fecha@4.2.3" + }, + { + "ref": "safe-stable-stringify@2.4.3" + }, + { + "ref": "triple-beam@1.4.1" + }, + { + "ref": "one-time@1.0.0", + "dependsOn": [ + "fn.name@1.1.0" + ] + }, + { + "ref": "fn.name@1.1.0" + }, + { + "ref": "string_decoder@1.3.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "stack-trace@0.0.10" + }, + { + "ref": "winston-transport@4.7.0", + "dependsOn": [ + "logform@2.6.0", + "readable-stream@3.6.2", + "triple-beam@1.4.1" + ] + }, + { + "ref": "xlsx-populate@1.21.0", + "dependsOn": [ + "cfb@1.2.2", + "jszip@3.10.1", + "lodash@4.17.21", + "xlsx-populate@1.21.0|sax@1.3.0" + ] + }, + { + "ref": "xlsx-populate@1.21.0|sax@1.3.0" + }, + { + "ref": "cfb@1.2.2", + "dependsOn": [ + "adler-32@1.3.1", + "crc-32@1.2.2" + ] + }, + { + "ref": "adler-32@1.3.1" + }, + { + "ref": "crc-32@1.2.2" + }, + { + "ref": "jszip@3.10.1", + "dependsOn": [ + "lie@3.3.0", + "pako@1.0.11", + "jszip@3.10.1|readable-stream@2.3.8", + "setimmediate@1.0.5" + ] + }, + { + "ref": "jszip@3.10.1|readable-stream@2.3.8", + "dependsOn": [ + "core-util-is@1.0.3", + "inherits@2.0.4", + "isarray@1.0.0", + "process-nextick-args@2.0.1", + "jszip@3.10.1|safe-buffer@5.1.2", + "jszip@3.10.1|string_decoder@1.1.1", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "jszip@3.10.1|safe-buffer@5.1.2" + }, + { + "ref": "jszip@3.10.1|string_decoder@1.1.1", + "dependsOn": [ + "jszip@3.10.1|safe-buffer@5.1.2" + ] + }, + { + "ref": "lie@3.3.0", + "dependsOn": [ + "immediate@3.0.6" + ] + }, + { + "ref": "immediate@3.0.6" + }, + { + "ref": "pako@1.0.11" + }, + { + "ref": "core-util-is@1.0.3" + }, + { + "ref": "isarray@1.0.0" + }, + { + "ref": "process-nextick-args@2.0.1" + }, + { + "ref": "setimmediate@1.0.5" + }, + { + "ref": "sax@1.2.1" + }, + { + "ref": "xmlbuilder@11.0.1" + }, + { + "ref": "zip-lib@1.0.4", + "dependsOn": [ + "yauzl@3.1.3", + "yazl@2.5.1" + ] + }, + { + "ref": "yauzl@3.1.3", + "dependsOn": [ + "buffer-crc32@0.2.13", + "pend@1.2.0" + ] + }, + { + "ref": "buffer-crc32@0.2.13" + }, + { + "ref": "pend@1.2.0" + }, + { + "ref": "yazl@2.5.1", + "dependsOn": [ + "buffer-crc32@0.2.13" + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-saf-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-saf-hdf.json new file mode 100644 index 000000000..5f559069d --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-saf-hdf.json @@ -0,0 +1,88967 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: application/@mitre/saf@1.4.7", + "title": "@mitre/saf CycloneDX BOM Report", + "version": "1.4.7", + "maintainer": "The MITRE Security Automation Framework", + "summary": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "license": "Apache-2.0", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "bb7e08a6555c552f8096497e3ea8043e91f3425eebe8ddc4e0966c262f7e7635" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "type": "library", + "name": "client-config-service", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Config Service Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-config-service@3.590.0#clients/client-config-service", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-config-service", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-config-service", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-config-service/-/client-config-service-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ad29ae81b639104043527461f1bd58d83f0294a7d812a161b7210ff7855d54705dae36775d2b2269d856e08b21e4ed081c2c93ba6c189b90327e25fcb03aa3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service" + } + ] + }, + { + "type": "library", + "name": "sha256-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-browser/-/sha256-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f152e65b607e82315b539b8c7aab5033a363d3f1756eba3cd31417096e824015a0a2c1565d3c7beda78e17908020099b38aeb849d30125d36be89e35c8fe66bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser" + } + ] + }, + { + "type": "library", + "name": "ie11-detection", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions and types for detecting if the host environment is IE11", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/ie11-detection@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/ie11-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/ie11-detection/-/ie11-detection-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df8d650419226350df0cd29a8bfc173376ae8cd0645d1eedab55113d00cbf708b70146c8f34351ef8b85d535c7326ee9a3501c9c593c8aed92d88794ffefc0f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection" + } + ] + }, + { + "type": "library", + "name": "sha256-js", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha256-js@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha256-js@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha256-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha256-js/-/sha256-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e734dee8b34fb27755ef5c0cb6dc214e9936cc683c60c57b53287c9bac9dfd63c906cc10138011626d624a1fa061cad2c8fd9caccecf3bc4238137206283abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js" + } + ] + }, + { + "type": "library", + "name": "supports-web-crypto", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0", + "author": "AWS Crypto Tools Team", + "description": "Provides functions for detecting if the host environment supports the WebCrypto API", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/supports-web-crypto@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/supports-web-crypto", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/supports-web-crypto/-/supports-web-crypto-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d3a84174cc1401bd96153b861bbdcb482d307cfbbddf15b0a39bcbd9eb7d7b29a09aedc8779bc500705b6a355688684f3b7eea72c7426a9fc5a97bc918958f22" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto" + } + ] + }, + { + "type": "library", + "name": "util", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/util@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/util@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/util", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/util/-/util-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8e265a5e269091e3c082f2bfae2950a1cecf48ba7823f70919ae5f19d38d435845afc881c82d82823cdcc98212ac8af8fe4b798ba3a05573b981373771038eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/types@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.577.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "153d896444b7c0128dfda95f9a1968fb764eabf5c9d02ed039970336ba4a8c1d24a98a0a8e154a67f1f1e80ad1d1cce429f1f304112ceb2e3479b207c769d298" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/types" + } + ] + }, + { + "type": "library", + "name": "util-utf8-browser", + "group": "@aws-sdk", + "version": "3.259.0", + "bom-ref": "@aws-sdk/util-utf8-browser@3.259.0", + "author": "AWS SDK for JavaScript Team", + "description": "A browser UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-utf8-browser@3.259.0#packages/util-utf8-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-utf8-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-utf8-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52f15afef47e7b5f57a2891917c47315906bc361149105b18815b4c9840086f9370be4151a5d07de8b9c6bc2c306505f40a5f0996de1ba8ff9f47f2bc1bd7027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-utf8-browser" + } + ] + }, + { + "type": "library", + "name": "util-locate-window", + "group": "@aws-sdk", + "version": "3.535.0", + "bom-ref": "@aws-sdk/util-locate-window@3.535.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-locate-window@3.535.0#packages/util-locate-window", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-locate-window", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-locate-window", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-locate-window/-/util-locate-window-3.535.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c727748be9dda3a5c81ba9d8223f1917a6eec3adcd8f6158b0c5222abef30a843c33481d56de632fb69cf028ce0813bccb168759a3418a8c9f40b285e775784" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-locate-window" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "2.6.3", + "bom-ref": "tslib@2.6.3", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@2.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-2.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4dbf12443948963c6854b9475080024f28e3897c69c8c8ac9239cd3d5e42ac81d515ff7136cefc1961d7a38e64603c281cca6d63b8b1f7db6eb203bb0414929" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-host-header@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.577.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c6b9309cf8e7908e0c8557b34fec5a6266eeddd03b81146b5cdff2913c82b2e9cdfd09f786f3fec9035a6dfb3e58b5dd3dd66804011c24e21f681455f0ac5a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-host-header" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-logger@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.577.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68f146a468d365c25893edb86e0ee34f85dd229e369855d2b8fb78f65c392b281e7cbc8933fb01d1b28aa8f6188af5b4adcb99f5bad0e7c79950db61af3600be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-logger" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.577.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a67dd95447768a86ca2654771fe6c38a51e38119cdad0e873262bd673670f3d0a49f70dc6efe3cc4ebf8449beed1a53c4832e5fd2342c69a4a8de2c34cf18134" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-recursion-detection" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.577.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc40331e047a1d6a59387ef11607892dcebf0b331cc789f1790a25671559a01e693da25ddc28f246164dd315de641d1721109699be322418328ae8172cd3242c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-browser" + } + ] + }, + { + "type": "library", + "name": "config-resolver", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/config-resolver@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/config-resolver@3.0.1#packages/config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/config-resolver/-/config-resolver-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85b91825cdb44810f3daaa8bcedb6323f12a5de9ad996934a284739cbb225e9df4eba290453bee2876bb5388c264226ae83a33aafcb4475fef344482f629cf26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/config-resolver" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@smithy", + "version": "2.1.1", + "bom-ref": "@smithy/core@2.1.1", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/core@2.1.1#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/core/-/core-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2f6c8c3051c83414c85354980c85bb1148014bd2bc1dbb2fce433ed7ab5a495c93b2686bfe3c68e3d6219ac119730543c0e41909bfb4baabe614d94f2093f58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/core" + } + ] + }, + { + "type": "library", + "name": "fetch-http-handler", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/fetch-http-handler@3.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/fetch-http-handler@3.0.1#packages/fetch-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/fetch-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/fetch-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/fetch-http-handler/-/fetch-http-handler-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9a1fbe22e410e3fab070a106978a82a923448704916d395c33ac2a71671a61396d248b98e18fb757bc33183362097a6f13a5d16f4b6882d3cb2339b95f14616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/fetch-http-handler" + } + ] + }, + { + "type": "library", + "name": "hash-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-node@3.0.0#packages/hash-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-node/-/hash-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f38a97b2d35e98fdd74b98dca1fd1e97af9b0df8f3baf8493d04c47eba37960b5b0ad2a0ccf9b7320892e9e85754f8de439f894b41ea993cfc7ff4587f31d5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-node" + } + ] + }, + { + "type": "library", + "name": "invalid-dependency", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/invalid-dependency@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/invalid-dependency@3.0.0#packages/invalid-dependency", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/invalid-dependency", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/invalid-dependency", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/invalid-dependency/-/invalid-dependency-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17ac0105a105809ce3d2ce0a5259622063e6a977a6c0fe846af82f0ea630087e343b95ebda2307bd2f2da1d986559b6e242a2b0645ec60bc93bb83ee8b356ae6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/invalid-dependency" + } + ] + }, + { + "type": "library", + "name": "middleware-content-length", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-content-length@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-content-length@3.0.0#packages/middleware-content-length", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-content-length", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-content-length", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-content-length/-/middleware-content-length-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc2e2ce1dfe21a86e00ad936b67596ebecd24ce060d4f4409b6bed5992ddae2c13ae815b6d6352af795ccb31ddad01e71176020b92b9d846e97e875a21463cb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-content-length" + } + ] + }, + { + "type": "library", + "name": "middleware-endpoint", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/middleware-endpoint@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-endpoint@3.0.1#packages/middleware-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-endpoint/-/middleware-endpoint-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "950fd439d183e0a33990b662025d2af10cb774f6f29ef0172807579d896b0353a9694c2bfa7792b15a240d9a58e9955be58c7c8e7bacdbdbafe975a933d3f849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-endpoint" + } + ] + }, + { + "type": "library", + "name": "middleware-retry", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/middleware-retry@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-retry@3.0.3#packages/middleware-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-retry/-/middleware-retry-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5af7b5ab325bf3754453feaafbf2347107409039eecc42c2e88bc80700f3504886a4aa97817d6fd74154b9919b452e8ebff3fe1c7b61700a07389650bd934090" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-retry" + } + ] + }, + { + "type": "library", + "name": "middleware-serde", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-serde@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-serde@3.0.0#packages/middleware-serde", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-serde", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-serde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-serde/-/middleware-serde-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "235bca1b57e823ea0f806f6bec8318d52fb10679809f5212aa9968cafaa4c07a126fc54fb278070d33a0606601a27b8e2a775a591506259aca6182c1f809deeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-serde" + } + ] + }, + { + "type": "library", + "name": "middleware-stack", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/middleware-stack@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a means for composing multiple middleware functions into a single handler", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/middleware-stack@3.0.0#packages/middleware-stack", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/middleware-stack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/middleware-stack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/middleware-stack/-/middleware-stack-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87d239b27c0c874455e6eb0ba7b24b8d02ab63ef27e6c0507a169dfb7a7cada76ab4e3bfce77dc5eb446946e5bb22263a51a71a969519a55f8f06b04abfa2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/middleware-stack" + } + ] + }, + { + "type": "library", + "name": "node-config-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/node-config-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "Load config default values from ini config files and environmental variable", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-config-provider@3.1.0#packages/node-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-config-provider/-/node-config-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e07c1f1022d51f4c54df1ccbcab9cda0d56eb4575bab220647a83d49345642dad4d65da86a7f65ef297a9c052ef266a47b1aa910419cb5d72fe534e516ceaed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-config-provider" + } + ] + }, + { + "type": "library", + "name": "node-http-handler", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/node-http-handler@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a way to make requests", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/node-http-handler@3.0.0#packages/node-http-handler", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/node-http-handler", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/node-http-handler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/node-http-handler/-/node-http-handler-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dedac3e2becd38cca0c0b6d4268e1ea1dc90bb2a405abeeebcf9de6cd27d6bbd1d421567f944bc8ff9429efa094ba0577d9785ecf924908d037a6549c3e9fe79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/node-http-handler" + } + ] + }, + { + "type": "library", + "name": "protocol-http", + "group": "@smithy", + "version": "4.0.0", + "bom-ref": "@smithy/protocol-http@4.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/protocol-http@4.0.0#packages/protocol-http", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/protocol-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/protocol-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/protocol-http/-/protocol-http-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e4193842365cb5915813bd020218b87baa8d9d9cb32afcfc89601431c336e2202c0311c76065f1c9395390fa561f433dda1a569bb3c1631ad3171d2f83bf01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/protocol-http" + } + ] + }, + { + "type": "library", + "name": "smithy-client", + "group": "@smithy", + "version": "3.1.1", + "bom-ref": "@smithy/smithy-client@3.1.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/smithy-client@3.1.1#packages/smithy-client", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/smithy-client", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/smithy-client", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/smithy-client/-/smithy-client-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63e0abbb329cd947c72656e3dc49bacb155c66a6d5a4b6624cc124ffb8812ae2c6ab69b11d17c09b99075807bb89fd7e7542ad846309d1b284bb85d47807bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/smithy-client" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/types@3.0.0", + "author": "AWS Smithy Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/types@3.0.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/types/-/types-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "56f5ae424d91285b8eafdf201618dc6bb7e4052fb12cb5114fc6d48e4e5742857464b9bb58fc163cf637fc0c334cbb940437a82830ad85f7b502c4d459a48487" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/types" + } + ] + }, + { + "type": "library", + "name": "url-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/url-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/url-parser@3.0.0#packages/url-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/url-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/url-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/url-parser/-/url-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d972dacc5814bbe60e187b568a10771522c07c251a8d57cd05718662339a54a8cb02e031c77a52058de10602f3220075ee169fe7d80e1b78a62aa4f2f2672b8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/url-parser" + } + ] + }, + { + "type": "library", + "name": "util-base64", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-base64@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A Base64 <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-base64@3.0.0#packages/util-base64", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-base64", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-base64", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-base64/-/util-base64-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b1be887942db74083b1f6a3899382a49c60b4f1d738ac2633e672e30683e3752810c03ea8fc716bdf1a13fed985d9c115915730e881479c5b71a3212edce741" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-base64" + } + ] + }, + { + "type": "library", + "name": "util-body-length-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in browsers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-browser@3.0.0#packages/util-body-length-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-browser/-/util-body-length-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71b8c9b3603598b626aa6c9597cd2ea0b4c984071fccc3b23e08f0018bac58a31d2de36dce6333f58c4d977fe344ba31492df092a91fd23c0d76d5d6b7210169" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-browser" + } + ] + }, + { + "type": "library", + "name": "util-body-length-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-body-length-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Determines the length of a request body in node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-body-length-node@3.0.0#packages/util-body-length-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-body-length-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-body-length-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-body-length-node/-/util-body-length-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3ee96786d49683543fa3f3c2137b2b7f3ab664a61044fd42d420d1381d34e9f1859bc2b2c1e38bea194d422ecf110245f1bcadd9b63ccc3658216ce9e21890" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-body-length-node" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-browser", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-browser@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-browser@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc314e3766ef5c902e9097bea8580f57fae8ac6ed90f79b88230971c3d55e73fed80a429e4c09308b9edaddebcead5fab63f14962de579f59726e74d8395a608" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-browser" + } + ] + }, + { + "type": "library", + "name": "util-defaults-mode-node", + "group": "@smithy", + "version": "3.0.3", + "bom-ref": "@smithy/util-defaults-mode-node@3.0.3", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-defaults-mode-node@3.0.3#packages/util-defaults-mode-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-defaults-mode-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-defaults-mode-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f46fc1895de713d346daa124372227aede4de667b198f30d739a0f29768818ac6bd625e2dc21c96a93681b906e0ad03681196aceeafeabdb48b02057c362b98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-defaults-mode-node" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@smithy", + "version": "2.0.1", + "bom-ref": "@smithy/util-endpoints@2.0.1", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-endpoints@2.0.1#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-endpoints/-/util-endpoints-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6514f45423a72a556885fa0004c73c956790a3f24416e3d672d7cd4578131dbc8e56cb0c38b60550d5ae931c621d119502157e9f773490f5becd4a9c92354f10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-middleware", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-middleware@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-middleware@3.0.0#packages/util-middleware", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-middleware", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-middleware", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-middleware/-/util-middleware-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab921374e9d5da95c74950e7296af08123530c100c1cba6d144d3bb9aff94f2e56275d5bbebd2f9366bb6a0bbba9186b085450967a39bb70a7794e4410b2be0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-middleware" + } + ] + }, + { + "type": "library", + "name": "util-retry", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-retry@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared retry utilities to be used in middleware packages.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-retry@3.0.0#packages/util-retry", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-retry", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/master/packages/util-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-retry/-/util-retry-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9caf7d6ef262ce21affd438a2650ef145e39174d1680f2ca5481947c02be98387354dda16ff4b7dee5b64e5860e4f541a2a63bb4356a2f4ce6bb83b1007828f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-retry" + } + ] + }, + { + "type": "library", + "name": "util-utf8", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-utf8@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A UTF-8 string <-> UInt8Array converter", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-utf8@3.0.0#packages/util-utf8", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-utf8", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-utf8", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-utf8/-/util-utf8-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad4793d766f1167a656037bcd791976eafe88b11061df44516d71317761d0e2fc968434833a6926182c9c9d1bcdd43732d77912392bc69b61dffc4a9fd033490" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-utf8" + } + ] + }, + { + "type": "library", + "name": "signature-v4", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/signature-v4@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A standalone implementation of the AWS Signature V4 request signing algorithm", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/signature-v4@3.0.0#packages/signature-v4", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/signature-v4", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/signature-v4", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91714e90d5fe0501dedaa9cbc693046824466a9f49ead5062f373703d8dd9fe9c3e0974cc0229327ecc5c10db41a463e9805c66adc93c371dca14951dfd1f098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/signature-v4" + } + ] + }, + { + "type": "library", + "name": "is-array-buffer", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/is-array-buffer@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Provides a function for detecting if an argument is an ArrayBuffer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/is-array-buffer@3.0.0#packages/is-array-buffer", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/is-array-buffer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/is-array-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/is-array-buffer/-/is-array-buffer-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f85b2ee90e82e114898b2f3563c780a63101e6056d33ea052937df83e8d2bb0b6fa26249ae150906edb34bcc235d2807fe0d4c2845abcf20a14c17ba7256f915" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/is-array-buffer" + } + ] + }, + { + "type": "library", + "name": "util-hex-encoding", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-hex-encoding@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Converts binary buffers to and from lowercase hexadecimal encoding", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-hex-encoding@3.0.0#packages/util-hex-encoding", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-hex-encoding", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-hex-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-hex-encoding/-/util-hex-encoding-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7859dd8755842b960c518bf2de53e5566618fdf65c404d43f2849fe3521ddaf09e2242895cf7180c2643fb8fb156223a6f55d277bb44face40997cf3e6295a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-hex-encoding" + } + ] + }, + { + "type": "library", + "name": "util-uri-escape", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-uri-escape@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-uri-escape@3.0.0#packages/util-uri-escape", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-uri-escape", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-uri-escape", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-uri-escape/-/util-uri-escape-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2ea47ba982e06530fb9d62c179c522e1aaa8970f0c8736bd02ba4d110f3cd4c249214dac13988708ae93772aaacdc0cbcb438f7b5d086384fc72d55db729ee6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-uri-escape" + } + ] + }, + { + "type": "library", + "name": "strnum", + "version": "1.0.5", + "bom-ref": "strnum@1.0.5", + "author": "Amit Gupta", + "description": "Parse String to Number based on configuration", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strnum@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/strnum.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/strnum/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27c6db37228a5e5e6a61c477e9320ef16de6546547ae69b1b1de4f008b46926cb3c09bf26e2c36215ab99ea7748b82d2352901fecc7d5479656df15dafd93524" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strnum" + } + ] + }, + { + "type": "library", + "name": "property-provider", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/property-provider@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/property-provider@3.1.0#packages/property-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/property-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/property-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e3dfea1586a75981e9a30a25a31650037e1bcb1780bfb8a0ee2a8effb6512c450f7edde982ade476c67763f7bd104914ac882114f21656dfff0942efa7e70e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/property-provider" + } + ] + }, + { + "type": "library", + "name": "util-stream", + "group": "@smithy", + "version": "3.0.1", + "bom-ref": "@smithy/util-stream@3.0.1", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-stream@3.0.1#packages/util-stream", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-stream/-/util-stream-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5ed534d840b1f31103c23df3a61d398e5f134fd3d7f663145e8e2ecaa4bd054d3f7bd9feccd80df182ca985bee2a00d3daf7d8aff4a9b4857cd154ebc692cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-stream" + } + ] + }, + { + "type": "library", + "name": "credential-provider-imds", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/credential-provider-imds@3.1.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/credential-provider-imds@3.1.0#packages/credential-provider-imds", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/credential-provider-imds", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/credential-provider-imds", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/credential-provider-imds/-/credential-provider-imds-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab8038777f2ff296189ac7aefe34d2dd9e48df35e510e7b939b8be109ade54a8125725941ce77bff26950a29c2eb4406e0c4720acf7cb5cc411f520c0b46eeed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/credential-provider-imds" + } + ] + }, + { + "type": "library", + "name": "shared-ini-file-loader", + "group": "@smithy", + "version": "3.1.0", + "bom-ref": "@smithy/shared-ini-file-loader@3.1.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/shared-ini-file-loader@3.1.0#packages/shared-ini-file-loader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/shared-ini-file-loader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/shared-ini-file-loader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74033bc125f4351dea4cdc8654dfe7c30a440f37d5f53ff700dd9e0011315a675ae55a99292b2394836aa263b98634161aff88224a177ecdeedaf192373f3e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/shared-ini-file-loader" + } + ] + }, + { + "type": "library", + "name": "util-config-provider", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-config-provider@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities package for configuration providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-config-provider@3.0.0#packages/util-config-provider", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-config-provider", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-config-provider", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-config-provider/-/util-config-provider-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5b8e4e2cd1fc2adc38bf00d2feac2bc930a3396f3010744e52ffa44be4d5e0304c45022e9481030f3a6e723da2163e9afe10e5ca5d1a27277168c4a7f898225" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-config-provider" + } + ] + }, + { + "type": "library", + "name": "bowser", + "version": "2.11.0", + "bom-ref": "bowser@2.11.0", + "author": "Dustin Diaz", + "description": "Lightweight browser detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bowser@2.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/lancedikson/bowser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lancedikson/bowser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lancedikson/bowser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bowser/-/bowser-2.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02571a2418bfa6aa8904843c53d31ca5cf62f00ab19fcf1292fe5dfb1057d34e81639bbc3779862c76b92e0a696bb2ff1dfc20c0b819e8d62cf8083ab9498944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bowser" + } + ] + }, + { + "type": "library", + "name": "querystring-builder", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-builder@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-builder@3.0.0#packages/querystring-builder", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-builder/-/querystring-builder-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d6f058b4373c9f904d13990a610d7af50260436cad35700e02d59ee0830300539443cf9000bff2a6a11c334004b49315cd7ff0f600b4c48302b45367382ed46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-builder" + } + ] + }, + { + "type": "library", + "name": "util-buffer-from", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-buffer-from@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-buffer-from@3.0.0#packages/util-buffer-from", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-buffer-from", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-buffer-from", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-buffer-from/-/util-buffer-from-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6843870a0ab945615b3fe5033ef3e8b76e842478ce0be6d182c7b903c5771524a1a9de44e54378a9cef3930b2f24f3c056c7fbdd0c18707375fe0b7faed2f040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-buffer-from" + } + ] + }, + { + "type": "library", + "name": "service-error-classification", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/service-error-classification@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/service-error-classification@3.0.0#packages/service-error-classification", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/service-error-classification", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/service-error-classification", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/service-error-classification/-/service-error-classification-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc1b01b4e52dd86b277375f6ddec3eaf633bd56c2da477c40c684760748383aab5b7c16b5a1d798d3db90cb6a3155d47f8fa71009ea0a9ef7261e454b2649d14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/service-error-classification" + } + ] + }, + { + "type": "library", + "name": "uuid", + "version": "9.0.1", + "bom-ref": "uuid@9.0.1", + "description": "RFC4122 (v1, v4, and v5) UUIDs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/uuid@9.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/uuidjs/uuid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/uuidjs/uuid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/uuidjs/uuid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fed5e24e96c47d2bc1c9a68c3d3a4ddf896396488708cd7a1dbefd2b42356839536958ca717f5c19369b78cbd875d2874236baa7629d4e073464b5c9017b7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uuid" + } + ] + }, + { + "type": "library", + "name": "querystring-parser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/querystring-parser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/querystring-parser@3.0.0#packages/querystring-parser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/querystring-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/querystring-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/querystring-parser/-/querystring-parser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5331f0b6193450471c578747ccfc929c1cb7e005b0dd5f6522a513c66a3343ec0f0c03bd72c09631f38b7bb57d0366a0358cbbc44f8f6f44ba2bf276dc94b37d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/querystring-parser" + } + ] + }, + { + "type": "library", + "name": "client-securityhub", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-securityhub@3.590.0#clients/client-securityhub", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-securityhub", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-securityhub", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-securityhub/-/client-securityhub-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cc0da783606c03b91489ecb6ea697c41b66088bb51a013b0e30dcec6364162dfcd31500d89bb9108bf63959a057c2f7b3f54f245c9baebdde57ee35adba1f92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub" + } + ] + }, + { + "type": "library", + "name": "xlsx", + "group": "@e965", + "version": "0.20.1", + "bom-ref": "@e965/xlsx@0.20.1", + "author": "sheetjs", + "description": "SheetJS Spreadsheet data parser and writer", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40e965/xlsx@0.20.1", + "externalReferences": [ + { + "url": "git+https://github.com/e965/sheetjs-npm-publisher.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://git.sheetjs.com/SheetJS/sheetjs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@e965/xlsx/-/xlsx-0.20.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd1bfc34b0751fa6aa43266ddff80b8ddd31919b07fbf588462e181c0c359281123533cf9b35c96cfa8ed8730dec3641d6f9c5d5448ac50f59bd2d12f4baa66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@e965/xlsx" + } + ] + }, + { + "type": "library", + "name": "emass_client", + "group": "@mitre", + "version": "3.10.0", + "bom-ref": "@mitre/emass_client@3.10.0", + "author": "OpenAPI-Generator Contributors", + "description": "OpenAPI client for @mitre/emass_client", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/emass_client@3.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/emass_client.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/emass_client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/emass_client/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/emass_client/-/emass_client-3.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e10952e45a11106c15df5d35d150ad7a8e7d7a76cf08d11405e99a1331c422a5284f08bf4b64a4f7c4d429d31838c0a53f826d363e984cfaad76ae2fe821e705" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client" + } + ] + }, + { + "type": "library", + "name": "follow-redirects", + "version": "1.15.6", + "bom-ref": "follow-redirects@1.15.6", + "author": "Ruben Verborgh", + "description": "HTTP and HTTPS modules that follow redirects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/follow-redirects@1.15.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/follow-redirects/follow-redirects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/follow-redirects/follow-redirects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1637ad9821311a3a948ae7ce0465725a7c7d401a93bc45580495f92e5db4ceacf5f87c87cec84a56fc2b2235df09758ac0a0ebda7d14ce127bec3befaa0aa14" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/follow-redirects" + } + ] + }, + { + "type": "library", + "name": "hdf-converters", + "group": "@mitre", + "version": "2.10.8", + "bom-ref": "@mitre/hdf-converters@2.10.8", + "description": "Converter util library used to transform various scan results into HDF format", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/hdf-converters@2.10.8", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/hdf-converters" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@mdi", + "version": "7.4.47", + "bom-ref": "@mdi/js@7.4.47", + "author": "Austin Andrews", + "description": "Dist for Material Design Icons for JS/TypeScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mdi/js@7.4.47", + "externalReferences": [ + { + "url": "git+https://github.com/Templarian/MaterialDesign-JS.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Templarian/MaterialDesign-JS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mdi/js/-/js-7.4.47.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28f9cd3ad9b98b6a4c69ba99c69533ee241ffa67eb619c8a099f10373f39733804b7b72e1dc1a8ad67ddcd4316600d120fe6ba1e7e05989f98873cf38e44d9ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mdi/js" + } + ] + }, + { + "type": "library", + "name": "jsonix", + "group": "@mitre", + "version": "3.0.7", + "bom-ref": "@mitre/jsonix@3.0.7", + "author": "Alexey Valikov", + "description": "Jsonix (JSON interfaces for XML) is a JavaScript library which allows converting between XML and JSON structures.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause", + "url": "http://github.com/highsource/jsonix/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/%40mitre/jsonix@3.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mitre/jsonix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/mitre/jsonix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/mitre/jsonix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/jsonix/-/jsonix-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f1a0cd2f6bf46f606a68e8bedc77fdfc4b8d914315cc53d83aeb0bc7d318fcacbd2cbcf60f90718062fcfa1e669d8a53887c859271a6e16aff3059b3ee81cb63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/jsonix" + } + ] + }, + { + "type": "library", + "name": "xmldom", + "group": "@xmldom", + "version": "0.8.10", + "bom-ref": "@xmldom/xmldom@0.8.10", + "description": "A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40xmldom/xmldom@0.8.10", + "externalReferences": [ + { + "url": "git://github.com/xmldom/xmldom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xmldom/xmldom", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xmldom/xmldom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9600b7d3978c68d9290609846deab0d315f93d475733981bd4432d7680ad8ab91288a5612171b6f3cbc1195edcff8e446a1d7f1b14473a142d478d7e1351663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@xmldom/xmldom" + } + ] + }, + { + "type": "library", + "name": "amdefine", + "version": "0.0.4", + "bom-ref": "amdefine@0.0.4", + "author": "James Burke", + "description": "Provide AMD's define() API for declaring modules in the AMD format", + "licenses": [ + { + "license": { + "name": "BSD", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/jrburke/amdefine/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/amdefine@0.0.4", + "externalReferences": [ + { + "url": "http://github.com/jrburke/amdefine.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://registry.npmjs.org/amdefine/-/amdefine-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbdb8d95aaa6f246746d80ee845b759aa3682ccd88e00b12781fba75d74d8927e6465251ab7f0852e36d503e3ec4eccea0f96d387cd2be795282c70c7e99c30e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/amdefine" + } + ] + }, + { + "type": "library", + "name": "xmlhttprequest", + "version": "1.8.0", + "bom-ref": "xmlhttprequest@1.8.0", + "author": "Dan DeFelippi", + "description": "XMLHttpRequest for Node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlhttprequest@1.8.0", + "externalReferences": [ + { + "url": "git://github.com/driverdan/node-XMLHttpRequest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/driverdan/node-XMLHttpRequest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/driverdan/node-XMLHttpRequest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlhttprequest/-/xmlhttprequest-1.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c226fd4d2695504b337f0d7598c7ca1b8cb42a9aeb5e3af64d983ff01a3dbbc2a15f5a4065296c9063d50466db2b518954010ff7ecc3b2f66c9183550b3004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlhttprequest" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "group": "@types", + "version": "1.4.5", + "bom-ref": "@types/csv2json@1.4.5", + "description": "TypeScript definitions for csv2json", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/csv2json@1.4.5#types/csv2json", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/csv2json", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/csv2json/-/csv2json-1.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d79d88c649cffcca76149023a6968d23036bdae7d65ed55c6cd814fb651371ac12af61569ea85a4e4dac2153a6967b4503226b19d3400acdc0ccacf9808a4d38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/csv2json" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "group": "@types", + "version": "1.4.4", + "bom-ref": "@types/pumpify@1.4.4", + "description": "TypeScript definitions for pumpify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pumpify@1.4.4#types/pumpify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pumpify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pumpify/-/pumpify-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9c59b41479c0f4e0c41892334184f99c5083f7ebc6a5a189aa9be22674c280f2b329c51340859003ea0223fac0154c5d43962aab4ffa94a7a686362ffd537b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "group": "@types", + "version": "3.6.4", + "bom-ref": "@types/duplexify@3.6.4", + "description": "TypeScript definitions for duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/duplexify@3.6.4#types/duplexify", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/duplexify", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/duplexify/-/duplexify-3.6.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e6a154fb1df9dcb708be85ba003325cc68ada5a15208591844099ecd644ca7c25d6289e621bf564681d39c1156b0ca1df3852aa6f45f491787dd5e13df5166" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/duplexify" + } + ] + }, + { + "type": "library", + "name": "node", + "group": "@types", + "version": "20.14.1", + "bom-ref": "@types/node@20.14.1", + "description": "TypeScript definitions for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/node@20.14.1#types/node", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/node/-/node-20.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f633348612efb2b01fc59167ea9a15773cbc90968c1da6d9a6803db40ba431b12f059afe528e96756b25da102d12db5fe1e5427d880e96ff9bd2354e65d3438" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/node" + } + ] + }, + { + "type": "library", + "name": "ms", + "group": "@types", + "version": "0.7.34", + "bom-ref": "@types/ms@0.7.34", + "description": "TypeScript definitions for ms", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/ms@0.7.34#types/ms", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/ms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/ms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c6f7a1b75a9e9a73202026a19ab233836fe69cac8eca96d3e2471cc73d79cfdcd808dbc6e940346fe77a256ea1976df7201796a288798edf1a701294b92ddf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "group": "@types", + "version": "4.2.5", + "bom-ref": "@types/mustache@4.2.5", + "description": "TypeScript definitions for mustache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mustache@4.2.5#types/mustache", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mustache", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mustache", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mustache/-/mustache-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3cbc2256f4c1839f6d1852fff15a5c1afa8ebb72f83aebde36f3e2d0461b59c85174454ffbec9151724f165f82029284ab5df4d7bff835feda439953b4750db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "group": "@types", + "version": "5.3.14", + "bom-ref": "@types/papaparse@5.3.14", + "description": "TypeScript definitions for papaparse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/papaparse@5.3.14#types/papaparse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/papaparse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/papaparse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/papaparse/-/papaparse-5.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f127888415ca6a73a3044f0a7d7fa055e9555ce379ba31f1f456a168b07beb5207d78857bac30ed1de2b64390f9308ae98f88bfff919e7bed4599e473929cf6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "group": "@types", + "version": "0.3.12", + "bom-ref": "@types/revalidator@0.3.12", + "description": "TypeScript definitions for revalidator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/revalidator@0.3.12#types/revalidator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/revalidator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/revalidator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/revalidator/-/revalidator-0.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ec0368c77f3ef725a211395a0c0ddff1ee75565c19847434a85c1e324250f3bff342064158d9f30793213a0c6aefa282c30057b9408ea5f56ab44e0768a4cb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/revalidator" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/triple-beam@1.3.5", + "description": "TypeScript definitions for triple-beam", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/triple-beam@1.3.5#types/triple-beam", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/triple-beam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/triple-beam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/triple-beam/-/triple-beam-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e966987ac4e144c0a5d7d8abc8c60feffc76395802b5b2157e50c61695a76fd8ab5c8dd48d8138033998ba250a635009b2d1a28e863e32052cccc811c4861363" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/triple-beam" + } + ] + }, + { + "type": "library", + "name": "validator", + "group": "@types", + "version": "13.12.0", + "bom-ref": "@types/validator@13.12.0", + "description": "TypeScript definitions for validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/validator@13.12.0#types/validator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/validator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/validator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c7e392e4ee83c8275455385e8980523a0f2d10a47133ab841e71986f82ec583c3c13f1cf77a6b08ca80b6222db66dfdbe867e0c347eaa436732926630146a6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/validator" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "group": "@types", + "version": "0.4.14", + "bom-ref": "@types/xml2js@0.4.14", + "description": "TypeScript definitions for xml2js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/xml2js@0.4.14#types/xml2js", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/xml2js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e189eb45e9814a15913b6423bd48a7f04480e35ac7fbd9d018b506655ff5203862dd22fd3a1769342fccaee9535aea6d5cac21c7f683c44eeda15d1fff2a485d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/xml2js" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "1.7.2", + "bom-ref": "axios@1.7.2", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@1.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-1.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80f1084e32b6e89a50ee88b78af5789b201cee1de45caaa34e1e9d02ca9e44a09d4814387e5d91f703a0645edbf42b880518223463804cec1d703848b446683" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "compare-versions", + "version": "6.1.0", + "bom-ref": "compare-versions@6.1.0", + "author": "Ole Michelsen", + "description": "Compare semver version strings to find greater, equal or lesser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/compare-versions@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/omichelsen/compare-versions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/omichelsen/compare-versions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/compare-versions/-/compare-versions-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd6505e1a94bea513a2da59d34a8b49a89fcb76f85450f9f3c691afc30a170e02314afdf32b73096e700c7e6ac7f0c46399020d771b711b82a8bd2ccc47f6b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/compare-versions" + } + ] + }, + { + "type": "library", + "name": "csv2json", + "version": "2.0.2", + "bom-ref": "csv2json@2.0.2", + "author": "Julien Fontanet", + "description": "Stream and CLI to convert CSV to JSON", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/csv2json@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/julien-f/csv2json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/julien-f/csv2json", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/julien-f/csv2json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv2json/-/csv2json-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61567bd8e7a14acf7e8f694c135d28b2624d1de23475c1e55fea8dabcc5c4744fe46df1668e09c84a884545dc6b0ae0e7f7cff2c4eb8c746dad5ca542e601c97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv2json" + } + ] + }, + { + "type": "library", + "name": "csv-parser", + "version": "2.3.5", + "bom-ref": "csv-parser@2.3.5", + "author": "mafintosh", + "description": "Streaming CSV parser that aims for maximum speed as well as compatibility with the csv-spectrum test suite", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parser@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/csv-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/csv-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parser/-/csv-parser-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c21e8942e0094dc0bfb912e0f92c7d9554d2a90fc422c595b6cf32b55e6ad56146ac945638739068a0444738222e6c6f62bff0c0c858ece31d07bd6359bb25a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parser" + } + ] + }, + { + "type": "library", + "name": "minimist", + "version": "1.2.8", + "bom-ref": "minimist@1.2.8", + "author": "James Halliday", + "description": "parse argument options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minimist@1.2.8", + "externalReferences": [ + { + "url": "git://github.com/minimistjs/minimist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/minimistjs/minimist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/minimistjs/minimist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db2c8047ca8190ddd8ba17896a7529582e54ddb6f9a2c0f2c0d07c4730d5943c031dba1c009bdeaaa8f5bbcf92543ee39164f8cafb070a95aaa96a80c5bd3308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimist" + } + ] + }, + { + "type": "library", + "name": "through2", + "version": "3.0.2", + "bom-ref": "through2@3.0.2", + "author": "Rod Vagg", + "description": "A tiny wrapper around Node.js streams.Transform (Streams2/3) to avoid explicit subclassing noise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through2@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/rvagg/through2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/rvagg/through2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/rvagg/through2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through2/-/through2-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a7683438314c8fd96e99c93e84b0ccea04f65a33f6af83c8aea3e976777402b3427ee916aa90757fdbf94ec034ee7811de27fd8b1bd96b2d6ddde6b58fb9cb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through2" + } + ] + }, + { + "type": "library", + "name": "exec-promise", + "version": "0.7.0", + "bom-ref": "exec-promise@0.7.0", + "author": "Julien Fontanet", + "description": "Testable CLIs with promises", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/exec-promise@0.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/exec-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/exec-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exec-promise/-/exec-promise-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6b817e065a23cdb0f42b28227c5f754e6ec89d6afe89ad61853209a95362bd4d202ee90f3d27ec98ea4a7fa2d85845727852199e3bc8c18f8e99411af9e1780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exec-promise" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "1.0.2", + "bom-ref": "log-symbols@1.0.2", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: ✔︎ success", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a63eb5b4161d9fc4ecdd05b16fe20d66ea947bda16852cf2761b94891042dfd72fa2690ac31ba71608f8f2e7844761b640b7b5fe96cebdd0ac3ad807565c1cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols" + } + ] + }, + { + "type": "library", + "name": "has-ansi", + "version": "2.0.0", + "bom-ref": "has-ansi@2.0.0", + "author": "Sindre Sorhus", + "description": "Check if a string has ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-ansi@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0bcbc127c0f0502c75f6f866eeeae14ee52caf8fc8c8fea5e15ccd403bfeaf21d039b5b74d34e9f7207af16a588117b66db686b99fec7bbe08a857959cc9cb66" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi" + } + ] + }, + { + "type": "library", + "name": "promise-toolbox", + "version": "0.14.0", + "bom-ref": "promise-toolbox@0.14.0", + "author": "Julien Fontanet", + "description": "Essential utils for promises", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-toolbox@0.14.0", + "externalReferences": [ + { + "url": "git+https://github.com/JsCommunity/promise-toolbox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/promise-toolbox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/promise-toolbox/-/promise-toolbox-0.14.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "555e655cae255da3c1f6804ee74a297b5a9dd0028df0dde72b5e2362f57dfea1667d95b63f1fdb2633d90678868d770825fe89e58fdca0d809b4f1c3ca2515fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/promise-toolbox" + } + ] + }, + { + "type": "library", + "name": "make-error", + "version": "1.3.6", + "bom-ref": "make-error@1.3.6", + "author": "Julien Fontanet", + "description": "Make your own error types!", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-error@1.3.6", + "externalReferences": [ + { + "url": "git://github.com/JsCommunity/make-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JsCommunity/make-error", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JsCommunity/make-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b3c52194d7bbbcf2a8990842d6a15e94ca24aff49cdc080d6eca379fbe2654f0392d3670901f4d9577f85cf6a62f1244f21d2087bdeb33de31bf0453d825489f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-error" + } + ] + }, + { + "type": "library", + "name": "pump", + "version": "3.0.0", + "bom-ref": "pump@3.0.0", + "author": "Mathias Buus Madsen", + "description": "pipe streams together and close all of them if one of them closes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pump@3.0.0", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pump.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pump#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pump/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f0672fa9dd216cd4fcad77f8d872de30a6fe3d1e2602a9df5195ce5955d93457ef18cefea34790659374d198f2f57edebd4f13f420c64627e58f154d81161c3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pump" + } + ] + }, + { + "type": "library", + "name": "end-of-stream", + "version": "1.4.4", + "bom-ref": "end-of-stream@1.4.4", + "author": "Mathias Buus", + "description": "Call a callback when a readable/writable/duplex stream has completed or failed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/end-of-stream@1.4.4", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/end-of-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/end-of-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faec358a720754f428695b87cd1c97776d6270cf9c9ede02cc3e6b5be342d708ce5124ceb3e4deec53afec084deef4bdc7fa08ca12cfe4f4751fea614001eee5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/end-of-stream" + } + ] + }, + { + "type": "library", + "name": "once", + "version": "1.4.0", + "bom-ref": "once@1.4.0", + "author": "Isaac Z. Schlueter", + "description": "Run a function exactly one time", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/once@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/once.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/once#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/once/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94d689808fb643951140191c7042874d038f697754c67659125413658d0c15402e684a9ed44f8dcaf81dcff688c8d8ba67d3333b976fd47f27e7cfc610ba77fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/once" + } + ] + }, + { + "type": "library", + "name": "pumpify", + "version": "2.0.1", + "bom-ref": "pumpify@2.0.1", + "author": "Mathias Buus", + "description": "Combine an array of streams into a single duplex stream using pump and duplexify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pumpify@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/pumpify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/pumpify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/pumpify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pumpify/-/pumpify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9bb28e8deee3671ae6bad6a79644b575a8f5752eb3e8182c97339799c484a48942c4cdd5247ee51b940b79c93fea1805e85e1cac57f4d54b5098db097f079303" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pumpify" + } + ] + }, + { + "type": "library", + "name": "duplexify", + "version": "4.1.3", + "bom-ref": "duplexify@4.1.3", + "author": "Mathias Buus", + "description": "Turn a writable and readable stream into a streams2 duplex stream with support for async initialization and streams1/streams2 input", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/duplexify@4.1.3", + "externalReferences": [ + { + "url": "git://github.com/mafintosh/duplexify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/duplexify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/duplexify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/duplexify/-/duplexify-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "337066061c09459b12c77f25672844e770ac75d83397947bc4624d93b09575d643e82726c0c087f09fbb029ac8ad0287ed3a272b16828dcbf6ed099ffac43ea0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/duplexify" + } + ] + }, + { + "type": "library", + "name": "inherits", + "version": "2.0.4", + "bom-ref": "inherits@2.0.4", + "description": "Browser-friendly inheritance fully compatible with standard node.js inherits()", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inherits@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/inherits.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inherits#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inherits/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93fbc6697e3f6256b75b3c8c0af4d039761e207bea38ab67a8176ecd31e9ce9419cc0b2428c859d8af849c189233dcc64a820578ca572b16b8758799210a9ec1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inherits" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "3.6.2", + "bom-ref": "readable-stream@3.6.2", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@3.6.2", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f6efec9e20ab6370f959db04447cc71381b66025eaa06e454c7522082e1221bafa5dc2d9058d39c9af442a361e93d3b9c4e0308c6abed497460404bb43d49ca0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "stream-shift", + "version": "1.0.3", + "bom-ref": "stream-shift@1.0.3", + "author": "Mathias Buus", + "description": "Returns the next buffer/object in a stream's readable queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-shift@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/mafintosh/stream-shift.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mafintosh/stream-shift/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efa3914740ced68d6194ac136e2fc33371175867f764960ef1c5d7e512709ee9760c4836a32a19ca32cda1033c5acbd988528245f0b53b427b882be27b745999" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-shift" + } + ] + }, + { + "type": "library", + "name": "strip-bom-stream", + "version": "4.0.0", + "bom-ref": "strip-bom-stream@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-stream@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-stream/-/strip-bom-stream-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d00a4ade20241efe966e02c80b0fc9e278701de0d9b01c4822c383fa01e064808be92789d12f5ffd666a7a691af5c8e44f230de6078877a7bc5395861409f771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-stream" + } + ] + }, + { + "type": "library", + "name": "first-chunk-stream", + "version": "3.0.0", + "bom-ref": "first-chunk-stream@3.0.0", + "author": "Sindre Sorhus", + "description": "Transform the first chunk in a stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/first-chunk-stream@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/first-chunk-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/first-chunk-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/first-chunk-stream/-/first-chunk-stream-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cd46f47886bfd2f1c5d7908639a538153fb2f7b6ae8b95859c83d9d606e5bba3534cc4a668ea83956bfe8621e90c188d08c3bb82f875a298c7bdbbf54078aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/first-chunk-stream" + } + ] + }, + { + "type": "library", + "name": "strip-bom-buf", + "version": "2.0.0", + "bom-ref": "strip-bom-buf@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom-buf@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom-buf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom-buf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom-buf/-/strip-bom-buf-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80b14d1ee71dea0cdbf2332c9794266774209d4266a7baa7e2e5121cdc045ee980a7b622ce8198c35f595157eeab868139052dca7da4f17fc2c33581ef75b695" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom-buf" + } + ] + }, + { + "type": "library", + "name": "is-utf8", + "version": "0.2.1", + "bom-ref": "is-utf8@0.2.1", + "author": "wayfind", + "description": "Detect if a buffer is utf8 encoded.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-utf8@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/wayfind/is-utf8.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wayfind/is-utf8#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wayfind/is-utf8/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "acc60f62f0b3b17cb022c95d80b692a0f970e4f7e807fb2cafb858e292df72876b03933f780af36b56bd5664e234804d323386af53b0f664f2536a3af54e94f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-utf8" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.4.0", + "bom-ref": "fast-xml-parser@4.4.0", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90b6378c5970218c01343a237252ac3400b5dac7c3e8dc16ef8401d82a0d18fbed5718e58987a156e9c1dc7632362fa7e13b75740720c18be6285fd9d7c7e5aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "html-entities", + "version": "2.5.2", + "bom-ref": "html-entities@2.5.2", + "author": "Marat Dulin", + "description": "Fastest HTML entities encode/decode library.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-entities@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mdevils/html-entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mdevils/html-entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdevils/html-entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-entities/-/html-entities-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bffcf491310938159efc2b26aefa666eac79f7147d15c2bf87dfa784d2b3db798911462f58c5c7983e1b8deb45305a8af1c8a1e1aa800997638529ae0156d68" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-entities" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "9.1.0", + "bom-ref": "htmlparser2@9.1.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@9.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e737e0ea61d4a1a7abffded3c671a9c666d1ef326d3f021814c67f1f9b9c4e53d984abedba6d39ca23cadcc81a8b76b40f2571bfba98aa8c1e6847769eb610cd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "inspecjs", + "version": "2.10.8", + "bom-ref": "inspecjs@2.10.8", + "description": "Schema definitions, classes on top, and utilities to deal with HDF files", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/inspecjs@2.10.8", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inspecjs/-/inspecjs-2.10.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7254873aba523f31f309f195a81cf5f5fa6162c37032af4b2383ed3d690a45521ee79e1bb2a255b7f49f665859d4be7919ac4ff7e3e49d8b026984338d276109" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inspecjs" + } + ] + }, + { + "type": "library", + "name": "lodash", + "version": "4.17.21", + "bom-ref": "lodash@4.17.21", + "author": "John-David Dalton", + "description": "Lodash modular utilities.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash@4.17.21", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf690311ee7b95e713ba568322e3533f2dd1cb880b189e99d4edef13592b81764daec43e2c54c61d5c558dc5cfb35ecb85b65519e74026ff17675b6f8f916f4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash" + } + ] + }, + { + "type": "library", + "name": "moment", + "version": "2.30.1", + "bom-ref": "moment@2.30.1", + "author": "Iskren Ivov Chernev", + "description": "Parse, validate, manipulate, and display dates", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/moment@2.30.1", + "externalReferences": [ + { + "url": "git+https://github.com/moment/moment.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://momentjs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moment/moment/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/moment/-/moment-2.30.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b849ad3616c33ab58f152fa176314205fcbd7f6628cb3469c1c97e0eaa42ead697db5173b132d055b315fd6ecfccd497eb1fdb842d73037736510e4dcc7ea1a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/moment" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e85973b9b4cb646dc9d9afcd542025784863ceae68c601f268253dc985ef70bb2fa1568726afece715c8ebf5d73fab73ed1f7100eb479d23bfb57b45dd645394" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "mustache", + "version": "4.2.0", + "bom-ref": "mustache@4.2.0", + "author": "mustache.js Authors", + "description": "Logic-less {{mustache}} templates with JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mustache@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/janl/mustache.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/janl/mustache.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/janl/mustache.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mustache/-/mustache-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef58a9a52cb0ab961beffb5563219b9018206d4f07deee51cf9e9f1fad2318582bf2e1f0c6cf9a48a7aa9a5b885733349b4901ef1423292eaa3df7746f6668a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mustache" + } + ] + }, + { + "type": "library", + "name": "papaparse", + "version": "5.4.1", + "bom-ref": "papaparse@5.4.1", + "author": "Matthew Holt", + "description": "Fast and powerful CSV parser for the browser that supports web workers and streaming large files. Converts CSV to JSON and JSON to CSV.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/papaparse@5.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/mholt/PapaParse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://papaparse.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mholt/PapaParse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/papaparse/-/papaparse-5.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e2a4cb2026466ef1baf6de95b5e6ebe8eac89beb09deff8c282d93e515fdeba43c8c7bdcb011752cb83efee8af4f464265553e758ffb023980ca1864b7649af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/papaparse" + } + ] + }, + { + "type": "library", + "name": "revalidator", + "version": "0.3.1", + "bom-ref": "revalidator@0.3.1", + "author": "Charlie Robbins", + "description": "A cross-browser / node.js validator powered by JSON Schema", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/revalidator@0.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/flatiron/revalidator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flatiron/revalidator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flatiron/revalidator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/revalidator/-/revalidator-0.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2babe370f95e690e9430184b8dda7d40809fb403c5aa8451cab792a09317c0a3050a80ed42595df6211dd3341e20f7f157de026df6a0493bc0d8970a279c1d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/revalidator" + } + ] + }, + { + "type": "library", + "name": "run-script-os", + "version": "1.1.6", + "bom-ref": "run-script-os@1.1.6", + "author": "Charlie Guse", + "description": "run-script-os is a tool that will let you use generic npm script commands that will pass through to os specific commands.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-script-os@1.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/charlesguse/run-script-os.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/charlesguse/run-script-os/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-script-os/-/run-script-os-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa5e8fd8bce10534c37f32adb3e428e07f785542a9c4a0c5cfa431c7069464dd26c2f8bb2f7969388ec1a8f0aaee58038775cb974769797c1f715222b65ad8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-script-os" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-7.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d0080560b1f6a7118681dc81c27482f53b48dd65614d995ee49f974e1b482e4ea6f0c71722428dd347a263d7c6342508153aed85bae0fcd8eff548107ec5db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.4.3", + "bom-ref": "tailwindcss@3.4.3", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bb31424fe7dfdec19b1e091db271fe248e3afe46f882377f59292e963641e52fe4370f75c4ec60b96eb197ead4db611d2d5cd5c668c859a691ec75af391ed0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "group": "@alloc", + "version": "5.2.0", + "bom-ref": "@alloc/quick-lru@5.2.0", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40alloc/quick-lru@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@alloc/quick-lru/-/quick-lru-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52b700041fb86d4ac5001c1b96e4c8044ad7c2f6ec53f57b4d959f99b8097db930881bb3892f60c5d383532ba279c7dd190f398e094c5ba8ee4b7fb3e53b0a2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@alloc/quick-lru" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "5.0.2", + "bom-ref": "arg@5.0.2", + "author": "Josh Junon", + "description": "Unopinionated, no-frills CLI argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@5.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d88f214e2ca43dcb9ec9bd0e902e8f1d02036ab3087c33544c25875076e4fac5b59280adfa3ff67fbfea7cf3ca4cebd8cc31f4bc5ddf05e88d6443f23d1d41a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "chokidar", + "version": "3.5.3", + "bom-ref": "chokidar@3.5.3", + "author": "Paul Miller", + "description": "Minimal and efficient cross-platform file watching library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chokidar@3.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/paulmillr/chokidar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/chokidar", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/chokidar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ebdec7ca44fea84dc8dfd8999498525f79532f5c175e83107489543979bd95d74b852540804bc381c9975503255bf315cdcf71a38d3823f642d6b194ea13a93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar" + } + ] + }, + { + "type": "library", + "name": "didyoumean", + "version": "1.2.2", + "bom-ref": "didyoumean@1.2.2", + "author": "Dave Porter", + "description": "Match human-quality input to potential matches by edit distance.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/didyoumean@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/dcporter/didyoumean.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dcporter/didyoumean.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/didyoumean/-/didyoumean-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "831b727ea320ec62b285099bd39e8aeccdf1b33cbf9b21fcc3e078453f905c142cbc039d7375f29aa0c33c7c750603e0b1d000e522227e89daf3d62d4404c3cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/didyoumean" + } + ] + }, + { + "type": "library", + "name": "dlv", + "version": "1.1.3", + "bom-ref": "dlv@1.1.3", + "author": "Jason Miller", + "description": "Safely get a dot-notated property within an object.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dlv@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/developit/dlv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/developit/dlv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/developit/dlv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dlv/-/dlv-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f87972b728e53ca9c81bc5ee446f16be604ff31b3c3fbd72f9228a4ba6575a81202ee78fc6d0e8504887ed691d78f5ab439241a44e9aa15a9f65f2544248d7c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dlv" + } + ] + }, + { + "type": "library", + "name": "fast-glob", + "version": "3.3.2", + "bom-ref": "fast-glob@3.3.2", + "author": "Denis Malinochkin", + "description": "It's a very fast and efficient glob library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-glob@3.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/mrmlnc/fast-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrmlnc/fast-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a17dabb80150c1ffceae3f26ef7ed8e5a7710d03b42c007bfd2e4c9f109d4cd0dde29e81b32215b2ff4942c0136d34aaf0a1d1a4bc081db56550d6adc5dfb53b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob" + } + ] + }, + { + "type": "library", + "name": "fs.stat", + "group": "@nodelib", + "version": "2.0.5", + "bom-ref": "@nodelib/fs.stat@2.0.5", + "description": "Get the status of a file with some features", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.stat@2.0.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "46484f3e9db3aea0c0400ff68cd867ced70f025bfae17761229edaef8e78039a2f23b06e93182decc5fbb9dc00bb7ce0d437293d4d2bcf7555d5279aaaf638f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.stat" + } + ] + }, + { + "type": "library", + "name": "fs.walk", + "group": "@nodelib", + "version": "1.2.8", + "bom-ref": "@nodelib/fs.walk@1.2.8", + "description": "A library for efficiently walking a directory recursively", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.walk@1.2.8#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0607e53196059c810920c28f067041b07a6a1316ddc520ef5a6da6c199a1b05c8a01299f864f2d293f5f396de1a0ecb96287f3521d25765c0b35967ce7a1c4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.walk" + } + ] + }, + { + "type": "library", + "name": "is-glob", + "version": "4.0.3", + "bom-ref": "is-glob@4.0.3", + "author": "Jon Schlinkert", + "description": "Returns `true` if the given string looks like a glob pattern or an extglob pattern. This makes it easy to create code that only uses external modules like node-glob when necessary, resulting in much faster code execution and initialization time, and a better user experience.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-glob@4.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/is-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/is-glob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/is-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e9526b21c7dfa66013b6568658bba56df884d6cd97c3a3bf92959a4243e2105d0f7b61f137e4f6f61ab0b33e99758e6611648197f184b4a7af046be1e9524a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-glob" + } + ] + }, + { + "type": "library", + "name": "merge2", + "version": "1.4.1", + "bom-ref": "merge2@1.4.1", + "description": "Merge multiple streams into one stream in sequence or parallel.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge2@1.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/teambition/merge2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/teambition/merge2", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/teambition/merge2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2aed51203095b827cb5c7d53f2f20d3d35c43065d6f0144aa17bf5999282338e7ff74c60f0b4e098b571b10373bcb4fce97330820e0bfe3f63f9cb4d1924e3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge2" + } + ] + }, + { + "type": "library", + "name": "micromatch", + "version": "4.0.5", + "bom-ref": "micromatch@4.0.5", + "author": "Jon Schlinkert", + "description": "Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/micromatch@4.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/micromatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/micromatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/micromatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0cccbe1117045b6abc6763e8f96357bb0ddce586944858c03b91ac26a7c497b523bed22e14a3ba66b2af708b5dcbdf1dc05236375b60df334874a6904fe68d74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/micromatch" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "6.0.2", + "bom-ref": "glob-parent@6.0.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@6.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f1c08f043a1550816a7a8832feddbd2bf3a7f877a017eb3494e791df078c9d084b972d773915c61e3aefa79c67ed4b84c48eeff5d6bb782893d33206df9afe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "jiti", + "version": "1.21.0", + "bom-ref": "jiti@1.21.0", + "description": "Runtime typescript and ESM support for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jiti@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/unjs/jiti.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/unjs/jiti#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/unjs/jiti/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jiti/-/jiti-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "805a8021bb8acb2b28ff71b6aa188ed8e33ab2163a10f3ff474fa69036f2b29c4a6b387c0570c2e45885b148e573381d373fef7eb6b475adb2f9a1ebbac2c6fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jiti" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "2.1.0", + "bom-ref": "lilconfig@2.1.0", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad58eb7f187cee5319cb2b107a764f3546839ea0d78781bad78ae1a4e32c85e6a951cfe888556bb9e84d9fa861c5ad7cf440d5212c1ffc9caaaf447eba24a19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "braces", + "version": "3.0.2", + "bom-ref": "braces@3.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like brace expansion, implemented in JavaScript. Safer than other brace expansion libs, with complete support for the Bash 4.3 braces specification, without sacrificing speed.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/braces@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/braces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/braces", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/braces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fcba6f8bd51cccdd60d2cef866ea0233d727d36c1b7a61395c10a02fb26a82659170e3acfadba9558fd8f5c843d6df71f91fe94142964c3f593c97eefc1dad0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/braces" + } + ] + }, + { + "type": "library", + "name": "picomatch", + "version": "2.3.1", + "bom-ref": "picomatch@2.3.1", + "author": "Jon Schlinkert", + "description": "Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/picomatch@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/picomatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/picomatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/picomatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "254ded7874cd8e6136542185cee63c117cc20d5c04a81d9af1fb08bf0692b4784058911e55dd68d500fcd0253af997445d748b6d2b2e2f0263902056a9141454" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picomatch" + } + ] + }, + { + "type": "library", + "name": "normalize-path", + "version": "3.0.0", + "bom-ref": "normalize-path@3.0.0", + "author": "Jon Schlinkert", + "description": "Normalize slashes in a file path to be posix/unix-like forward slashes. Also condenses repeat slashes to a single slash and removes and trailing slashes, unless disabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-path@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/normalize-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/normalize-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9e66ce4bb375ad0a2b075a9f52d86532f1daa4a468b80554b3dc66aa884e9ecee6f4e75d844b3b57530501e82e8829b4246363e76ff983e166288c24707302c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-path" + } + ] + }, + { + "type": "library", + "name": "object-hash", + "version": "3.0.0", + "bom-ref": "object-hash@3.0.0", + "author": "Scott Puleo", + "description": "Generate hashes from javascript objects in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-hash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/puleos/object-hash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/puleos/object-hash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/puleos/object-hash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4529fd17af0f8c7f47aad96db129ea602d575e859ef418eee7edb5dd1f7c70d1adb5a83dabdc80393cdd6ecaaf21aeda366e567df059169598af6696ae495603" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-hash" + } + ] + }, + { + "type": "library", + "name": "picocolors", + "version": "1.0.0", + "bom-ref": "picocolors@1.0.0", + "author": "Alexey Raspopov", + "description": "The tiniest and the fastest library for terminal output formatting with ANSI colors", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/picocolors@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexeyraspopov/picocolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexeyraspopov/picocolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5fca0ae84cb947bbaeb38b6e95a130eff324609b415c71e72cb2da3e321b19d03fc3196dac9bc13c0235bb354e5555346de46c5b799e6a06e26bf87c8b6248d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/picocolors" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "15.1.0", + "bom-ref": "postcss-import@15.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@15.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-15.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "869afe274e41d855585005c778ad58c88dbaec9fdd0c384c53a07a722be6f21498d636099c15f1cca0ca0ecc33266b4b1ebcab8e19c38eaaa9ff8f6df0500b7b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-value-parser", + "version": "4.2.0", + "bom-ref": "postcss-value-parser@4.2.0", + "author": "Bogdan Chadkin", + "description": "Transforms css values and at-rule params into the tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-value-parser@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/postcss-value-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/postcss-value-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4d342b3abaeadf9156de5c6e12f09153f6dd7d9b8e480a789ff3358b779a0f499e74427c0c7caf87de3bf8d3c7788f0ffb06db6fe5ac52e48887a0b69534779" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-value-parser" + } + ] + }, + { + "type": "library", + "name": "postcss", + "version": "8.4.38", + "bom-ref": "postcss@8.4.38", + "author": "Andrey Sitnik", + "description": "Tool for transforming styles with JS plugins", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss@8.4.38", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://postcss.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a0969764d370527d7907a106b76ffa2e96ba2d024c2b94b0d148e6fd0f46cdf3a15d47213d969a52a77dda1cd3e005ad09282a01f9dac52d9910a1145869ee4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss" + } + ] + }, + { + "type": "library", + "name": "read-cache", + "version": "1.0.0", + "bom-ref": "read-cache@1.0.0", + "author": "Bogdan Chadkin", + "description": "Reads and caches the entire contents of a file until it is modified", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-cache@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/TrySound/read-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TrySound/read-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TrySound/read-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-cache/-/read-cache-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b076ffc5b7b2233a09bf8b4c6f3436752eb4403517dec386f6a6b1773963102f12dfbb76d2f055610acad208c2b8951e7a63dc9af804e1a13a43093c429a944" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-cache" + } + ] + }, + { + "type": "library", + "name": "pify", + "version": "2.3.0", + "bom-ref": "pify@2.3.0", + "author": "Sindre Sorhus", + "description": "Promisify a callback-style function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pify@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9d82c018f9f4e7befee423b69ac5bab058d6f4007881d2a04ef3d3d928f9284e618e81d6eb1c3283fb40765f8b937c9fc54f5474f6bf604ec8d48cd268b6ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pify" + } + ] + }, + { + "type": "library", + "name": "resolve", + "version": "1.22.8", + "bom-ref": "resolve@1.22.8", + "author": "James Halliday", + "description": "resolve like require.resolve() on behalf of files asynchronously and synchronously", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve@1.22.8", + "externalReferences": [ + { + "url": "git://github.com/browserify/resolve.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserify/resolve#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserify/resolve/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a59e3c2c6aa5de8594bbc6575554d31edb90f9a608da25c738cc7f835cce80e741c216ac017e70fb599f98ba9fe45f0f677d8b4b73a4a9c6e98935ebcc88cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve" + } + ] + }, + { + "type": "library", + "name": "postcss-js", + "version": "4.0.1", + "bom-ref": "postcss-js@4.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS for CSS-in-JS and styles in JS objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-js@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-js/-/postcss-js-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7432c5f2910ed7dd6124cb651c53d16bcc6c8b31da33cd8c2df364507754b55115ded813a79a23fbca9b12a60ce7b48b7dcef82926f0fffe1278999ad8b45523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-js" + } + ] + }, + { + "type": "library", + "name": "camelcase-css", + "version": "2.0.1", + "bom-ref": "camelcase-css@2.0.1", + "author": "Steven Vachon", + "description": "Convert a kebab-cased CSS property into a camelCased DOM property.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase-css@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/stevenvachon/camelcase-css.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stevenvachon/camelcase-css/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40e4af7af86c9628e0630471e91bfbcca74c17c95b466c7eb901b1dbebc373e288fde067b32f648ade5a8f6dc0806bb7a5ae2df408306e75d6a92fa2398fb668" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase-css" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "4.0.2", + "bom-ref": "postcss-load-config@4.0.2", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2561c8918bd34c0c5683d4cc05409db1285b2a91c648efeb8b54978dbb48a9cfac436daba849c14a23ae8333d9507e43579d9a2e087eb00fa5a9a2e5556031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "10.9.2", + "bom-ref": "ts-node@10.9.2", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@10.9.2", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://typestrong.org/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f4145a4875c1e09fccdc3d26dfd5d45ebf0b74e3b60c9da889337bb6c3645ec2b07e7e86ffcde3d972b3b24282cc30eeda04875d2dc40810ae5d62390b9c6ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "2.4.3", + "bom-ref": "yaml@2.4.3", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b27b609b18fca3b0c4ee0fd08bad1caa92c10371c6dd24dc0c0d243be59f074e6310a85931b63bba6366dab06942fb26675ebf94f5c22465b6ebbd9d80e524ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.1", + "bom-ref": "postcss-nested@6.0.1", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "984a78c4f322e5b49688c6ec8283df70fef896c58b1e441b65cdec63e8d661deb9094c17ad4693a747e63696b4d597044ca94881474537f3294b6c59b6a2fd75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03445526b5fe21491565b5b70a5ae8456bab7ab70586279ebc7077f2caf6fa5f5e50294caa899edcb9849a7865372fb932bd8460de81d8a6b0f7061d77e5478b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-selector-parser" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd36ff25c8cad75d67352706a1be4c36db27b4d3356823540e2a41fd39306458720ebac4e3b48ec7fd7cc05d9b6e381cdd9cc248a5b54f99ede446c5a00cff56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cssesc" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f0f9ab5b97c85c49a42acb9c27359c79eade039ae83641a1c008888d93692080ed5089d5424331a802cc891736c5187c3d5d68afff2d3110f318886eb1ed73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/util-deprecate" + } + ] + }, + { + "type": "library", + "name": "nanoid", + "version": "3.3.7", + "bom-ref": "nanoid@3.3.7", + "author": "Andrey Sitnik", + "description": "A tiny (116 bytes), secure URL-friendly unique string ID generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nanoid@3.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/ai/nanoid.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ai/nanoid#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ai/nanoid/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "792469a6370f21ab5120c0b553a52780ff1715ccfc31058641db75313050ecd6809af5c37ef3716ef595df1db2e8274451c8824ac0c70d065b858681f10128da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nanoid" + } + ] + }, + { + "type": "library", + "name": "source-map-js", + "version": "1.2.0", + "bom-ref": "source-map-js@1.2.0", + "author": "Valentin 7rulnik Semirulnik", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map-js@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/7rulnik/source-map-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/7rulnik/source-map-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad256f25bd20344d71298624686b0b0292c9e57fc4b2be617322196da801e5b9777cf2990277e7172551d30f0742af4233c29b529b4df9207424b54bb541432" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-js" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "847ac88ef66c7ed3acbca4a7d9345897adf3bf1b201342bed2660ca07ea00f8a264792160762b29e2bc141cce8dfec05d5c0a48f3be9b6723d434b0f53aea297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-core-module" + } + ] + }, + { + "type": "library", + "name": "path-parse", + "version": "1.0.7", + "bom-ref": "path-parse@1.0.7", + "author": "Javier Blanco", + "description": "Node.js path.parse() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-parse@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jbgutierrez/path-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jbgutierrez/path-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c32733d510410f47ecb8f33f7703411dd325dbf29001c865a8fe4e5861d620a58dbfd84b0eb24b09aeaee5387c6bcab54e9f57a31baa00a7c6a1bce2100fcb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-parse" + } + ] + }, + { + "type": "library", + "name": "supports-preserve-symlinks-flag", + "version": "1.0.0", + "bom-ref": "supports-preserve-symlinks-flag@1.0.0", + "author": "Jordan Harband", + "description": "Determine if the current node version supports the `--preserve-symlinks` flag.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/node-supports-preserve-symlinks-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/node-supports-preserve-symlinks-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2dd169d74bd7e076480871e3dee911cd935580f3e9ae3dae9c4a3791dd5f0adbbabd041d6b4c4dd1d69ec7bf4cf567201cf2ce95beff0323259febcd4c02dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-preserve-symlinks-flag" + } + ] + }, + { + "type": "library", + "name": "sucrase", + "version": "3.35.0", + "bom-ref": "sucrase@3.35.0", + "author": "Alan Pierce", + "description": "Super-fast alternative to Babel for when you can target modern JS runtimes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sucrase@3.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/alangpierce/sucrase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alangpierce/sucrase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alangpierce/sucrase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sucrase/-/sucrase-3.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f046d50e2bbd88dfe7112c31792c4329ed1dba7b5ad463a51ee7e64925f1303db3dbfb4c6690cca6f5d01ac73e6a31a8f32dae6149a2c5a49151cfd03e843418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase" + } + ] + }, + { + "type": "library", + "name": "gen-mapping", + "group": "@jridgewell", + "version": "0.3.5", + "bom-ref": "@jridgewell/gen-mapping@0.3.5", + "author": "Justin Ridgewell", + "description": "Generate source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/gen-mapping@0.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/gen-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/gen-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2332fc66810320145613394271184e682ba963237981d20af90e9f6c574f0e0e87a97ea3a6422d9fb0c52295bd2d0cd71ba0dff6c03bf8e2a7ab4aa5cff19a42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/gen-mapping" + } + ] + }, + { + "type": "library", + "name": "set-array", + "group": "@jridgewell", + "version": "1.2.1", + "bom-ref": "@jridgewell/set-array@1.2.1", + "author": "Justin Ridgewell", + "description": "Like a Set, but provides the index of the `key` in the backing array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/set-array@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/set-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/set-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/set-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47c80b45365eca9d37ca6ccfffa2e297fdbcb46786133871d6ada4ef4dca19644023555dbcf217746ef4549736a40330dcd03a24a2f986116ed6c257d0c9e7fc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/set-array" + } + ] + }, + { + "type": "library", + "name": "sourcemap-codec", + "group": "@jridgewell", + "version": "1.4.15", + "bom-ref": "@jridgewell/sourcemap-codec@1.4.15", + "author": "Rich Harris", + "description": "Encode/decode sourcemap mappings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/sourcemap-codec@1.4.15", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/sourcemap-codec.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/sourcemap-codec/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "785dabc4246e9442971d34620eb0f2e9eacc616a8dc382cf750f14400e21baec5a42c55e44f165da833ca031b130584951665ff4c7292ed25ab030d96ff0697a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/sourcemap-codec" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.25", + "bom-ref": "@jridgewell/trace-mapping@0.3.25", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.25", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bcd93a684c326c6b5ac169b2fcfcf09c60ce8c290b5920f6c2abe3186020380c02196c926177d8a31b74d082644c5fbc2dbe7b0f039bdc06b4a3d080a5ea6261" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cc28352722d7ba6df6f99d6bfb57f71a235ebd38782fc236fb5785a4794bdb410763af9ad62aa1c588a59bfdf70ec01f82cc14fea9b5a3be3f8357046c92922" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8910cf24a50f544343edd1cf3bcae46ce9cfa720f281c0c5b568e9796342832f163f6ad77315cbf13b2445e425e8eac1d86efe509ada82cd6ad7916e75cec6eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cross-spawn" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "377c824bf35e82c381a2473c18074cf147267ec2a2492f1c8a985e0ff9e2bf3afbd341fe9ec30ec498d09efc0e711615b8591d1f4c0652f5b659b5c69ab6466d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jackspeak" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc8dc8da6d76a578e1bd0d0d3e0115d66414df9cfe16340ab3ba224aee5978e009b118abff2763384cf8f18d8df39c109fbc15c5cee726d6dc1dc85c9b16a10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width-cjs" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3128d8cdc58d380d1ec001e9cf4331a5816fc20eb28f2d4d1b7c6d7a8ab3eb8e150a8fd13e09ebd7f186b7e89cde2253cd0f04bb74dd335e126b09d5526184e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf29a6e7ebbeb02b125b20fda8d69e8d5dc316f84229c94a762cd868952e1c0f3744b8dbee74ae1a775d0871afd2193e298ec130096c59e2b851e83a115e9742" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-fullwidth-code-point" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23cf1361959cf578981d1438ff7739ae38df8248e12f25b696e18885e18445b350e8e63bc93c9b6a74a90d765af32ed550ff589837186be7b2ab871aee22ea58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eastasianwidth" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "637f153d21dcaa416b0a916743dbee4979aabaebf9a1738aa46793e9a1abaf7a3719cf409556ba2417d448e0a76f1186645fbfd28a08ecaacfb944b3b54754e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aae2505e54d25062f62c7f52517a3c570b18e2ca1a9e1828e8b3529bce04d4b05c13cb373b4c29762473c91f73fd9649325316bf7eea38e6fda5d26531410a15" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi-cjs" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdb07dac22404f5adb8e25436f686a2851cd60bc60b64f0d511c59dc86700f717a36dc5b5d94029e74a2d4b931f880e885d3e5169db6db05402c885e64941212" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c0ac90450a63274b08a7ad84ad265d1ac8cc256b1aa79a1136284786ee86ec954effd8c807a5327af2feb57b8eaab9e0f23fdcc4a4d6c96530bd24eb8a2673fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb55648dd0f44012cfa1d1ab2547aa6ab1fc54022f40e0c86f087d5e93f94b28ac7fb628420b0928f345a2aa8b425bbe550fed552b21311ea5a0f327f14f9d3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@pkgjs/parseargs" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2aa5a1f957217f170c3510098e3dad9ec48974d6c7b1582790185336b5bb023568e8ebcbb71c3ccdf4fda0bc35252a21945cc9f230a84e06a85ef27e907b7a7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.10.2", + "bom-ref": "path-scurry@1.10.2", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef14dabcdcb94505e7b2300dbd5bcc9048ef9683a29e4023bff67a225773f6fd918a767848129358539545b685f29d2fa479f28d5fd4c0d0dd2ae52fe8ce6a70" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry" + } + ] + }, + { + "type": "library", + "name": "lines-and-columns", + "version": "1.2.4", + "bom-ref": "lines-and-columns@1.2.4", + "author": "Brian Donovan", + "description": "Maps lines and columns to character offsets and back.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lines-and-columns@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/eventualbuddha/lines-and-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eventualbuddha/lines-and-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef297295eb1943f3d5dbd8e110397751f8e8e995fb802a89af917b3caaea73ddefedfcd2ca6b75069c0453c9c0517b3cab3cefaa16e384ae50660e8cb7f1e406" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lines-and-columns" + } + ] + }, + { + "type": "library", + "name": "mz", + "version": "2.7.0", + "bom-ref": "mz@2.7.0", + "author": "Jonathan Ong", + "description": "modernize node.js to current ECMAScript standards", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mz@2.7.0", + "externalReferences": [ + { + "url": "git+https://github.com/normalize/mz.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/normalize/mz#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/normalize/mz/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfcd4634eee79d830486b1a1f4b7b29a8138f98af45a7e4c70721930ae5c7d00a5f8d0d7d3cb0266051cf7fe8c1e78bd216b852e6d59dc74c25eedb3f5f37ad9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mz" + } + ] + }, + { + "type": "library", + "name": "any-promise", + "version": "1.3.0", + "bom-ref": "any-promise@1.3.0", + "author": "Kevin Beaty", + "description": "Resolve any installed ES6 compatible promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/any-promise@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevinbeaty/any-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/kevinbeaty/any-promise", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevinbeaty/any-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed4be629a95646dd708232f546b1b1a12256ff44191487a0a5e1af646f648e9f2fad1bb9e574c76f09eaab61a95e6f6e2db72e8719b722a5fd381e0c651d5bd8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/any-promise" + } + ] + }, + { + "type": "library", + "name": "object-assign", + "version": "4.1.1", + "bom-ref": "object-assign@4.1.1", + "author": "Sindre Sorhus", + "description": "ES2015 `Object.assign()` ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-assign@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/object-assign.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/object-assign/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac98134279149c7d6c170f324fa552537cc3dec5a6bbab19848b1e63c557f8646edcfe85ec5bbe24d0e85df9251256cb2529dcdc55101d57b8714e618fe05c52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-assign" + } + ] + }, + { + "type": "library", + "name": "thenify-all", + "version": "1.6.0", + "bom-ref": "thenify-all@1.6.0", + "author": "Jonathan Ong", + "description": "Promisifies all the selected functions in an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify-all@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify-all.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify-all#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify-all/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44dc501ffa88f3fb77b615c90f072cb543b8cdeaa8eb8f94cbffac355441c785e7d8e5fe399f683fe8899cd16aa6516b6b665455e28249ada85568b74f8b9598" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify-all" + } + ] + }, + { + "type": "library", + "name": "thenify", + "version": "3.3.1", + "bom-ref": "thenify@3.3.1", + "author": "Jonathan Ong", + "description": "Promisify a callback-based function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/thenify@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/thenables/thenify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thenables/thenify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thenables/thenify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "455652215e481b5d079377a7a2dae1bf3d13f5e9ba7321c12e41ff60066e2aa77c85190a8527c218870fd8a518d043f19ddcc034198d965cd63f06a4f9b85e4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/thenify" + } + ] + }, + { + "type": "library", + "name": "pirates", + "version": "4.0.6", + "bom-ref": "pirates@4.0.6", + "author": "Ari Porad", + "description": "Properly hijack require, i.e., properly define require hooks and customizations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pirates@4.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/danez/pirates.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/danez/pirates#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/danez/pirates/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pirates/-/pirates-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1a2ec1fb59e6183e20f6e4b0ee2d1458fe2fba1da3d8afa1b539494ddfda2dce4493c4a9ee6d1f514f14b7fca939d2cd60d894e01705900d0ca9942e7f48766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pirates" + } + ] + }, + { + "type": "library", + "name": "ts-interface-checker", + "version": "0.1.13", + "bom-ref": "ts-interface-checker@0.1.13", + "author": "Dmitry S, Grist Labs", + "description": "Runtime library to validate data against TypeScript interfaces", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ts-interface-checker@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/gristlabs/ts-interface-checker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gristlabs/ts-interface-checker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-interface-checker/-/ts-interface-checker-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63f6abbdb9feaebcf72422a5f42e2454d7d37d29b6fe6129e454b3e44b194803463d2950ae9448e4ce0f285fa6267139da338ef743e73d273752bddb4d0c3480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-interface-checker" + } + ] + }, + { + "type": "library", + "name": "tw-elements", + "version": "1.1.0", + "bom-ref": "tw-elements@1.1.0", + "author": "MDBootstrap", + "licenses": [ + { + "license": { + "name": "AGPL" + } + } + ], + "purl": "pkg:npm/tw-elements@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/Tailwind-Elements.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwind-elements.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/Tailwind-Elements/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tw-elements/-/tw-elements-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "214afd616da5f7da13559c6e563420eaba6e0a9a3a559a9b68a19899950d555b2849553f9633e9909018d8f9ff9a8ae55f028f84ff4c4cf3503255a8b2a1cbe3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@popperjs", + "version": "2.11.8", + "bom-ref": "@popperjs/core@2.11.8", + "author": "Federico Zivolo", + "description": "Tooltip and Popover Positioning Engine", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40popperjs/core@2.11.8", + "externalReferences": [ + { + "url": "git+https://github.com/popperjs/popper-core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/popperjs/popper-core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/popperjs/popper-core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f5b2dd1a92c0ab9fdb06661a7c18c63006742c6ef016b19017e38a1734dbcb1c6a8039ca15c668d98a886cb7043b4aa2a76d1e3b6a474d8beba57960fcfa0e8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@popperjs/core" + } + ] + }, + { + "type": "library", + "name": "chart.js", + "version": "3.9.1", + "bom-ref": "chart.js@3.9.1", + "description": "Simple HTML5 charts using the canvas element.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chart.js@3.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/Chart.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.chartjs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/Chart.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chart.js/-/chart.js-3.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "468d896cb9af83cde05c5e45e2c9e2690fa54db4afd7c13e4c87f670e7a21f522a7763c614eb5e9be0d4b9f319b02270144ef2c0f3a97d7141c114c6abb761eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chart.js" + } + ] + }, + { + "type": "library", + "name": "chartjs-plugin-datalabels", + "version": "2.2.0", + "bom-ref": "chartjs-plugin-datalabels@2.2.0", + "description": "Chart.js plugin to display labels on data elements", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chartjs-plugin-datalabels@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chartjs/chartjs-plugin-datalabels.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://chartjs-plugin-datalabels.netlify.app", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chartjs/chartjs-plugin-datalabels/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chartjs-plugin-datalabels/-/chartjs-plugin-datalabels-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d78654df4947ee7f3da2af80e1b59a24f9c01bc6bb65393b74a7f8f1803332f26342d8eb820e43a64f5ff8b6e3085e9ba71dd10064de2f5dc85e929063246f97" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chartjs-plugin-datalabels" + } + ] + }, + { + "type": "library", + "name": "deepmerge", + "version": "4.3.1", + "bom-ref": "deepmerge@4.3.1", + "description": "A library for deep (recursive) merging of Javascript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deepmerge@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/TehShrike/deepmerge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TehShrike/deepmerge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dec52a6cc11cefb5eaa5d34eec547246883e796de987e19809b8feacafae63244cbb0b15cb4acc895b4f9fe40994a16f58fff53d8a5aa6a627d0c7b6927167f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deepmerge" + } + ] + }, + { + "type": "library", + "name": "detect-autofill", + "version": "1.1.4", + "bom-ref": "detect-autofill@1.1.4", + "author": "Matteo Badini", + "description": "Small javascript library to detect and even prevent browsers autofill of form elements. Usefull for implementing floating labels or applying custom logics/styles.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-autofill@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/matteobad/detect-autofill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/matteobad/detect-autofill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-autofill/-/detect-autofill-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bad081430091fdb7929c00d09810bb0b8b53b9e0419180a5e964a97c652460a3bff8cccfc6a6068fa1b832f1f370a987d600932be56e9d7daf69a82f9115cfbc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-autofill" + } + ] + }, + { + "type": "library", + "name": "custom-event-polyfill", + "version": "1.0.7", + "bom-ref": "custom-event-polyfill@1.0.7", + "author": "Evan Krambuhl", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/custom-event-polyfill@1.0.7", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumarharsh/custom-event-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumarharsh/custom-event-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/custom-event-polyfill/-/custom-event-polyfill-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c30e47790e4699c5914cf29fb5237c8096f337ad2af5c1bace9621b8c898b08a731937ccff8862fb05394392b25c6139a05126f8cb054273765a52d3ad0bbeb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/custom-event-polyfill" + } + ] + }, + { + "type": "library", + "name": "perfect-scrollbar", + "version": "1.5.5", + "bom-ref": "perfect-scrollbar@1.5.5", + "author": "Hyunje Jun", + "description": "Minimalistic but perfect custom scrollbar plugin", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/perfect-scrollbar@1.5.5", + "externalReferences": [ + { + "url": "git+https://github.com/mdbootstrap/perfect-scrollbar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://perfectscrollbar.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mdbootstrap/perfect-scrollbar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/perfect-scrollbar/-/perfect-scrollbar-1.5.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7736a57eeb723f77bf14ea5d96156bc8de002795c355ab955b1c9b4a42d999a905136b12df2de97382674a9af0f2d1a61ef91a1b911daf94fb2c14d9f96594da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/perfect-scrollbar" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74ecbedc0b96ddadb035b64722e319a537208c6b8b53fb812ffb9b71917d3976c3a3c7dfe0ef32569e417f479f4bcb84a18a39ab8171edd63d3a04065e002c40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "quick-lru", + "version": "5.1.1", + "bom-ref": "quick-lru@5.1.1", + "author": "Sindre Sorhus", + "description": "Simple “Least Recently Used” (LRU) cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/quick-lru@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/quick-lru.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/quick-lru/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5aec802d18d63c31adb7fc3326269d3b901763ef2167cd215697ba3328af82b691116ef9d57dd26e146f1b778b28e60dfbc544bea2dc7f7c1d9ede386784b848" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/quick-lru" + } + ] + }, + { + "type": "library", + "name": "validator", + "version": "13.12.0", + "bom-ref": "validator@13.12.0", + "author": "Chris O'Hara", + "description": "String validation and sanitization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/validator@13.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/validatorjs/validator.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/validatorjs/validator.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/validatorjs/validator.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "73543498288f960753555548248ac1bb136271813eb7fee829e23d3162e3ddf87fbaad8fc61ff779e59b559e0e7065b54d47f9dc0b749e31f0e5231d037b6632" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validator" + } + ] + }, + { + "type": "library", + "name": "winston", + "version": "3.13.0", + "bom-ref": "winston@3.13.0", + "author": "Charlie Robbins", + "description": "A logger for just about everything.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston@3.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/winston.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af089d980d70dd21388f413932e22e7c587224f0431bb36eef5464668af5a76faa1ef25267d1980c0f3503295e41c65b87ff95e878de05d7e74d9266f6b49e41" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston" + } + ] + }, + { + "type": "library", + "name": "xml-formatter", + "version": "3.6.2", + "bom-ref": "xml-formatter@3.6.2", + "author": "Chris Bottin", + "description": "Converts a XML string into a human readable format (pretty print) while respecting the xml:space attribute", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-formatter@3.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-formatter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-formatter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-formatter/-/xml-formatter-3.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a75a17af64d3b07df645521ce5d5631c85af2514b654809ecdcc5b39520e193850a8361786617cf527d233fdef9c4e7f6b0a4b93d46c1369ccfe6259851ce1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-formatter" + } + ] + }, + { + "type": "library", + "name": "xml-parser-xo", + "version": "4.1.1", + "bom-ref": "xml-parser-xo@4.1.1", + "author": "Chris Bottin", + "description": "Parse a XML string into a proprietary syntax tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml-parser-xo@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chrisbottin/xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chrisbottin/xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml-parser-xo/-/xml-parser-xo-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a07f6cbdd3e63a7bd20ae61a0fb9e99b547274dcf84349d8657449a0cdb8a1ceef64d17068d2c7dc1716928b85b53e5512488d6893e309d09097527f94e0897" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml-parser-xo" + } + ] + }, + { + "type": "library", + "name": "xml2js", + "version": "0.6.2", + "bom-ref": "xml2js@0.6.2", + "author": "Marek Kubica", + "description": "Simple XML to JavaScript object converter.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xml2js@0.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/Leonidas-from-XIV/node-xml2js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Leonidas-from-XIV/node-xml2js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f8ae2787682d445dc112d0ac718f825681a5101c393eab01dc60e0851df8b02b3eed3953cbabb1e3abd74cd5608c87296a3047cfee131c3880a1be8b6265e80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xml2js" + } + ] + }, + { + "type": "library", + "name": "heimdall-lite", + "group": "@mitre", + "version": "2.10.9", + "bom-ref": "@mitre/heimdall-lite@2.10.9", + "description": "Heimdall-Lite 2 is a JavaScript based security results viewer and review tool supporting multiple security results formats, such as: InSpec, SonarQube, OWASP-Zap and Fortify which you can load locally or from S3 and other data sources.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/heimdall-lite@2.10.9", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/heimdall2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/heimdall2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/heimdall2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/heimdall-lite/-/heimdall-lite-2.10.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2461c6dd654cc64d0fe72259a9ce9c523f6cc15b5f4dab68a0b6408109cca569420a5f72a47f4d15c350a49f04c5300a91b4c4aa9d260f00155d13e8d4cec663" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/heimdall-lite" + } + ] + }, + { + "type": "library", + "name": "express", + "version": "4.19.2", + "bom-ref": "express@4.19.2", + "author": "TJ Holowaychuk", + "description": "Fast, unopinionated, minimalist web framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/express@4.19.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/express.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://expressjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/express/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e53ea7863b13f8438ccee724f098c11c04531df321b743cece503ad16576a4c0f78325f0d8b66767eb9e19d3711bed1c6a538971629ba4572eccb67dd585aaf5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express" + } + ] + }, + { + "type": "library", + "name": "inspec-objects", + "group": "@mitre", + "version": "1.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1", + "author": "The MITRE Security Automation Framework", + "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/inspec-objects@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/ts-inspec-objects.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/ts-inspec-objects/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@mitre/inspec-objects/-/inspec-objects-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a7136eb75cf5d4548971c289f5e7466f82a8cf013f3f797022b0b49b04307009b52f45647794525979c232788ae0db3f437334472066b39cea8733e4fcd8038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects" + } + ] + }, + { + "type": "library", + "name": "flat", + "group": "@types", + "version": "5.0.5", + "bom-ref": "@types/flat@5.0.5", + "description": "TypeScript definitions for flat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/flat@5.0.5#types/flat", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/flat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/flat/-/flat-5.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cf2e58d940a4a769ce77283503ceecdd45f188d130dbe6a3eb6fe4ab43237732d750ace9c6b0a9e21cdd62619b0910121542f7bde18ea0373db6b2021266af9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "group": "@types", + "version": "1.2.3", + "bom-ref": "@types/he@1.2.3", + "description": "TypeScript definitions for he", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/he@1.2.3#types/he", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/he", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/he/-/he-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abaeffab09716e50f3103bf31e1564c1cd60cd55b168dc5ec87501178c4496bbe32f5d4ef98b737bed5f1a904796bfc7f66ca20546945cd9cd3e6047c717c070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/he" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "group": "@types", + "version": "0.7.0", + "bom-ref": "@types/json-diff@0.7.0", + "description": "TypeScript definitions for json-diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-diff@0.7.0#types/json-diff", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-diff/-/json-diff-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "db4209aaea461f2c2d21a13a7d2df48b2821ddd56a55dce6b27ad89ff545b916902b12f1fd1187e4af618427dcb55c6037b2b32659c3ee060500eacdc220a0b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-diff" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/jstoxml@2.0.4", + "description": "TypeScript definitions for jstoxml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jstoxml@2.0.4#types/jstoxml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jstoxml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jstoxml/-/jstoxml-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c750ca76b7c09f254b0ab7caa396ca595a59157af785836785fe4455f022a2350f8577798991f7b12035ed6449c6ff868965109534d9f8eb335d75254850dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jstoxml" + } + ] + }, + { + "type": "library", + "name": "lodash", + "group": "@types", + "version": "4.17.4", + "bom-ref": "@types/lodash@4.17.4", + "description": "TypeScript definitions for lodash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/lodash@4.17.4#types/lodash", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/lodash", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/lodash/-/lodash-4.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1808fdba64bc5a4f7477f6488ddbe1dc278913777535c1a23f718ee2bd662a14fea95b764da6f8ba59de8f1d9c7b4ffb7ccf4be5917320dd060b6bb0d9fc825" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/lodash" + } + ] + }, + { + "type": "library", + "name": "pretty", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/pretty@2.0.3", + "description": "TypeScript definitions for pretty", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/pretty@2.0.3#types/pretty", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/pretty", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/pretty/-/pretty-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c51f7aa5284d96bc4b777819ab30a76da0266d88624588d6e750831637a4b597a6aa9059040024330c66e2006b6893ffc5280a72c4212d77655cec03356a3855" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/pretty" + } + ] + }, + { + "type": "library", + "name": "flat", + "version": "5.0.2", + "bom-ref": "flat@5.0.2", + "author": "Hugh Kennedy", + "description": "Take a nested Javascript object and flatten it, or unflatten an object with delimited keys", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/flat@5.0.2", + "externalReferences": [ + { + "url": "git://github.com/hughsk/flat.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hughsk/flat", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hughsk/flat/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat/-/flat-5.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fab2e103fb9ff7ad3a5405d1b582ea4897c30f14200c034417c269632e1bc250a714bdd138816932f73a6e1827171ceb33e09f703c6356aba38aa66233cf785" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat" + } + ] + }, + { + "type": "library", + "name": "he", + "version": "1.2.0", + "bom-ref": "he@1.2.0", + "author": "Mathias Bynens", + "description": "A robust HTML entities encoder/decoder with full Unicode support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/he@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/he.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/he", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/he/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17fd439d418fa29391662d278be0afac28074391721001d12d2029b9858c9ab6d2c28376327ffb93e1a5dfc8099d1ef2c83664e962d7c221a877524e58d0ca1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/he" + } + ] + }, + { + "type": "library", + "name": "domelementtype", + "version": "2.3.0", + "bom-ref": "domelementtype@2.3.0", + "author": "Felix Boehm", + "description": "all the types of nodes in htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domelementtype@2.3.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domelementtype.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domelementtype#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domelementtype/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38b113063eb0d0eb1a801c1d5e73dd37472731f17da2937af5ca3eed9adb7cf1ab7693d5341523d36b298ba07537bc0284b4223e7e02487ff326f5f0e7a8261f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domelementtype" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "4.1.2", + "bom-ref": "chalk@4.1.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a0a9db845c91217a54b9ecfc881326c846b89db8f820e432ba173fc32f6463bfd654f73020ef5503aebc3eef1190eefed06efa48b44e7b2c3d0a9434eb58b898" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "3.0.0", + "bom-ref": "slash@3.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83d43585a79bcb7e8e492b706f89ed08618668ab1a5528d0ebc7c1c6841cbad9797d2d6fb98d7c1f7c12b778c5c85b6b931f8acf45751bce40e0cc80743322d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slash" + } + ] + }, + { + "type": "library", + "name": "v8-coverage", + "group": "@bcoe", + "version": "0.2.3", + "bom-ref": "@bcoe/v8-coverage@0.2.3", + "author": "Charles Samborski", + "description": "Helper functions for V8 coverage files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40bcoe/v8-coverage@0.2.3", + "externalReferences": [ + { + "url": "git://github.com/demurgos/v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://demurgos.github.io/v8-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/demurgos/v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21610f120780dbe73bd90786b174c1c6c046908e467316342237d2d562f2050769d25075bdb58a715ab88fad60c0488c626976b1f3744470bc6e49d9c63d9b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@bcoe/v8-coverage" + } + ] + }, + { + "type": "library", + "name": "collect-v8-coverage", + "version": "1.0.2", + "bom-ref": "collect-v8-coverage@1.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/collect-v8-coverage@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/SimenB/collect-v8-coverage.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SimenB/collect-v8-coverage/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "947978779fce3446cb949bda24db6c17f2f3f96bc1d3bbb6c9ca9361b76babb532a435da8a5112e2f6a561bd9e5a2245c599559a919e91faa8c50873c85753e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/collect-v8-coverage" + } + ] + }, + { + "type": "library", + "name": "exit", + "version": "0.1.2", + "bom-ref": "exit@0.1.2", + "author": "\"Cowboy\" Ben Alman", + "description": "A replacement for process.exit that ensures stdio are fully drained before exiting.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "https://github.com/cowboy/node-exit/blob/master/LICENSE-MIT" + } + } + ], + "purl": "pkg:npm/exit@0.1.2", + "externalReferences": [ + { + "url": "git://github.com/cowboy/node-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cowboy/node-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cowboy/node-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "664fde34a576cdb8e92b3aec43e9f51baa6855b12b4312742c13895da299d445622f31fe86b2eef5c757238cf0f5d05026c970044a5b4363f5a12ee70f1b3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/exit" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "7.2.3", + "bom-ref": "glob@7.2.3", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@7.2.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9c5474ccba54d9809a471c28089bcbe94bc21f6245c85548bf04cbb087f6d40b8794cb240358614dd93e2e5609b4e958b7dbfa76fb330f604646a04bfa240af5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45b279fe398570d342703579a3d7939c12c9fc7b33595d0fef76dcf857f89d2feb263f98692e881b288e2f45680585fe9755ab97793ade1fcaac7fa7849d17bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "version": "3.2.2", + "bom-ref": "istanbul-lib-coverage@3.2.2", + "author": "Krishnan Anantheswaran", + "description": "Data library for istanbul coverage objects", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-coverage@3.2.2#packages/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3bc769b05fabd1657ff0c35129f9e6aed09686e2a3c6bab6c3e8e9cc12f95192938b62de5569d63a6591c4595eb0938d99cfb02c01af29064439a9e4a342c54e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/core@7.24.4", + "author": "The Babel Team", + "description": "Babel compiler core.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/core@7.24.4#packages/babel-core", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20core%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/core/-/core-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3015653173fe924979dfde1104b4b1c64fe22d37951ae5d35777080d76af3e930caa74a7b7a6a92a06a7fd4f0edd44966425994ff4db81f12929ae2e3203780e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/parser@7.24.4", + "author": "The Babel Team", + "description": "A JavaScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/parser@7.24.4#packages/babel-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A+parser+%28babylon%29%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd3bc405c82199e0666bd4081ae9d67afbc1029e3f42ef4176afb69343ade1f54c0fabf776c0bd58e71148a93bb5147204cff9df228c264a3dc4e6ad1900304a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/parser" + } + ] + }, + { + "type": "library", + "name": "schema", + "group": "@istanbuljs", + "version": "0.1.3", + "bom-ref": "@istanbuljs/schema@0.1.3", + "author": "Corey Farrell", + "description": "Schemas describing various structures used by nyc and istanbuljs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/schema@0.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "657458e2336f56049543c0cbdcb4dc6a4680b57c13554c44f3586c96cc83d80b685d6ff05686f5d0790e2755ffa4095c23b0fed98a192a0e5da3c1bfc3a45880" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/schema" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "version": "3.0.1", + "bom-ref": "istanbul-lib-report@3.0.1", + "author": "Krishnan Anantheswaran", + "description": "Base reporting library for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-report@3.0.1#packages/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1827c4d66b6c1c63842c253c7bf67b616ce99b26ebc7ff9d4937cbaef63ca9199a63acd74ca5a7e964088da005c34ebd89c9ba19530d920bb437323888f65437" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-source-maps", + "version": "4.0.1", + "bom-ref": "istanbul-lib-source-maps@4.0.1", + "author": "Krishnan Anantheswaran", + "description": "Source maps support for istanbul", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-source-maps@4.0.1#packages/istanbul-lib-source-maps", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-source-maps", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f7b3c13091d1482421b704f28162fb248171a8cbcf00473bde8248ad93ad0dc5177096d2ce4da1fb09488c457bf0628ae5d10ef5da212371607e7cafccad657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-source-maps" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "version": "3.1.7", + "bom-ref": "istanbul-reports@3.1.7", + "author": "Krishnan Anantheswaran", + "description": "istanbul reports", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-reports@3.1.7#packages/istanbul-reports", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05ec265172267ae464d986343d56f180a032b2f8513d4404d21e5044cfbe9d55b2b9b28657497ca90e68a7cf81d833a6c127badc98af8f406390f4157fc7cfe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "merge-stream", + "version": "2.0.0", + "bom-ref": "merge-stream@2.0.0", + "author": "Stephen Sugden", + "description": "Create a stream that emits events from multiple other streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-stream@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/grncdr/merge-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/grncdr/merge-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/grncdr/merge-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69bbffa8e72e3df9375113df0f39995352ca9aec3c913fb49c81ef2ab2a016bc227e897f76859c740e19aac590f0436b14a91debb31fa68fcba2f6c852c6eddf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-stream" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "8.1.1", + "bom-ref": "supports-color@8.1.1", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@8.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3295043763a876d533c6f29097bd9c505ed14391221ec1af4ac546d226bd73945b5862f6088e02ec4a4f4bc513048a659e5cd988db95e7ac3e16e371cb7b72d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "string-length", + "version": "4.0.2", + "bom-ref": "string-length@4.0.2", + "author": "Sindre Sorhus", + "description": "Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-length@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa5eab34de5f607361659cb8d515ec629b428c0d88826ab8106ee4640605408d44d554d76abafa64f5c183a7aaed8e9e2b8144858e80265cae1486ffbff4b455" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string-length" + } + ] + }, + { + "type": "library", + "name": "terminal-link", + "version": "2.1.1", + "bom-ref": "terminal-link@2.1.1", + "author": "Sindre Sorhus", + "description": "Create clickable links in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/terminal-link@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/terminal-link.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/terminal-link/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d059a245440daf93c9ab2f643fb738d05e4139fa469584ebc689c30a111907ba7367144da7f6edfb29a2cbdfe7a705f26bd287f7d9c9fc65c522252460615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/terminal-link" + } + ] + }, + { + "type": "library", + "name": "ansi-escapes", + "version": "4.3.2", + "bom-ref": "ansi-escapes@4.3.2", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for manipulating the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-escapes@4.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ansi-escapes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ansi-escapes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80a5e3e402eb29640bb181bd8e54d1991ff12a5bb11d5f99f501303488027ccd7fbb03cc0aecd55678799b04ddf8eb8165cc1220c6eab2c356466d65139d5069" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-escapes" + } + ] + }, + { + "type": "library", + "name": "supports-hyperlinks", + "version": "2.3.0", + "bom-ref": "supports-hyperlinks@2.3.0", + "author": "James Talmage", + "description": "Detect if your terminal emulator supports hyperlinks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-hyperlinks@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/supports-hyperlinks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/supports-hyperlinks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "469b00665a56703c0e3d0036d9a087e09d2decbf09980bec0b17ce484c26edc42cdcbb21377e9069393077bd039c13970d61acb30d9e52873c09a4564f45ee9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks" + } + ] + }, + { + "type": "library", + "name": "v8-to-istanbul", + "version": "9.2.0", + "bom-ref": "v8-to-istanbul@9.2.0", + "author": "Ben Coe", + "description": "convert from v8 coverage format to istanbul's format", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/v8-to-istanbul@9.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/v8-to-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/v8-to-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fc41ffb03831536786c5a8ca7702c20e6438156abe9298b7b829811a9c35c49b67031123943f23f0f122196a4220c22cddc88d0201f47774d3262524633c998c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-to-istanbul" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-coverage", + "group": "@types", + "version": "2.0.6", + "bom-ref": "@types/istanbul-lib-coverage@2.0.6", + "description": "TypeScript definitions for istanbul-lib-coverage", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-coverage@2.0.6#types/istanbul-lib-coverage", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-coverage", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-coverage", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9017fb7f6ae5a6d25b32f17b4a54f1b5f6fdec48e42525efd81d981f8dbfca0411ce19257e276abf4baef5adcabdb9306b2c05e6669a8989a41b313fb3354d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-coverage" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-istanbul", + "version": "6.1.1", + "bom-ref": "babel-plugin-istanbul@6.1.1", + "author": "Thai Pangsakulyanont @dtinth", + "description": "A babel plugin that adds istanbul instrumentation to ES6 code", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/babel-plugin-istanbul@6.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/babel-plugin-istanbul.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/babel-plugin-istanbul/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635210a24f7cdb5702f689c2c79a2d8057d19bb2e6f88fb0c313b1ef7f0cfd62cf67d438da6e081b95b414d5fc58b2f6818319a37264b97207d833a958cfaac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul" + } + ] + }, + { + "type": "library", + "name": "fast-json-stable-stringify", + "version": "2.1.0", + "bom-ref": "fast-json-stable-stringify@2.1.0", + "author": "James Halliday", + "description": "deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-json-stable-stringify@2.1.0", + "externalReferences": [ + { + "url": "git://github.com/epoberezkin/fast-json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96177fc05f8b93df076684c2b6556b687b5f8795d88a32236a55dc93bb1a52db9a9d20f22ccc671e149710326a1f10fb9ac47c0f4b829aa964c23095f31bf01f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-json-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "4.0.2", + "bom-ref": "write-file-atomic@4.0.2", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@4.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecac5ab947419927569e6a5a18583ea69363285f2e34baf2f0bcb38dab900ce54e35f14b34aacabd03b167f56e4c8712fe081efd835a85fe512084164d26ab96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/write-file-atomic" + } + ] + }, + { + "type": "library", + "name": "execa", + "version": "5.1.1", + "bom-ref": "execa@5.1.1", + "author": "Sindre Sorhus", + "description": "Process execution for humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/execa@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/execa.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/execa#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/execa/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/execa/-/execa-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e4a9659a1c01944100f20420d263dcba3d1f21a2b6595ccdcdbb121e586288e3305327f321cc0cc6941c4d89a9fab4e43ff0b9cc08e091944725edd6f721ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/execa" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "3.1.0", + "bom-ref": "p-limit@3.1.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d839a9ccdf01b0346b193767154d83c0af0e39e319d78f9aa6585d5b12801ce3e714fe897b19587ba1d7af8e9d4534776e1dcdca64c70576ec54e5773ab8945" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "co", + "version": "4.6.0", + "bom-ref": "co@4.6.0", + "description": "generator async control flow goodness", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/co@4.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/tj/co.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/co#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/co/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4156f474ce47bc6fae6b18ad9bcc0e365ee396dc7c76a85f537dc372ab4e65c2d25482920c32c38bbfb42db00a8b223c843f6ee369b66315d290c1964e169e71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/co" + } + ] + }, + { + "type": "library", + "name": "is-generator-fn", + "version": "2.1.0", + "bom-ref": "is-generator-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if something is a generator function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-generator-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-generator-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-generator-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "713201e323d82ff1abc3411a4b3012ce0e9b072f60a82a1fbd637ca244e1018231289642fae7654409866ccd172de9e21094acf2e1201cf1ae1d27b55ec38b49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-generator-fn" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "version": "2.0.6", + "bom-ref": "stack-utils@2.0.6", + "author": "James Talmage", + "description": "Captures and cleans stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-utils@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/stack-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/stack-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/stack-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-utils/-/stack-utils-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5916bdf226e919ac5ad349c7ebaab4a2d2f1ea856f1520d19ccb5ea63471a132f65ee1aee5fc2298839e3b0b6afa0182a08247bd53a963bc31a5d885e27745" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "5.2.0", + "bom-ref": "parse-json@5.2.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b208abe6fe98421b13a461148233cda20f072df3f1289d2120092c56c43eef7ba8c7820b059787d955004f44d810a0a8ae57fa1d845ac6cd05d9c1b89f0bc46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "strip-json-comments", + "version": "3.1.1", + "bom-ref": "strip-json-comments@3.1.1", + "author": "Sindre Sorhus", + "description": "Strip comments from JSON. Lets you use comments in your JSON files!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-json-comments@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-json-comments.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-json-comments/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9f3dcf91e22870a8fe8dfda22fd9fd60307f25395b56407a2a0b8c8aea8483555a1cba602c7c2aa39179ea89832198cc12fe61072e9ed57a196ddea97a9448a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-json-comments" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "group": "@types", + "version": "4.1.9", + "bom-ref": "@types/graceful-fs@4.1.9", + "description": "TypeScript definitions for graceful-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/graceful-fs@4.1.9#types/graceful-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/graceful-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/graceful-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a253f7b1dd6a3847b97574d2685bd01bed3655d45771dcad58b019b00ab53de714f2ea9002192b9db962ec36a08ed5ca5bf065ed825b52c6bc30f72e73c2c711" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/graceful-fs" + } + ] + }, + { + "type": "library", + "name": "anymatch", + "version": "3.1.3", + "bom-ref": "anymatch@3.1.3", + "author": "Elan Shanker", + "description": "Matches strings against configurable strings, globs, regular expressions, and/or functions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/anymatch@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/anymatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/anymatch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/anymatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28c45e154af4078b7e0fe381923477298aafa1ca765da4b33b9e54701ea681031ddca6dc13e9964f2bd557b0ffcec7446cd9d5e9a71952eb64887417bd3af547" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/anymatch" + } + ] + }, + { + "type": "library", + "name": "fb-watchman", + "version": "2.0.2", + "bom-ref": "fb-watchman@2.0.2", + "author": "Wez Furlong", + "description": "Bindings for the Watchman file watching service", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/fb-watchman@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79d7ad41a9bb826929c1f2321bcd01ce96982c3e62b9ac95437c328ef75031b39342d6ebb71d1426eb0b7d71df7ff86b504083b9dc97465d7a320e94c0b2060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fb-watchman" + } + ] + }, + { + "type": "library", + "name": "fsevents", + "version": "2.3.3", + "bom-ref": "fsevents@2.3.3", + "description": "Native Access to MacOS FSEvents", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fsevents@2.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/fsevents/fsevents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fsevents/fsevents", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fsevents/fsevents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e71a037d7f9f2fb7da0139da82658fa5b16dc21fd1efb5a630caaa1c64bae42defbc1d181eb805f81d58999df8e35b4c8f99fade4d36d765cda09c339617df43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fsevents" + } + ] + }, + { + "type": "library", + "name": "walker", + "version": "1.0.8", + "bom-ref": "walker@1.0.8", + "author": "Naitik Shah", + "description": "A simple directory tree walker.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/walker@1.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-walker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-walker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/walker/-/walker-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6cffc13c9796fb918d2f9562dec0e9035cc98f74b7155781a63902f2c6e4acc0826cc1e78566d02c305ee4d4db33cfe4d8050ae56119b33a7af7f7ccb525e99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/walker" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/code-frame@7.24.2", + "author": "The Babel Team", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.24.2#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-code-frame", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb9fad2d0c95f298377ec8a59faec154b0f53f5dc4838961e515bd985d3352ebcbaeff6e210e0c08bf82453f854ec0650637086a7e8f1ac2dc04dd26dc2954c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/code-frame" + } + ] + }, + { + "type": "library", + "name": "stack-utils", + "group": "@types", + "version": "2.0.3", + "bom-ref": "@types/stack-utils@2.0.3", + "description": "TypeScript definitions for stack-utils", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/stack-utils@2.0.3#types/stack-utils", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/stack-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/stack-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5a11b619dd36d83339cf75c76bdd2988acb5f00bf00a65741e09ff4f81aa3908a6fc0b21ee117e63cd63d392fade82f85124772944ee81168196f7271a3a463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/stack-utils" + } + ] + }, + { + "type": "library", + "name": "jest-pnp-resolver", + "version": "1.2.3", + "bom-ref": "jest-pnp-resolver@1.2.3", + "description": "plug'n'play resolver for Webpack", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-pnp-resolver@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/arcanis/jest-pnp-resolver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/arcanis/jest-pnp-resolver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fb7369c10127468201b71e1fca16e54033e0248d07d48108917ed284b5233c603b4ed513bc8d6888a8b7491e28051d21421411f349785807b946b5c1c16300f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-pnp-resolver" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "3.1.0", + "bom-ref": "detect-newline@3.1.0", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cbcfec7fbc45e6fd8ecfef09f510914d2f1629503e1380ca2cc58e9f0152549c931bba91c13a7731c96506f4ea53687f44043eee148e4b7c482630e739e03b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-newline" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "version": "0.5.13", + "bom-ref": "source-map-support@0.5.13", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/source-map-support@0.5.13", + "externalReferences": [ + { + "url": "git+https://github.com/evanw/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/evanw/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "48748a14769d8d5039a11e0f3ea86d01575c056c1161577a83a7005e721b4622307361213eb4ee29405d48bbe510ac883f71827fcf5f96dbdc6623fd30c140d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map-support" + } + ] + }, + { + "type": "library", + "name": "type-detect", + "version": "4.0.8", + "bom-ref": "type-detect@4.0.8", + "author": "Jake Luer", + "description": "Improved typeof detection for node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-detect@4.0.8", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/type-detect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/type-detect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/type-detect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1faff9881f57653bec7b4e570ccbe6c80ea28fb30ffbd2d5727875bbf3b828423866a9a65ed74bb02ee8ee6caf6af4b83a162868d4a50a0d8cf467b93b839fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-detect" + } + ] + }, + { + "type": "library", + "name": "callsites", + "version": "3.1.0", + "bom-ref": "callsites@3.1.0", + "author": "Sindre Sorhus", + "description": "Get callsites from the V8 stack trace API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/callsites@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/callsites.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/callsites#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/callsites/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fc06302c5ef652f95203508d7584709012fef8613ebb6148b924914d588a8bdb7e6c0668d7e3eab1f4cbaf96ce62bf234435cb71e3ac502d0dda4ee13bb2c69" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/callsites" + } + ] + }, + { + "type": "library", + "name": "cjs-module-lexer", + "version": "1.2.3", + "bom-ref": "cjs-module-lexer@1.2.3", + "author": "Guy Bedford", + "description": "Lexes CommonJS modules, returning their named exports metadata", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cjs-module-lexer@1.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/cjs-module-lexer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/cjs-module-lexer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d133621acb5b426085c2de1a9238c1839a4b4534b28ff3e4590d59a0edb39ed9a0f722ea491c7011ae2209f40b1a3aa18aa05f3896bb5bf13cc1f1ab4c39a565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cjs-module-lexer" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "4.0.0", + "bom-ref": "strip-bom@4.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df1bab16fe6d1208a2df7662f09b69e79c042082d1f5e877e05016d343d97fe2674ac4e657f8a87b04a0425f7b247be08e8446c0f4a1b169be21daf1077e5dd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-bom" + } + ] + }, + { + "type": "library", + "name": "generator", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/generator@7.24.4", + "author": "The Babel Team", + "description": "Turns an AST into code.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/generator@7.24.4#packages/babel-generator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20generator%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/generator/-/generator-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ddebebfa4a78d6571fe7bacfb2d25d6cc4c39338c064c8be3e04875b00bc9ab509c07bf49156300d7833d2098697fa2d62266b8648a7f767e13e57fbdad47bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-typescript", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-typescript@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of TypeScript syntax", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-typescript@7.24.1#packages/babel-plugin-syntax-typescript", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-typescript", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6219e6bf2e476449c752dcba8befa071f1f5fe5ebc0079c8b451e7682bfa867f5d361d2142fbd026cc698b804c0453790cb78706eb9c4ffd038335e27ff3b247" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-typescript" + } + ] + }, + { + "type": "library", + "name": "traverse", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/traverse@7.24.1", + "author": "The Babel Team", + "description": "The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/traverse@7.24.1#packages/babel-traverse", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20traverse%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c6e53aa3d9baf0a7aa65b42e0edd9370a4b1530fe6aecbdabe512a43595e67f07e0bdb64e84e2c456cbded669782fab913e9d4ddc5ccc6fdd628e09a9d530299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/types@7.24.0", + "author": "The Babel Team", + "description": "Babel Types is a Lodash-esque utility library for AST nodes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/types@7.24.0#packages/babel-types", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20types%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa3edae5cdb9dd17ca87c880041872c1cf0d49f3f92d445eed4878aa9b21ea373e68b260baf98850176349d10c42fd9b10dac247931f45d8c6a3bbf34bfa1bef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/types" + } + ] + }, + { + "type": "library", + "name": "babel__traverse", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__traverse@7.20.5", + "description": "TypeScript definitions for @babel/traverse", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__traverse@7.20.5#types/babel__traverse", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__traverse", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__traverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5970b239c46d1f7ec70149295e151db9ac5d9bcd9be064a5c93a9a8d7be237811f8ae3e0358475d3dc4c08abe997accf229b9ad031a53040c2abe83c11da2179" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__traverse" + } + ] + }, + { + "type": "library", + "name": "prettier", + "group": "@types", + "version": "2.7.3", + "bom-ref": "@types/prettier@2.7.3", + "description": "TypeScript definitions for prettier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prettier@2.7.3#types/prettier", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prettier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prettier", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prettier/-/prettier-2.7.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fbaf243fdcb3b382cca7b54d87c81dccc48f6452f8e0c2c6aa21d6bedb5825efbaaa7b95af8124f70481428bdea98febf8bc2309c536f643559227708a6fa460" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prettier" + } + ] + }, + { + "type": "library", + "name": "babel-preset-current-node-syntax", + "version": "1.0.1", + "bom-ref": "babel-preset-current-node-syntax@1.0.1", + "author": "Nicolò Ribaudo", + "description": "A Babel preset that enables parsing of proposals supported by the current Node.js version.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-current-node-syntax@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nicolo-ribaudo/babel-preset-current-node-syntax/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "33b2d0d1bc5aae4c50a0dfafcf96893ec2c19fbee7f10813166a3c58ad3fe386ae2b6c65097ad8714c47171814eea5b9633c3f0a398b44adae27368277b2efa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-current-node-syntax" + } + ] + }, + { + "type": "library", + "name": "natural-compare", + "version": "1.4.0", + "bom-ref": "natural-compare@1.4.0", + "author": "Lauri Rooden", + "description": "Compare strings containing a mix of letters and numbers in the way a human being would in sort order.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-compare@1.4.0", + "externalReferences": [ + { + "url": "git://github.com/litejs/natural-compare-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/litejs/natural-compare-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "396343f1e8b756d342f61ed5eb4a9f7f7495a1b1ebf7de824f0831b9b832418129836f7487d2746eec8408d3497b19059b9b0e6a38791b5d7a45803573c64c4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-compare" + } + ] + }, + { + "type": "library", + "name": "leven", + "version": "3.1.0", + "bom-ref": "leven@3.1.0", + "author": "Sindre Sorhus", + "description": "Measure the difference between two strings using the fastest JS implementation of the Levenshtein distance algorithm", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/leven@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/leven.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/leven#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/leven/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aac75af87f234da51a37fc79bf35b6af373ef11c384c043fe0a8c1e3a2302b9547f8895579e7a37bf128651a625ef22a8c580af3841f7ea3f3b462375412c6d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/leven" + } + ] + }, + { + "type": "library", + "name": "react-is", + "version": "18.2.0", + "bom-ref": "react-is@18.2.0", + "description": "Brand checking of React Elements.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/react-is@18.2.0#packages/react-is", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/react.git#packages/react-is", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://reactjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/react/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/react-is/-/react-is-18.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c56183216eb1f76d71b733e486250bb6d8491e826f05b177ab6e9fce5a0f08ad21b2fc6d3d57a5bdfb70df38db1d64a4476926f59fb8bb16c30caffa670f41f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/react-is" + } + ] + }, + { + "type": "library", + "name": "rimraf", + "version": "3.0.2", + "bom-ref": "rimraf@3.0.2", + "author": "Isaac Z. Schlueter", + "description": "A deep deletion module for node (like `rm -rf`)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/rimraf@3.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/rimraf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/rimraf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/rimraf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "25990931990018514f3f662a5d95cf6cc94c060b31cc4f082ece253085ffda8d0bf54070f4efd8de8eb0170fe2f582daa5c5095b0a9b8b791dc483dd0bad9320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rimraf" + } + ] + }, + { + "type": "library", + "name": "istanbul-reports", + "group": "@types", + "version": "3.0.4", + "bom-ref": "@types/istanbul-reports@3.0.4", + "description": "TypeScript definitions for istanbul-reports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-reports@3.0.4#types/istanbul-reports", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-reports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-reports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a64d81d4d59a945f6da0246eea08c1cd1ebdb321633f839df164405fed2699ff6502309189c2ce59cf99af1647c7fd17463a2d82417db7a89a309f9a5dc39d65" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-reports" + } + ] + }, + { + "type": "library", + "name": "yargs", + "group": "@types", + "version": "17.0.32", + "bom-ref": "@types/yargs@17.0.32", + "description": "TypeScript definitions for yargs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs@17.0.32#types/yargs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.32.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c50ebb61cfe568e1b9b8c7d7ff4f77311946182201cd931aad56be81f34a271580220ca462954690175ba84cc60c37c2ad5523e8789f7f8993679040e93980a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs" + } + ] + }, + { + "type": "library", + "name": "import-local", + "version": "3.1.0", + "bom-ref": "import-local@3.1.0", + "author": "Sindre Sorhus", + "description": "Let a globally installed package use a locally installed version of itself if available", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-local@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-local.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-local#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-local/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-local/-/import-local-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012074eee2ed9c3b35a3a1078caa57df804a6034aa9c57ab7d33892f61ef32a17bd0b9f1a639330c1f09e38a13f69bb800c3e44307fc8e5eacce0bcd776b5122" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-local" + } + ] + }, + { + "type": "library", + "name": "prompts", + "version": "2.4.2", + "bom-ref": "prompts@2.4.2", + "author": "Terkel Gjervig", + "description": "Lightweight, beautiful and user-friendly prompts", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompts@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/prompts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/prompts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/prompts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37136ffe42e0b8203ba778c4f282f668406cac95a001a901a609a02ba9693d657e5ae3a663aaf6ff36c05673fe4fc6d0940d27cc75d2252256d07abbca5683d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompts" + } + ] + }, + { + "type": "library", + "name": "kleur", + "version": "3.0.3", + "bom-ref": "kleur@3.0.3", + "author": "Luke Edwards", + "description": "The fastest Node.js library for formatting terminal text with ANSI colors~!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kleur@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/kleur.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/kleur#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/kleur/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "793233955392511f89c5d0c57a911870132d67d42a75e7feae7cd675166e31b3b2c2ee6d3b6c3637baea8e800d67993dbf2c212fa06bd55463508813431e04f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kleur" + } + ] + }, + { + "type": "library", + "name": "sisteransi", + "version": "1.0.5", + "bom-ref": "sisteransi@1.0.5", + "author": "Terkel Gjervig", + "description": "ANSI escape codes for some terminal swag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sisteransi@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/terkelg/sisteransi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/terkelg/sisteransi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/terkelg/sisteransi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cb186951d50c417329e7d9de589835f83068e566fcb631104344d1cb27c548ea5ebef45522c9314d27422f78e48fd1b7178150cf45c7c6a80d298daa94a5f56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sisteransi" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "17.7.2", + "bom-ref": "yargs@17.7.2", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@17.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd4b3cd143ef822a7348fe4aca9d8455ec928a3d45cc121eb5b286872a0f66ad6121cc55a1167c4fc4697eebd703d4ebbadc2d773543c29e621caefa82b8ceb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs" + } + ] + }, + { + "type": "library", + "name": "json-diff", + "version": "0.9.1", + "bom-ref": "json-diff@0.9.1", + "author": "Andrey Tarantsov", + "description": "JSON diff", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-diff@0.9.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/andreyvit/json-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/json-diff", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/json-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-diff/-/json-diff-0.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67778c83a91b55306bde0fc8a6617acf6f322f6b2a8b89242252560d04add1ab905b6cb4405bb746648a8b3be3f3cd04fc453235a9ef598de88bf4f967b640d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-diff" + } + ] + }, + { + "type": "library", + "name": "cli-color", + "version": "2.0.4", + "bom-ref": "cli-color@2.0.4", + "author": "Mariusz Nowak", + "description": "Colors, formatting and other tools for the console", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-color@2.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/cli-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/cli-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/cli-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-color/-/cli-color-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce59e98348cd7226cdaceec61bd21e1c7ee669615e0b3f896b5c31ffbb59354e4049249267efea65c88cd3f2c7098c5276abf9876b1d6d0fcf5d874eb9eb57bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-color" + } + ] + }, + { + "type": "library", + "name": "d", + "version": "1.0.2", + "bom-ref": "d@1.0.2", + "author": "Mariusz Nowak", + "description": "Property descriptor factory", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/d@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/d.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/d#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/d/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/d/-/d-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30ea87bcc585f7ff4c5fa9f36b42a0bc51f81e9314d04179b940d7a97fc1b71b54f0d7c1d10cd1b49f0e7bfe92b92e246e1cb3549c2377dec40383caaf327c6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/d" + } + ] + }, + { + "type": "library", + "name": "es5-ext", + "version": "0.10.64", + "bom-ref": "es5-ext@0.10.64", + "author": "Mariusz Nowak", + "description": "ECMAScript extensions and shims", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es5-ext@0.10.64", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.64.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a76b270e188b6977ba75a86cb352dd771a849be4a4b83bd5f1d9c8406d0c5a3c87a5c30d7d728f13efc2734cbe3e1c495f7038c4635e1428f9a1cd01521e9d7a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es5-ext" + } + ] + }, + { + "type": "library", + "name": "type", + "version": "2.7.2", + "bom-ref": "type@2.7.2", + "author": "Mariusz Nowak", + "description": "Runtime validation and processing of JavaScript types", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/type@2.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type/-/type-2.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77396f94d96de805d4ec40527e902c732750ee05c1fa93c6b0f9df26766988d2410e3ec8689cd094165819d122e11f4798f741bf65e6589e9852da136bb9660b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type" + } + ] + }, + { + "type": "library", + "name": "es6-iterator", + "version": "2.0.3", + "bom-ref": "es6-iterator@2.0.3", + "author": "Mariusz Nowak", + "description": "Iterator abstraction based on ES6 specification", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es6-iterator@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-iterator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-iterator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-iterator/-/es6-iterator-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf0e12473a1491df9c97e668135e40f68d6841df76d016f488e24c4244219778cd734dd8a958c0846eec71ff42e4a59153f475dceadfe7cf2e082eb9db9a34da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-iterator" + } + ] + }, + { + "type": "library", + "name": "es6-symbol", + "version": "3.1.4", + "bom-ref": "es6-symbol@3.1.4", + "author": "Mariusz Nowak", + "description": "ECMAScript 6 Symbol polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-symbol@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es6-symbol.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-symbol/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d6c51635fcb458804e0b64275ce0db9f8abe2217a6046f4474bcb1abb719f855cd385142b39e92c3de4f40565b630d66cd4e1162750cf5ce40c9f428a464be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-symbol" + } + ] + }, + { + "type": "library", + "name": "ext", + "version": "1.7.0", + "bom-ref": "ext@1.7.0", + "author": "Mariusz Nowak", + "description": "JavaScript utilities with respect to emerging standard", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ext@1.7.0#ext", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/es5-ext.git#ext", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/tree/ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es5-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ext/-/ext-1.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ea1c5e25868bd75d1af5be531094a3d20a23c87400980d9c8793acfb2482880d5019d4baf7b5d6635a73b2b4a3a80f4b0c4120741fcaca9225479f5170bb8763" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ext" + } + ] + }, + { + "type": "library", + "name": "esniff", + "version": "2.0.1", + "bom-ref": "esniff@2.0.1", + "author": "Mariusz Nowak", + "description": "Low footprint ECMAScript source code parser", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/esniff@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/medikoo/esniff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/esniff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/esniff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esniff/-/esniff-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91350818a43f9833c5a09d2855f726c899f88810d1a6d8cd548cf020547bb6a59775523dc5f03644cc18fe06d2a491b79647563448cb6a9fcda951d9889b1d7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esniff" + } + ] + }, + { + "type": "library", + "name": "event-emitter", + "version": "0.3.5", + "bom-ref": "event-emitter@0.3.5", + "author": "Mariusz Nowak", + "description": "Environment agnostic event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/event-emitter@0.3.5", + "externalReferences": [ + { + "url": "git://github.com/medikoo/event-emitter.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/event-emitter#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/event-emitter/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/event-emitter/-/event-emitter-0.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fdad19fdcbb90b3e727e84cabb4bf9e1be82b0c2f5496a1062d813e6c776ef6ec11d2b75bd8a2f1c0521a33feef6fcb9cce27e9fa37f9d9025f915e4d0aee5c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/event-emitter" + } + ] + }, + { + "type": "library", + "name": "next-tick", + "version": "1.1.0", + "bom-ref": "next-tick@1.1.0", + "author": "Mariusz Nowak", + "description": "Environment agnostic nextTick polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/next-tick@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/next-tick.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/next-tick#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/next-tick/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/next-tick/-/next-tick-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977548897a66ec363b93a10bf16b23d917d56a86dee17b0b2fcb6b0e59a7cbbe2d9ac1f963f66382e9b1c8839d28ad7f0826f58a63dc1843fcc1da4a203ec95" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/next-tick" + } + ] + }, + { + "type": "library", + "name": "memoizee", + "version": "0.4.15", + "bom-ref": "memoizee@0.4.15", + "author": "Mariusz Nowak", + "description": "Memoize/cache function results", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/memoizee@0.4.15", + "externalReferences": [ + { + "url": "git://github.com/medikoo/memoizee.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/memoizee#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/memoizee/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5015a62692d97794933e6ecf31494ec3f4d2cbdef633ecfc81cc90e6f78e9d20d1444cffd1b9a9c937cab77ff9d4384406a099427d6e74cff97e57123d886475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/memoizee" + } + ] + }, + { + "type": "library", + "name": "es6-weak-map", + "version": "2.0.3", + "bom-ref": "es6-weak-map@2.0.3", + "author": "Mariusz Nowak", + "description": "ECMAScript6 WeakMap polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/es6-weak-map@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/medikoo/es6-weak-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/es6-weak-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es6-weak-map/-/es6-weak-map-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a79ba6df61ce4ced643fec3b3d19c1fb9950e3767a9aeb8cb8831f7ef0cdf1907819c9e32c157acc64ada5b01220c9380c202f11a6a685edb387209bfd05d7b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es6-weak-map" + } + ] + }, + { + "type": "library", + "name": "is-promise", + "version": "2.2.2", + "bom-ref": "is-promise@2.2.2", + "author": "ForbesLindesay", + "description": "Test whether an object looks like a promises-a+ promise", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-promise@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/then/is-promise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/then/is-promise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/then/is-promise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-promise/-/is-promise-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa53f8ffa94a5017d08d9da97714e166f2d401a7e665bf0e03115bf175ed890992df920d82bf3985d386a04b35db87b3d450a7649b7a8dabbf4fe6a5879f1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-promise" + } + ] + }, + { + "type": "library", + "name": "lru-queue", + "version": "0.1.0", + "bom-ref": "lru-queue@0.1.0", + "author": "Mariusz Nowak", + "description": "LRU Queue", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lru-queue@0.1.0", + "externalReferences": [ + { + "url": "git://github.com/medikoo/lru-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/lru-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/lru-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-queue/-/lru-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06975892df44bc697c39f5870d03c8495a5c979c59b616fe5cfb1b10b8f90105f1202f08ae20d92106230493c49b9ad2e36d2c8d9d132c4cd172ae4a741858ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-queue" + } + ] + }, + { + "type": "library", + "name": "timers-ext", + "version": "0.1.7", + "bom-ref": "timers-ext@0.1.7", + "author": "Mariusz Nowak", + "description": "Timers extensions", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/timers-ext@0.1.7", + "externalReferences": [ + { + "url": "git://github.com/medikoo/timers-ext.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/medikoo/timers-ext#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/medikoo/timers-ext/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fce4d50dcd349da1d4a14c86e4cba645d367bc493b5555f0fe7eee1a5d74a11042e9a331fe6c2a492d830f65bb0004ddb00c7edf269a88a17c49a736dfd0da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/timers-ext" + } + ] + }, + { + "type": "library", + "name": "difflib", + "version": "0.2.4", + "bom-ref": "difflib@0.2.4", + "author": "Xueqiao Xu", + "description": "text diff library ported from Python's difflib module", + "licenses": [ + { + "license": { + "name": "PSF", + "url": "http://docs.python.org/license.html" + } + } + ], + "purl": "pkg:npm/difflib@0.2.4", + "externalReferences": [ + { + "url": "git://github.com/qiao/difflib.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/difflib.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/difflib.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/difflib/-/difflib-0.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5857098c6f4c101d036be49f66e814a3e9f938a5f1884c640e3acf83f4597e20d38358539fbe1214d6136fe86811d510680bff4d25cc2eefbcd2871574913ef" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/difflib" + } + ] + }, + { + "type": "library", + "name": "heap", + "version": "0.2.7", + "bom-ref": "heap@0.2.7", + "author": "Xueqiao Xu", + "description": "binary heap (priority queue) algorithms (ported from Python's heapq module)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/heap@0.2.7", + "externalReferences": [ + { + "url": "git://github.com/qiao/heap.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qiao/heap.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qiao/heap.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/heap/-/heap-0.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9bb1e8189241cefa1ffd3066e7e8a59c138e5c1d980f00da392d717b12f59d4f4c93d8482e4953b59c3814e5cf3e64e3f0a76bcc35aed816c26155c0d1f5276" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/heap" + } + ] + }, + { + "type": "library", + "name": "dreamopt", + "version": "0.8.0", + "bom-ref": "dreamopt@0.8.0", + "author": "Andrey Tarantsov", + "description": "Command-line parser with readable syntax from your sweetest dreams", + "purl": "pkg:npm/dreamopt@0.8.0", + "externalReferences": [ + { + "url": "git://github.com/andreyvit/dreamopt.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andreyvit/dreamopt.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dreamopt/-/dreamopt-0.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf2253a7cfa60be1bee5d7e0b18fabddc931973f90317e345633d0b19739831540c4b9a2eb84c1a1590fe7803fa51017317b1bbb618c301ad93f136fdb7c1a32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dreamopt" + } + ] + }, + { + "type": "library", + "name": "wordwrap", + "version": "1.0.0", + "bom-ref": "wordwrap@1.0.0", + "author": "James Halliday", + "description": "Wrap those words. Show them at what columns to start and stop.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wordwrap@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/substack/node-wordwrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-wordwrap#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-wordwrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "82f57324594fc9c29ce5d64de323e43fcc3b0dcdfb06d3f5c9ccc49de39be2eab7e295d972faed45399657c5be5267be5c2c4a81b8ccfa77af93214f3326dde1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wordwrap" + } + ] + }, + { + "type": "library", + "name": "jstoxml", + "version": "3.2.10", + "bom-ref": "jstoxml@3.2.10", + "author": "David Calhoun", + "description": "Converts JavaScript/JSON to XML (for RSS, Podcasts, AMP, etc.)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jstoxml@3.2.10", + "externalReferences": [ + { + "url": "git://github.com/davidcalhoun/jstoxml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/davidcalhoun/jstoxml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davidcalhoun/jstoxml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jstoxml/-/jstoxml-3.2.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "735bf6085c4aae120f5abf9c3ab04e2569029646b945f5161b5d98d60ab2143e1dcca4e5c646ab9e2925c0e4ffeb047565f97ec76655223448411f431621b5ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jstoxml" + } + ] + }, + { + "type": "library", + "name": "pretty", + "version": "2.0.0", + "bom-ref": "pretty@2.0.0", + "author": "Jon Schlinkert", + "description": "Some tweaks for beautifying HTML with js-beautify according to my preferences.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/pretty.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/pretty/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty/-/pretty-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bdc54721813122369a2b99d60197e3e16b9d20394a2f4f5f08bc07bb118319d7f7fd5bf59630f467fb123af325cd3149374171c3c28ff5c15ff835e8d535ed7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty" + } + ] + }, + { + "type": "library", + "name": "condense-newlines", + "version": "0.2.1", + "bom-ref": "condense-newlines@0.2.1", + "author": "Jon Schlinkert", + "description": "Replace extraneous newlines with a single newline, or pass a specified number of newlines to use.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/condense-newlines@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/condense-newlines.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/condense-newlines/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/condense-newlines/-/condense-newlines-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3fb5fe40bf476fd07f73c1c8e411452a68e006ed97a50b85f7c599f5790ef9d046824e57830890cfba354a6a6094d588777e7cd54712d1214059fa0884c1cf7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/condense-newlines" + } + ] + }, + { + "type": "library", + "name": "extend-shallow", + "version": "2.0.1", + "bom-ref": "extend-shallow@2.0.1", + "author": "Jon Schlinkert", + "description": "Extend an object with the properties of additional objects. node.js/javascript util.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/extend-shallow@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/extend-shallow.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/extend-shallow/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc29d3b65c4da0088373782a636698016171ed759689ab2e1762bc31ee566cdf28b4729350a0708cfb4da51b3fadb5199bb2b158068d8fb3f56bfa79d866d5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/extend-shallow" + } + ] + }, + { + "type": "library", + "name": "is-whitespace", + "version": "0.3.0", + "bom-ref": "is-whitespace@0.3.0", + "author": "Jon Schlinkert", + "description": "Returns true if the value passed is all whitespace.", + "purl": "pkg:npm/is-whitespace@0.3.0", + "externalReferences": [ + { + "url": "git://github.com/jonschlinkert/is-whitespace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-whitespace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-whitespace/-/is-whitespace-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47274f865e12e89c00ca3d09263b215891051ba84dc9ede964505165a4d47d9170187c73a6935a34e56042e4bf13f4a586b029b8c5eba672b51042177dda370e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-whitespace" + } + ] + }, + { + "type": "library", + "name": "kind-of", + "version": "3.2.2", + "bom-ref": "kind-of@3.2.2", + "author": "Jon Schlinkert", + "description": "Get the native type of a value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kind-of@3.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/kind-of.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/kind-of/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e5bd4105cca191a0fe8aa754da0d4d320510889dd7adbb5827df50124474cc58029abb98d13b0a9cee7083dcf99420db93e17a3ec8252997de13bea1b94eb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kind-of" + } + ] + }, + { + "type": "library", + "name": "is-buffer", + "version": "1.1.6", + "bom-ref": "is-buffer@1.1.6", + "author": "Feross Aboukhadijeh", + "description": "Determine if an object is a Buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-buffer@1.1.6", + "externalReferences": [ + { + "url": "git://github.com/feross/is-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/is-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/is-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35c7402f0a579139b966fbdb93ba303944af56f04a0e028fe7f7b07d71339e64057ece194666a739e2814e34558e46b7405a0de9727ef45dd44aa7c7a93694e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-buffer" + } + ] + }, + { + "type": "library", + "name": "is-extendable", + "version": "0.1.1", + "bom-ref": "is-extendable@0.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a value is any of the object types: array, regexp, plain object, function or date. This is useful for determining if a value can be extended, e.g. \"can the value have keys?\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extendable@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extendable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extendable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e413142cda1bd6f8055fa123430e62cd60f1ade7162bd00cef6aee80daf44c595d30e8b47e3e8993ecde288b74c468f87047d0209b61e30dce296389e1ff8017" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extendable" + } + ] + }, + { + "type": "library", + "name": "js-beautify", + "version": "1.15.1", + "bom-ref": "js-beautify@1.15.1", + "author": "Einar Lielmanis", + "description": "beautifier.io for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-beautify@1.15.1", + "externalReferences": [ + { + "url": "git://github.com/beautifier/js-beautify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://beautifier.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beautifier/js-beautify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.15.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1128cdcd296dfec584f2c722647f24045f013e5c173f0851ea958a030f1bc380708fe899727296e8e35652eb49ede39bb81650a6221bf12ece62ca56acab7bac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify" + } + ] + }, + { + "type": "library", + "name": "config-chain", + "version": "1.1.13", + "bom-ref": "config-chain@1.1.13", + "author": "Dominic Tarr", + "description": "HANDLE CONFIGURATION ONCE AND FOR ALL", + "purl": "pkg:npm/config-chain@1.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/config-chain.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/dominictarr/config-chain", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/config-chain/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa3f9ff003c04571eb33486b6aa5d86f6fdb395495e0fbc9425359fc3563d10ae634cdaad9eba2ce47ae55c910e7b27e5b49911fa1ef8be939d0ce09ba5d9545" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/config-chain" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "1.3.8", + "bom-ref": "ini@1.3.8", + "author": "Isaac Z. Schlueter", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@1.3.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "255ff2ba0576bb35b988c4528990320ed41dfa7c6d5278de2edd1a70d770f7c90a2ebbee455c81f34b6c444384ef2bc65606a5859e913570a61079142812b17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ini" + } + ] + }, + { + "type": "library", + "name": "proto-list", + "version": "1.2.4", + "bom-ref": "proto-list@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "A utility for managing a prototype chain", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proto-list@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/proto-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/proto-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/proto-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bed2bff786a4c6c4cc85ed3f71b7e947eb323eeb3372ec21a958c9ab6e82b8d0e01468faf36a1105738fe4c269bf6afb26d13c32c89ea4622abef3930709f6bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proto-list" + } + ] + }, + { + "type": "library", + "name": "editorconfig", + "version": "1.0.4", + "bom-ref": "editorconfig@1.0.4", + "author": "EditorConfig Team", + "description": "EditorConfig File Locator and Interpreter for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/editorconfig@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/editorconfig/editorconfig-core-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/editorconfig/editorconfig-core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/editorconfig/-/editorconfig-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fd41ed3c2964e5a98315bcc71322f300765d5c0d4b9bcd13582fe59f0386cb0cc1dee277a62a4a666339339c4d45c0b2aed04126cbaa1b8102b3309ae0e31f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig" + } + ] + }, + { + "type": "library", + "name": "wasm", + "group": "@one-ini", + "version": "0.1.1", + "bom-ref": "@one-ini/wasm@0.1.1", + "description": "Parse EditorConfig-INI file contents into AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40one-ini/wasm@0.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/one-ini/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/one-ini/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/one-ini/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@one-ini/wasm/-/wasm-0.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eec921b5137f1849c489a0c96aa2f2ebbb829350d4a38154c88f287ba8c5fa68d3791d8e42b792e14497713bbf49b53cca7f357f6e75a9cfeceab98ac84acbf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@one-ini/wasm" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "10.0.1", + "bom-ref": "commander@10.0.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@10.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb8320dad5ec8699446d21b3c7b6a6ccfc0a28e086ba84913ff0a311dc3093414e1a551baba94aba8c83653359926c47749b69e7885d7d8fc952b74bed77ddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7008bd0f1e33e902e9a50bc7ac2e422c15b27cec8bd7775b1cd5dc5a564c6035f45eb6d64c1d6ec01c14a5e02941d95accbe998ea22f5b074f1584142cad0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "js-cookie", + "version": "3.0.5", + "bom-ref": "js-cookie@3.0.5", + "author": "Klaus Hartl", + "description": "A simple, lightweight JavaScript API for handling cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-cookie@3.0.5", + "externalReferences": [ + { + "url": "git://github.com/js-cookie/js-cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/js-cookie/js-cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70488910012821b59f09960a5a157016ebcf5f58044d160fc3a2e56932a8c43decd80917ce40a39e9ea1d15efba33caa8f48da92d789e18a83253f37d3e9551b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-cookie" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.0", + "bom-ref": "nopt@7.2.0", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nopt/-/nopt-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0950edc02761608be703316827a349e9d5f7a206bdfc7c9c8900e71b5bd00e348b31e28b27803ddd9a98283ae0612af5141639fe13180bed950a2db8a60a6418" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nopt" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/abbrev/-/abbrev-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ebf9a1d44daed98804b021dd634631e685beeb581953ed6f5daa221c7ae929eb9134d805bd2fbf8ebc07890841e5aa407f9a01ed407b135f689764762ca1fc85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/abbrev" + } + ] + }, + { + "type": "library", + "name": "babel__core", + "group": "@types", + "version": "7.20.5", + "bom-ref": "@types/babel__core@7.20.5", + "description": "TypeScript definitions for @babel/core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__core@7.20.5#types/babel__core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.20.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa8429ad9bf3e70405270303a9eb1e4575afdeba8cbe18296d715f5725a16f1f57e3b3ce200ea2ffe75779f12664aa0080e69375a22035232a30853ad72472cc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__core" + } + ] + }, + { + "type": "library", + "name": "template", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/template@7.24.0", + "author": "The Babel Team", + "description": "Generate an AST from a string template.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/template@7.24.0#packages/babel-template", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues?utf8=%E2%9C%93&q=is%3Aissue+label%3A%22pkg%3A%20template%22+is%3Aopen", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0647f6abc94c074005a57d0d144a926f1d4e9131dfd1ffb48fcda6930f99a73067924edef50974f3dd6f95f822fa41f03a4f2d4238901e9aa1e0b6926b47ca10" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/template" + } + ] + }, + { + "type": "library", + "name": "bs-logger", + "version": "0.2.6", + "bom-ref": "bs-logger@0.2.6", + "author": "Huafu Gandon", + "description": "Bare simple logger for NodeJS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bs-logger@0.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/huafu/bs-logger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/huafu/bs-logger#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/huafu/bs-logger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bs-logger/-/bs-logger-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5df030a8c666e073b8723ca3afc6da8d7236283ac0013d075c0948c6a77778d95476097d4e46193603cee8aaabb9475924fbbea7b3166ea649b277e315b42a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bs-logger" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "2.2.3", + "bom-ref": "json5@2.2.3", + "author": "Aseem Kishore", + "description": "JSON for Humans", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@2.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e63967bb7b21d81f5e1c2dd54fa3283e18e1f7ad85fef8aa73af2949c125bdf2ddcd93e53c5ce97c15628e830b7375bf255c67facd8c035337873167f16acca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json5" + } + ] + }, + { + "type": "library", + "name": "lodash.memoize", + "version": "4.1.2", + "bom-ref": "lodash.memoize@4.1.2", + "author": "John-David Dalton", + "description": "The lodash method `_.memoize` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.memoize@4.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b8fe3739a09d0cd30185dcb0760b8229a5b4e5753171ed94e59fe868cbf4a8fc18ae45227c39268b71bdb3acf88bd5d7f0f3a34e3f7c219f2d5b3b6976f802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.memoize" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "3.26.9", + "bom-ref": "@oclif/core@3.26.9", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@3.26.9", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-3.26.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81e58c5deb60ec1eaa822bfeb42fc2221a94d1214e09f9fcc2a9f6cf462218139f9a81f37ade4a6968cf936eac8c05db27b7f3d03a7603f0186cd6ab94afa7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "group": "@types", + "version": "3.11.5", + "bom-ref": "@types/cli-progress@3.11.5", + "description": "TypeScript definitions for cli-progress", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/cli-progress@3.11.5#types/cli-progress", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/cli-progress", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/cli-progress/-/cli-progress-3.11.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f83db3516ef88aca9a52e62bc11b214edbd3ce97248b980d87c94144e29e5019acc030cdc2c2429672f4e5f20bc4952bb1461e853ca2fc5e689d5fcef7a2ee2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/cli-progress" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.21.3", + "bom-ref": "type-fest@0.21.3", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.21.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b74af306af3b9b77d571db870d41612a6cb25fef5ea3a5908d9bdfe7511afccd10efe4f7ef8269d5a522c9497418ac69f0cfce113547483be69323e0bd7f97db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-fest" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4511023ec8fb8aeff16f9a0a61cb051d2a6914d9ec8ffe763954d129be333f9a275f0545df3566993a0d70e7c60be0910e97cafd4e7ce1f320dfc64709a12529" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "cardinal", + "version": "2.1.1", + "bom-ref": "cardinal@2.1.1", + "author": "Thorsten Lorenz", + "description": "Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cardinal@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/cardinal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/cardinal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/cardinal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cardinal/-/cardinal-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "252af978e8281329ad607063356ca3acca9eb7d026da68898657ca35da8ba7ace878087428de5d44073195e723e66009ae64289a088e063df9c472eb163a81a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cardinal" + } + ] + }, + { + "type": "library", + "name": "ansicolors", + "version": "0.3.2", + "bom-ref": "ansicolors@0.3.2", + "author": "Thorsten Lorenz", + "description": "Functions that surround a string with ansicolor codes so it prints in color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansicolors@0.3.2", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/ansicolors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/ansicolors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansicolors/-/ansicolors-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "417bbb04facfdbd565951c47f06c01ef1e625f9a9628000c2ea2901964de2d656534734ea55309f7576cc50008597a63b96e70aafc6edc977f9d18eb27ed29aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansicolors" + } + ] + }, + { + "type": "library", + "name": "redeyed", + "version": "2.1.1", + "bom-ref": "redeyed@2.1.1", + "author": "Thorsten Lorenz", + "description": "Takes JavaScript code, along with a config and returns the original code with tokens wrapped as configured.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/redeyed@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/redeyed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/redeyed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/redeyed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/redeyed/-/redeyed-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14da461a8d43c9c600767aca17108c98a620a3f9882c0aad4586e47500fc129fc79363d0e7e684004c7e214ef5dd14c39ae05a1f473c3f9668ceeacdbb939b45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/redeyed" + } + ] + }, + { + "type": "library", + "name": "esprima", + "version": "4.0.1", + "bom-ref": "esprima@4.0.1", + "author": "Ariya Hidayat", + "description": "ECMAScript parsing infrastructure for multipurpose analysis", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esprima@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jquery/esprima.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://esprima.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jquery/esprima/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "786b85170ed4a5d6be838a7e407be75b44724d7fd255e2410ccfe00ad30044ed1c2ee4f61dc10a9d33ef86357a6867aaac207fb1b368a742acce6d23b1a594e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esprima" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "4.0.0", + "bom-ref": "has-flag@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1329094ff4352a34d672da698080207d23b4b4a56e6548e180caf5ee4a93ba6325e807efdc421295e53ba99533a170c54c01d30c2e0d3a81bf67153712f94c3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "3.0.1", + "bom-ref": "clean-stack@3.0.1", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-stack/-/clean-stack-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "951f70362311715423481ddaef15c62eecf872be3026eb9795a0046d1bad1a8c104e6969ed1ef6fc33a0376d5ef237706e531697d50e24c2576ab5fde29cca76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-stack" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "4.0.0", + "bom-ref": "escape-string-regexp@4.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4eda5c349dd7033c771aaf2c591cc96956a346cd2e57103660091d6f58e6d9890fcf81ba7a05050320379f9bed10865e7cf93959ae145db2ae4b97ca90959d80" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "cli-progress", + "version": "3.12.0", + "bom-ref": "cli-progress@3.12.0", + "author": "Andi Dittrich", + "description": "easy to use progress-bar for command-line/terminal applications", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-progress@3.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/npkgz/cli-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npkgz/cli-progress", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npkgz/cli-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-progress/-/cli-progress-3.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b51915dc7275012c26d7d4c78a22c85cb3bb226ef0953b8a9ef918693932a003de7ea8cd83b5bb0c7294946471cbdbf10ef6f2098424428cefa6db8c9060a0f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-progress" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "4.2.3", + "bom-ref": "color@4.2.3", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@4.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6b5deb94522186af2921f8278176ee487bb389c229c28106346dcec6091c72e71547cbe9a86aa9292ff8ea42ad0cb5039e61caea133e1a6dce5fd0ab54ed6e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-string", + "version": "1.9.1", + "bom-ref": "color-string@1.9.1", + "author": "Heather Arthur", + "description": "Parser and generator for CSS color strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-string@1.9.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-string/-/color-string-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21ad56b0405a239d9bfac4ce346a7c780a4a033fe7d9b30fd97ab10cb16fe9cb3b116c4969b0bfc30555bbab7131c70bac74d5c8de55e9ba1119933b3ca7912" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/color-string" + } + ] + }, + { + "type": "library", + "name": "simple-swizzle", + "version": "0.2.2", + "bom-ref": "simple-swizzle@0.2.2", + "author": "Qix", + "description": "Simply swizzle your arguments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/simple-swizzle@0.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-simple-swizzle.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-simple-swizzle/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/simple-swizzle/-/simple-swizzle-0.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "240fff910819b5bb98f379bec53fad5c9926267706313153f82fa0da1d91f6ec64608ac4db2cbdb2099c2e10a7c39eff5920fe121dc9f7b14f1031676d79c352" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle" + } + ] + }, + { + "type": "library", + "name": "ejs", + "version": "3.1.10", + "bom-ref": "ejs@3.1.10", + "author": "Matthew Eernisse", + "description": "Embedded JavaScript templates", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/ejs@3.1.10", + "externalReferences": [ + { + "url": "git://github.com/mde/ejs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/ejs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/ejs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51e26615f3ab0104bc38958f678aad807c961316b4f3cfccb4ae54132a091851faedc0c45e4652be23a2291099e178a3d33c48dc9102818b37a0ac7e022cd004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ejs" + } + ] + }, + { + "type": "library", + "name": "jake", + "version": "10.8.7", + "bom-ref": "jake@10.8.7", + "author": "Matthew Eernisse", + "description": "JavaScript build tool, similar to Make or Rake", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/jake@10.8.7", + "externalReferences": [ + { + "url": "git://github.com/jakejs/jake.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jakejs/jake#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jakejs/jake/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jake/-/jake-10.8.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6438b768ff9f1bf2dc87207350cf34e158dd767c1f49fb1d798930b7c35c6ca46fa38ac592386ce39ea22c59f79366545af35ee22e3c5800836f36bc7e1ab6fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake" + } + ] + }, + { + "type": "library", + "name": "async", + "version": "3.2.5", + "bom-ref": "async@3.2.5", + "author": "Caolan McMahon", + "description": "Higher-order functions and common patterns for asynchronous code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async@3.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/caolan/async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://caolan.github.io/async/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caolan/async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async/-/async-3.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da359caa69a2e1c8b54a9bf0e5bdd5b4e7531280ee9bf1e55f21ece5f44e4fa96c458332e6ff0427b445b8ccecad55bbab0c4af426500b12974e170bc4acbb2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async" + } + ] + }, + { + "type": "library", + "name": "filelist", + "version": "1.0.4", + "bom-ref": "filelist@1.0.4", + "author": "Matthew Eernisse", + "description": "Lazy-evaluating list of files, based on globs or regex patterns", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/filelist@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/mde/filelist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mde/filelist", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mde/filelist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c35704b9fdd2f83acb0902fb113ea4cfe82694975babd27bc970928cafce6423c0faa10dd56c85e1901fd186096b8fec84726b6b6b7f77fafc495e098bec7ef1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de849e50ed13315ebb84dd4099b5ec2b8c9aa94eed8e21e56f144364ea47d0a5bdf82797e1b440697d009f1b74b71d8cae94695b041a3f02252121098585393f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/balanced-match" + } + ] + }, + { + "type": "library", + "name": "concat-map", + "version": "0.0.1", + "bom-ref": "concat-map@0.0.1", + "author": "James Halliday", + "description": "concatenative mapdashery", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/concat-map@0.0.1", + "externalReferences": [ + { + "url": "git://github.com/substack/node-concat-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-concat-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-concat-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd2aefe1db30c903417e8846a73f68e986f71b3dd2ad40ea047e6b4ee84647b6a1b656d82a7571c366c214c4658da03b1171da5d9f30b07768745bdb9212a6aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/concat-map" + } + ] + }, + { + "type": "library", + "name": "get-package-type", + "version": "0.1.0", + "bom-ref": "get-package-type@0.1.0", + "author": "Corey Farrell", + "description": "Determine the `package.json#type` which applies to a location", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-package-type@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/cfware/get-package-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cfware/get-package-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cfware/get-package-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cee2ad63ae0661f5a2ccd009d1fafd56ab6d6643622b6892e37d0bb481f38c112be9b5fc026db39b8b16e11a39c23596e5c02544bd6a00c4dc5db8cd00ed9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-package-type" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "11.1.0", + "bom-ref": "globby@11.1.0", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e121768ecf2d6c6fc232a1c6abb964a7d538e69c156cf00ca1732f37ae6c4d27cab6b96282023dc29c963e2a91925c2b9e00f7348b4e6456f54ab4fd6df52de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globby" + } + ] + }, + { + "type": "library", + "name": "array-union", + "version": "2.1.0", + "bom-ref": "array-union@2.1.0", + "author": "Sindre Sorhus", + "description": "Create an array of unique values, in order, from the input arrays", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-union@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/array-union.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/array-union#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/array-union/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1c6cb1a0e4d853208ceacb547ba1098277781287b0008ef331d7ea3be9068e79599810f3fdc479a5ff2bfdc4785aaeb4b0bfe9d0891c8d41043f04b7185ac8cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-union" + } + ] + }, + { + "type": "library", + "name": "dir-glob", + "version": "3.0.1", + "bom-ref": "dir-glob@3.0.1", + "author": "Kevin Mårtensson", + "description": "Convert directories to glob compatible strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dir-glob@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/dir-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/dir-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/dir-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a4ad6a7d191e0a5df28663338b993b86562d545857f0b37efb9fd71ce79fed6fa0eeab217aa5c43901b88712c85a0e963dbfaa1a4abd9708389d1a633077320" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dir-glob" + } + ] + }, + { + "type": "library", + "name": "path-type", + "version": "4.0.0", + "bom-ref": "path-type@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path is a file, directory, or symlink", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-type@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80329bf1a64c0de0ffb595acf4febeab427d33091d97ac4c57c4e39c63f7a89549d3a6dd32091b0652d4f0875f3ac22c173d815b5acd553dd7b8d125f333c0bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-type" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "5.3.1", + "bom-ref": "ignore@5.3.1", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@5.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45cadcff22b68c8eaa707dddf891edbc3d354c8d98c91b630f9f9b7b384e1e50250d7fc0406bb6f95944bdfd0bebea6c0e412ecc93abddb0c9e8e617be4fc5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ignore" + } + ] + }, + { + "type": "library", + "name": "hyperlinker", + "version": "1.0.0", + "bom-ref": "hyperlinker@1.0.0", + "author": "James Talmage", + "description": "Write hyperlinks in the terminal.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hyperlinker@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jamestalmage/hyperlinker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jamestalmage/hyperlinker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hyperlinker/-/hyperlinker-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4f2f146e545614471f4ae21a6a3337e0b74f5c885bb356a3117fc104fbf6e09f9e9d255a11563adf143a9533bd551612e4b028821206d080c9fa9f883f329441" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hyperlinker" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11d0c366ee00d8ec882bb2ebff6cc6fb0e6399bba4d435419c4c11110bc1ceca412640846d16bc1b153596085871a1890a745689b8c35e5abbefd5f5ff2e71c2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/indent-string" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "2.2.0", + "bom-ref": "is-wsl@2.2.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cacc0adad2b18951407018180d90766e4e865c9fe4ed5c7a5e0a09a430930c631d6c40361a092ca32414826b69c7d431a6eecde7d68067a21a154c168decbc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "2.2.1", + "bom-ref": "is-docker@2.2.1", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "17e8b604ab05ac7eba89a505734c280fcb0bcbc81eb64c13c2d3818efb39e82c780a024378a41ea9fcfcc0062249bf093a9ad68471f9a7becf6e6602bef52e5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "natural-orderby", + "version": "2.0.3", + "bom-ref": "natural-orderby@2.0.3", + "author": "Olaf Ennen", + "description": "Lightweight and performant natural sorting of arrays and collections by differentiating between unicode characters, numbers, dates, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/natural-orderby@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/yobacca/natural-orderby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yobacca.github.io/natural-orderby", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yobacca/natural-orderby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/natural-orderby/-/natural-orderby-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7b2931f1534094adc3977bad997eb6f9675de72ef3e149647fb28de416e954414d2c814965d99d0bc29b0b377e7578e383fa1446bbf17583eeb10df3de0fef9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/natural-orderby" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "1.1.33", + "bom-ref": "object-treeify@1.1.33", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@1.1.33", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-1.1.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1055630187f35aa5ac04c4473cc0172c20c8267a4c85d580a91ef11ba33a6b672ce8f305a65ffe676d30f730d6e2f9313857dd75e8012aaf517a17746f1584ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "password-prompt", + "version": "1.1.3", + "bom-ref": "password-prompt@1.1.3", + "author": "Jeff Dickey @jdxcode", + "description": "cross-platform masked or hidden prompt", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/password-prompt@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/password-prompt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/password-prompt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/password-prompt/-/password-prompt-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e4ae31b668996f174b7604c1f47b62c1fc41dfdcb72addf34ccf2e066077106e502f3a5f904238b52f1ed644132aa552bca7e291edb0a0ee8a80317b5d82acb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/password-prompt" + } + ] + }, + { + "type": "library", + "name": "slice-ansi", + "version": "4.0.0", + "bom-ref": "slice-ansi@4.0.0", + "description": "Slice a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slice-ansi@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/slice-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/slice-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/slice-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8c08c7e1634e347151d3e372bd045ca0a986d43c564a1ce83b2bbde6b5358945bf29c8fddfcdfe08c5de52cdd10943a311520fd606738bc60859b4a2aeac435" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/slice-ansi" + } + ] + }, + { + "type": "library", + "name": "astral-regex", + "version": "2.0.0", + "bom-ref": "astral-regex@2.0.0", + "author": "Kevin Mårtensson", + "description": "Regular expression for matching astral symbols", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/astral-regex@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/astral-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/astral-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/astral-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "67bb4cc35cad4d7b798ea31c38ff8e42d794d55b8d2bd634daeb89b4a4354afebd8d740a2a0e5c89b2f0189a30f32cd93fe780735f0498b18f6a5d1ba77eabbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/astral-regex" + } + ] + }, + { + "type": "library", + "name": "widest-line", + "version": "3.1.0", + "bom-ref": "widest-line@3.1.0", + "author": "Sindre Sorhus", + "description": "Get the visual width of the widest line in a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/widest-line@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/widest-line.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/widest-line/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36c9a85da96c5950cc1aea71679474f246bd7e56638e22ef1d501660e2ad88a33cba3b595abf5c45f7da93eb92138f3e39bf0e6da957a70c9e522c830fa40582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/widest-line" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6151888f691a98b493c70e8db198e80717d2c2c9f4c9c75eb26738a7e436d5ce733ee675a65f8d7f155dc4fb5d1ef98d54e43a5d2606e0052dcadfc58bb0f5e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "plugin-help", + "group": "@oclif", + "version": "6.1.0", + "bom-ref": "@oclif/plugin-help@6.1.0", + "author": "Salesforce", + "description": "Standard help for oclif.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-help@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-help.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-help", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-help/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-help/-/plugin-help-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53e2cd28a69906ba07aa848622961b42691397c696d0d25c3bdb6bd3dd4b24e67be22a840e2ba97c14c232e9255bdb9365d585600a6a4e6b210ee07f238d63c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help" + } + ] + }, + { + "type": "library", + "name": "ansis", + "version": "3.2.0", + "bom-ref": "ansis@3.2.0", + "author": "webdiscus", + "description": "Colorize terminal with ANSI colors & styles", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ansis@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/webdiscus/ansis.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/webdiscus/ansis", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/webdiscus/ansis/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansis/-/ansis-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "624dc19071fd53ba0fc8237780be5373b0a96a11bff9416fffa506d370b7d75572f65cd1980e6ea310d3a54f423b7ac61cbe8acc9cffa5d0de5d9099e4cbbf4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansis" + } + ] + }, + { + "type": "library", + "name": "cli-spinners", + "version": "2.9.2", + "bom-ref": "cli-spinners@2.9.2", + "author": "Sindre Sorhus", + "description": "Spinners for use in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-spinners@2.9.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-spinners.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-spinners/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-spinners/-/cli-spinners-2.9.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb0a95fb9326c8be04ef26d780acace03ba065b5f4142e8b9f0ae18eeca42239caf64f0e41a710edac462a78c35d63619ecd31a2dddb648e61e791fcca8f5c26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-spinners" + } + ] + }, + { + "type": "library", + "name": "cosmiconfig", + "version": "9.0.0", + "bom-ref": "cosmiconfig@9.0.0", + "author": "Daniel Fischer", + "description": "Find and load configuration from a package.json property, rc file, TypeScript module, and more!", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cosmiconfig@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/cosmiconfig/cosmiconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cosmiconfig/cosmiconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8adbcbe61f1111300298e4c573851f23207645f1078bbd40c7a13f3e2bd5c6af4db1e29b396a5ec8710e21b980c35aecf0093456eaec40dc30ee57fb62d530ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cosmiconfig" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fa1d6590b2a164c4d88e8835544a49346ecd64959cb9cd830e4feab2a49345108e5e22e3790d5dd7fb9dad41a1a8cc5480097028d67471fdaea9a9f918bb92d8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/env-paths" + } + ] + }, + { + "type": "library", + "name": "import-fresh", + "version": "3.3.0", + "bom-ref": "import-fresh@3.3.0", + "author": "Sindre Sorhus", + "description": "Import a module while bypassing the cache", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/import-fresh@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/import-fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/import-fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bde6188506be0f54012b39ef8541f16fc7dac65af0527c6c78301b029e39ec4d302cd8a8d9b3922a78d80e1323f98880abad71acc1a1424f625d593917381033" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/import-fresh" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "4.1.0", + "bom-ref": "js-yaml@4.1.0", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c29c59b3d368c596891122462194f20c4698a65d0529203e141f5a262c9e98a84cc24c5083ade1e13d4a2605061e94ea3c33517269982ee82b46326506d5af44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "error-ex", + "version": "1.3.2", + "bom-ref": "error-ex@1.3.2", + "description": "Easy error subclassing and stack customization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/error-ex@1.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-error-ex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-error-ex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-error-ex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edd147366a9e15212dd9906c0ab8a8aca9e7dd9da98fe7ddf64988e90a16c38fff0cbfa270405f73453ba890a2b2aad3b0a4e3c387cd172da95bd3aa4ad0fce2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/error-ex" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "2.3.1", + "bom-ref": "json-parse-even-better-errors@2.3.1", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c72170ca1ae8fc91287fa1a17b68b3d8d717a23dac96836c5abfd7b044432bfa223c27da36197938d7e9fa341d01945043420958dcc7f7321917b962f75921db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-parse-even-better-errors" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "5.1.6", + "bom-ref": "typescript@5.1.6", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@5.1.6", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cda582a33459e832c4580585ad50f3d47e85557cd449f4f2e4550c5ac42553c626e493fd78ee31913211385090be141feb5cfa3bf1baba0c374a0027bef9be1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d15851ee494dde0ed4093ef9cd63b25c91eb758f4b793ae3ac1733cfcec7a40f9d9997ca947c520f122b305ea22f1d61951ce817fbb1bfbc234d85e870c5f91" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "plugin-plugins", + "group": "@oclif", + "version": "5.2.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2", + "author": "Salesforce", + "description": "plugins plugin for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-plugins@5.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-plugins.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-plugins/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-plugins/-/plugin-plugins-5.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "054027977f9f374f1c7fb2ea9cb851bf991cf8758e2f3dd32eadedf407f6e5af100a9c5804a6339f283152ba08e744ccd34dbe8b49af8e4b518e0d9b1fd791ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-7.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6e519014293e66f19cefb3bd975b2dc7b6f55b4d6963444eba70feb46f127302a7f60e0202a3b9584d8d881d498b9cda6362fc396ef9a81ef3dcd103b66badb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-name/-/validate-npm-package-name-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3a58cbad0f5241d394a93690c6a2f97447d95ab5c4c72c96b28cd89405856b03d536e0fcde2825eee243d914e434c6e7888620b7c97cd5e08918875017b6af2d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-name" + } + ] + }, + { + "type": "library", + "name": "npm", + "version": "10.8.0", + "bom-ref": "npm@10.8.0", + "author": "GitHub Inc.", + "description": "a package manager for JavaScript", + "licenses": [ + { + "license": { + "id": "Artistic-2.0" + } + } + ], + "purl": "pkg:npm/npm@10.8.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://docs.npmjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm/-/npm-10.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c21f77b91733829ec70e73cc88b5dc0a4bf685a81d252d3327d293ff7d5dd05a173f4dbeaa037600ec29696f397f14569229e5dab10b7cfc3e0a30575b8f3f8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm" + } + ] + }, + { + "type": "library", + "name": "plugin-version", + "group": "@oclif", + "version": "2.2.2", + "bom-ref": "@oclif/plugin-version@2.2.2", + "author": "Salesforce", + "description": "A command that shows the CLI version", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-version@2.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-version.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-version", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-version/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-version/-/plugin-version-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1f8b742bb15567ea42c0b01cd3679965b18c816f58717f0b58c976317ccac5019f3eb98164b4e113621e6d1f4fbd10248c3af30a66d979625c0b1f7bb4767a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version" + } + ] + }, + { + "type": "library", + "name": "plugin-warn-if-update-available", + "group": "@oclif", + "version": "3.1.4", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "author": "Salesforce", + "description": "warns if there is a newer version of CLI released", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-warn-if-update-available@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-warn-if-update-available.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-warn-if-update-available/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-warn-if-update-available/-/plugin-warn-if-update-available-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c63eb3830bee105994ac76055c7a2a993a6f394b0482a5e2ca87fd3aa8e0955dd77813cdb109dbb96ff4f391c549606f2885500addb6b954556890b3de8ece0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available" + } + ] + }, + { + "type": "library", + "name": "content-type", + "version": "1.0.5", + "bom-ref": "content-type@1.0.5", + "author": "Douglas Christopher Wilson", + "description": "Create and parse HTTP Content-Type header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-type@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-type.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-type#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-type/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d38ea7dc045122a4a7570afe180d05827e670b64a9bcd65745d29028a53bf2ac51956dc47a3ff54001de46ecdfb4b53afc42a894d2d15a743e852b836d27038" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-type" + } + ] + }, + { + "type": "library", + "name": "is-stream", + "version": "2.0.1", + "bom-ref": "is-stream@2.0.1", + "author": "Sindre Sorhus", + "description": "Check if something is a Node.js stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-stream@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "845a222624e5eb79e7fa4b2d1c606d7b05922a740ba726f5e7928785e035977f6ebed3bd9d6228a75a77b9da8f71477fc5b17554b30ee27ece23aa7b45b9e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-stream" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.2.1", + "bom-ref": "is-arrayish@0.2.1", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf3d3a4bcb74a33a035cc1beb9b7b6eb37824cd5dc2883c96498bc841ac5e227422e6b38086f50b4aeea065d5ba22e4e0f31698ecc1be493e61c26cca63698ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.2.1", + "bom-ref": "safe-buffer@5.2.1", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.2.1", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae9dd2a34eca71d9a629b1af81a37141226bedb1954959394bd12ad45fa9a5b468ef4f9879a0f1930e4377c34f37e183e9b8e7626d95b8fb825e6a6e62f9825d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "test", + "group": "@oclif", + "version": "3.2.15", + "bom-ref": "@oclif/test@3.2.15", + "author": "Salesforce", + "description": "test helpers for oclif components", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/test@3.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/test/-/test-3.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea1b7468b28ccdab24a4c525c89d4d765de736b0f48e92a6072437dd1598961b76bc0b1bb87673e2010be6b3e049b0e94b4267c4425487aa2c9550a38c1e15c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "version": "4.4.1", + "bom-ref": "chai@4.4.1", + "author": "Jake Luer", + "description": "BDD/TDD assertion library for node.js and the browser. Test framework agnostic.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chai@4.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/chai.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://chaijs.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/chai/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chai/-/chai-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d77b0e7ccbf6f8359db8453eff16ee9f72d270ba2a375ee705e4cb52c9837ca768882d5faf49fd3d4e20baee0085170e54593fb16f0bc99587ba15ad419885fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chai" + } + ] + }, + { + "type": "library", + "name": "fancy-test", + "version": "3.0.15", + "bom-ref": "fancy-test@3.0.15", + "author": "Salesforce", + "description": "extendable utilities for testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fancy-test@3.0.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/fancy-test.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/fancy-test", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/fancy-test/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fancy-test/-/fancy-test-3.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91964574fcd55ad2b106498b2d47f1862cec78697565946e0a69ae0a4a35a2202cfd7fccbc4e000a6fef973bf17eee0e79bffb309f2154ff2b522566dd1ef6f5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fancy-test" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chai", + "group": "@types", + "version": "4.3.14", + "bom-ref": "@types/chai@4.3.14", + "description": "TypeScript definitions for chai", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/chai@4.3.14#types/chai", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/chai", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/chai", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/chai/-/chai-4.3.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a3ef5b1713843802419d1bd4efab5bbf7eab8dcfd11d1b82c824cc1554823b6ac8630fff1c7fc7f221f2408d1afa61cb179d213c70e1903ead60a9e47ccfedf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/chai" + } + ] + }, + { + "type": "library", + "name": "sinon", + "group": "@types", + "version": "17.0.3", + "bom-ref": "@types/sinon@17.0.3", + "description": "TypeScript definitions for sinon", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinon@17.0.3#types/sinon", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinon", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinon", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinon/-/sinon-17.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f7ba8bdd9fc7b0932f644411b5f5b3b06996dec49bbf5e3b641f28ef520b78c5f3c5cf5f1d70e44832a9d887ae85c773e8c2172bf39353e7e7abdfea1589aa7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinonjs__fake-timers", + "group": "@types", + "version": "8.1.5", + "bom-ref": "@types/sinonjs__fake-timers@8.1.5", + "description": "TypeScript definitions for @sinonjs/fake-timers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/sinonjs__fake-timers@8.1.5#types/sinonjs__fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/sinonjs__fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/sinonjs__fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/sinonjs__fake-timers/-/sinonjs__fake-timers-8.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "990914da363c8c9105ed81e31efb103bcfb7ba08532f599c9e7f7a8a07e138d991f9f50f48a22479f418a527bc6ec972d84a7ba106e7ffa546e7ff7fd2a700ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/sinonjs__fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-stdin", + "version": "1.0.0", + "bom-ref": "mock-stdin@1.0.0", + "author": "Caitlin Potter", + "description": "Mock STDIN file descriptor in Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-stdin@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/caitp/node-mock-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/caitp/node-mock-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-stdin/-/mock-stdin-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6e91175bf417aedbbb7a74df97ced4911eaf49d01fc2a003b2486cc77e7f144df9aa8a9039c8d4ffb03504c987405771e991ae96c7a90e331b8e6dd39ec7ad1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nock", + "version": "13.5.4", + "bom-ref": "nock@13.5.4", + "author": "Pedro Teixeira", + "description": "HTTP server mocking and expectations library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/nock@13.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/nock/nock.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nock/nock#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nock/nock/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nock/-/nock-13.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c80c937dd78d24618117159dcd2282058c6ce45c4b6c28395f94387adb3def885c4331b5faa0b1bc8c8ea388f6472e8c52585654c5f83a860379f008230ba98f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nock" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-safe", + "version": "5.0.1", + "bom-ref": "json-stringify-safe@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSON.stringify, but doesn't blow up on circular refs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-safe@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/json-stringify-safe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-safe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642960e80698bda9af60413cd9ddc8c9ddef49222343ea1d823693cd1b8edeceeda0274529cce86f68b4cc287b244f245a7d7bcaf016854571bea1b051a96c44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stringify-safe" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "propagate", + "version": "2.0.1", + "bom-ref": "propagate@2.0.1", + "author": "Pedro Teixeira", + "description": "Propagate events from one event emitter into another", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/propagate@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nock/propagate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/nock/propagate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/nock/propagate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/propagate/-/propagate-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bc6ae139abcf493cf841536e04d75c35778f35d34c68ed718fdc81787d527103e393fae183db129425cf84c905b9a34d5bfb324ef62ab276c82713017d16db6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/propagate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sinon", + "version": "16.1.3", + "bom-ref": "sinon@16.1.3", + "author": "Christian Johansen", + "description": "JavaScript test spies, stubs and mocks.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sinon@16.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/sinon.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sinonjs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/sinonjs/sinon/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sinon/-/sinon-16.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a39d659ecb17007fd9c2d1b5dc3e6883badfa813c1d8ae275337305b17df006152e65b0191a76212129ca161f946d627c82d3f9e367dc198a5093f18d750f94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "3.0.1", + "bom-ref": "@sinonjs/commons@3.0.1", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b79821ca43db1587ca350bd731930c5a3a65e800c943c42d666321eb8ea39611c06362befab7deb32f6ce58f9754199dc74b0db8d17d6a807dcc8dfd72256a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "10.3.0", + "bom-ref": "@sinonjs/fake-timers@10.3.0", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@10.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578046d3b92e6125244c24811c6f06f1336133e175f635c55a742dce3fb07bc0eb92948109e7bd67732cf328867abfdd96685edf9fd7760ca8dffd2b40a83b60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "samsam", + "group": "@sinonjs", + "version": "8.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0", + "author": "Christian Johansen", + "description": "Value identification and comparison functions", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/samsam@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/samsam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sinonjs.github.io/samsam/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/samsam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "069f0a51594ba7c89b259ae7bead9fa1584fd08557d82229acc24f2b4bea1aa82b0dad0e1d529e67207292ab2492b77157ac8a04f9866ac3bc2d58c0291dc67b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.get", + "version": "4.4.2", + "bom-ref": "lodash.get@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.get` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.get@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfe530fef2eecba8107bc71f685583ee9d3056ff1f265de66f35e1df7452fb4a16db0bd4aa2457890ebd80b5922e9801e7feac53eafa065411d0c0482da76a4d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.get" + } + ] + }, + { + "type": "library", + "name": "nise", + "version": "5.1.9", + "bom-ref": "nise@5.1.9", + "description": "Fake XHR and server", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/nise@5.1.9", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/sinonjs/nise.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/nise#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/nise/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/nise/-/nise-5.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8e9e8ba35b8495e9ee34758c4939bdeebeea0f1ed98bcc89384c5a3e8f48cf2680bee59f718dae6a1f9259a1b10fb1af3e618a6132b392c27aec844846daac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-encoding", + "group": "@sinonjs", + "version": "0.7.2", + "bom-ref": "@sinonjs/text-encoding@0.7.2", + "author": "Joshua Bell", + "description": "Polyfill for the Encoding Living Standard's API.", + "licenses": [ + { + "expression": "(Unlicense OR Apache-2.0)" + } + ], + "purl": "pkg:npm/%40sinonjs/text-encoding@0.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/text-encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/text-encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/text-encoding/-/text-encoding-0.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b175ca1beb8bf48acaa95893b5aa365ace9dcb4ce7bbdb0e68fd5d8bf8ca196d4ce95b2c3bcbe5a5709072967e8e2b10d6d4c5002e49a3f10ecc56e08016a015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/text-encoding" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-extend", + "version": "6.2.0", + "bom-ref": "just-extend@6.2.0", + "author": "Angus Croll", + "description": "extend an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-extend@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/just-extend/-/just-extend-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "718a1f42ed97a689bcd92eaa0fbefc8c10e9c2fbf2dfdb3597f86b6228f6bbd00c750706469681bba918e26561ba7a39909562d43033e1a8a9840d96235fce03" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/just-extend" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "stdout-stderr", + "version": "0.1.13", + "bom-ref": "stdout-stderr@0.1.13", + "author": "Jeff Dickey @jdxcode", + "description": "mock stdout and stderr", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stdout-stderr@0.1.13", + "externalReferences": [ + { + "url": "git+https://github.com/jdxcode/stdout-stderr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jdxcode/stdout-stderr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stdout-stderr/-/stdout-stderr-0.1.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e7b7dfc71c761f8d9ecd7902efb900f22f52e76ec6dd760305282b9a40ac0609d266f0b9ecb59217a29fae398dfa511d545d7a075df31b0b52a555d55dd892c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stdout-stderr" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abort-controller", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/abort-controller@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "A simple abort controller library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/abort-controller@3.0.0#packages/abort-controller", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/abort-controller", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/abort-controller", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/abort-controller/-/abort-controller-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7a1a514606df4ae0c60bbbbd98b89e76dcd551e00f281e50b933624ee8e990a8df2401cfee87526a2c4f858b34e892b4891a0d024af0be06bb261b32adb1928" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/abort-controller" + } + ] + }, + { + "type": "library", + "name": "express", + "group": "@types", + "version": "4.17.21", + "bom-ref": "@types/express@4.17.21", + "description": "TypeScript definitions for express", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express@4.17.21#types/express", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a394f337d79ab02e96909500d38cf76c50549ce99b0fe0037a0255a7a203e343b0958bb3d8177615cfe098de3136a7061fec4ffb1e50c0374ad5d86c531b41d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "group": "@types", + "version": "1.19.5", + "bom-ref": "@types/body-parser@1.19.5", + "description": "TypeScript definitions for body-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/body-parser@1.19.5#types/body-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/body-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/body-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c1dd9bbddae71abb4890d0930215013b6ff76ff0eb74ecd23729a64890850d5eaf3693878102a51a9de5df95e198f495ac91e4bdcbebb49d7332b2972e42b0a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/body-parser" + } + ] + }, + { + "type": "library", + "name": "connect", + "group": "@types", + "version": "3.4.38", + "bom-ref": "@types/connect@3.4.38", + "description": "TypeScript definitions for connect", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/connect@3.4.38#types/connect", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/connect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/connect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bab9139fd4b0fcf2e0d0a890a4b40e32ccbd586002ba3607ec234bff9938323ca5ac5f50a72745cf48385589e8ebbb519c4642d66fc465cc560946a1946daba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/connect" + } + ] + }, + { + "type": "library", + "name": "express-serve-static-core", + "group": "@types", + "version": "4.19.0", + "bom-ref": "@types/express-serve-static-core@4.19.0", + "description": "TypeScript definitions for express-serve-static-core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/express-serve-static-core@4.19.0#types/express-serve-static-core", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/express-serve-static-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express-serve-static-core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.19.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c6c9ea7726a3c246bcb5c2af8ee67ee88818065a67882573e35d70a8f042b4bbc76e6464986abedc1aa77730bd8952c2c6781edf99cd3a298a3d7cb196a8fbd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/express-serve-static-core" + } + ] + }, + { + "type": "library", + "name": "qs", + "group": "@types", + "version": "6.9.15", + "bom-ref": "@types/qs@6.9.15", + "description": "TypeScript definitions for qs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/qs@6.9.15#types/qs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/qs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/qs/-/qs-6.9.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b971d02844ba0d028a08b878e355effddc313aad53552dc93d432512aa04825be5851e8cc6795ec3f5eafcb4551e92f293b88adf33837b5a981c8325b4eed71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/qs" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "group": "@types", + "version": "1.2.7", + "bom-ref": "@types/range-parser@1.2.7", + "description": "TypeScript definitions for range-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/range-parser@1.2.7#types/range-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/range-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/range-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84aa2b9896e426acd01a1ce26b1e4f22d0d44cc00cf6e1365d7426337eddc9de2154cfb969597ba15c4c554895427da809014dfcb28265dbd2334a4546a6d299" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "group": "@types", + "version": "0.17.4", + "bom-ref": "@types/send@0.17.4", + "description": "TypeScript definitions for send", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/send@0.17.4#types/send", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/send", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/send", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c7610ce9324ec9b79cedce76057d19b293e874cb1051de4be8f4703ae9d5c955215e205229fdc07b30cbf0382f82de68d147ca35fb80d1e30baf6c0b4f802204" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "group": "@types", + "version": "1.3.5", + "bom-ref": "@types/mime@1.3.5", + "description": "TypeScript definitions for mime", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mime@1.3.5#types/mime", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mime", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe9c8165648b0f69f475c1c4de1abcb3c66f7044c7b44b85fb713b5d5b74220da7bec5505dd8211d57049085a3cbd034c0a7d39fdedafcf48362884a2259cfff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "group": "@types", + "version": "1.15.7", + "bom-ref": "@types/serve-static@1.15.7", + "description": "TypeScript definitions for serve-static", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/serve-static@1.15.7#types/serve-static", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/serve-static", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/serve-static", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5bc626fa1f2786e47068a3da0f0df8414930b068ba45ce3262abca168e6b9b61541210856f3556af15d4c6e28af130128d6b32b096349ec98d086842388b2b3b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/serve-static" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "group": "@types", + "version": "2.0.4", + "bom-ref": "@types/http-errors@2.0.4", + "description": "TypeScript definitions for http-errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-errors@2.0.4#types/http-errors", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-errors", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-errors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f408530cb7275b2407a0ccec878ed88a3cb96f9e6de24d9c994526682eada64610dd98b7c858e0983df409e1cbb67ab2a0854fbe42f8dc523a7fe61ee1112a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-errors" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "group": "@types", + "version": "11.0.4", + "bom-ref": "@types/fs-extra@11.0.4", + "description": "TypeScript definitions for fs-extra", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/fs-extra@11.0.4#types/fs-extra", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/fs-extra", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-11.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c936c8b4236b791a28103df7aa3ba73ed8517128c444fd6be0ca8265cef0bf4bb6b149334c5a78e6d8147d2e7eafb16b64f76608235f94b85548ffe8f927a6b1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "group": "@types", + "version": "6.1.4", + "bom-ref": "@types/jsonfile@6.1.4", + "description": "TypeScript definitions for jsonfile", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jsonfile@6.1.4#types/jsonfile", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jsonfile", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jsonfile", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jsonfile/-/jsonfile-6.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f9a86518c23be734d7b1b5d539f7ff9f23eb299f0b53166c903f487e3df20e4a435fa54e803880943a49b88b43a74a4f8dca374f26bc420eba34b09b16951a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jsonfile" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "group": "@types", + "version": "4.0.3", + "bom-ref": "@types/get-installed-path@4.0.3", + "description": "TypeScript definitions for get-installed-path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/get-installed-path@4.0.3#types/get-installed-path", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/get-installed-path", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/get-installed-path/-/get-installed-path-4.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5deea74eebca3b776e98cb29b267f57b092b7bce5f866426335c88bf67e4c99458a9753538d6001fd6f61cc0e2ca43ef76315485eb9de298b3044a48eede8e53" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "jest", + "group": "@types", + "version": "29.5.12", + "bom-ref": "@types/jest@29.5.12", + "description": "TypeScript definitions for jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/jest@29.5.12#types/jest", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/jest/-/jest-29.5.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7830bc6d3bd3fd0858771240ba542292e7a2818e40b1d0511f6c83296df2bde5bbb2f637f83ccdf38ff6354824c35d114e225b5aa66b4eda0655d625bc525d2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/jest" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "29.7.0", + "bom-ref": "expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@29.7.0#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9992cd217f554b15823591b8742398cfdca1c7c821e991fc87073b125d116097f060f665987cc5bca03f8f74c3e5130cb91cdb11f49bad632ea931e3a1eb59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect-utils@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@29.7.0#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5b0d0568854050958bd4154b1edfe4080c78bc5ef58082b393ee3f63b62dd8c3000f0987d797ee503526aff1757c3759bde1caf94535f6487dc45eb52cd870" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "29.6.3", + "bom-ref": "jest-get-type@29.6.3", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@29.6.3#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cebb5e5e7a98c5f421ee5e451f22f7f232f7f5d8bc1fcac7a1e70b1f724dc47dc1c0eac1b0d79a6dd6a9e5ed08db7943e071c8f16e5514166a1b811aab92cd73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "29.7.0", + "bom-ref": "jest-matcher-utils@29.7.0", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@29.7.0#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b01903f978bd0ed70286c2372f7bb4f8dd28a603d89c244fb4671062b817991fa19adfdf61f5802f4c515d853c79639d7ee2e005ed18096dc016d9d12da82afe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "29.7.0", + "bom-ref": "jest-diff@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@29.7.0#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cc220888ae18a098faecd37247a71521db22122b7bcb14f900a1d3dea34f81b85ef003616841b904835bbc8016014e19dcbbb7b5a040d47c85d5b93a8b4548f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "29.6.3", + "bom-ref": "diff-sequences@29.6.3", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@29.6.3#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12378f2b5b2b0f73f4f28da3e1fd04c67ca5a91b3907db498dca7db7592b1f6a918bc08276c61fc1ef498122eeac5056c2ae2e3a58a9cdf9397c736fc052abf1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "29.7.0", + "bom-ref": "pretty-format@29.7.0", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@29.7.0#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3dd970fe83f137e69776633d474d09542f56545a022d3289bc354b82627ea807df04cc6c57ce65fcbbbbb0dc78cd2ccfca82f67ae226b84c0784e5dd12034565" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "29.7.0", + "bom-ref": "jest-message-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@29.7.0#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "181115e064400de3feaad076fbabbad6cb5e6bc98670e4f8982b6b608499c1fbbdfc8487149ff9cce31761ba4113d46c4b9f866fadc35b81609a7289efd29feb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/types@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@29.6.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb750fb088a558a38cdc5f425edac6f0b10998dc70a02402fd7563e082985efbe9c7b4088bf2a0d4b239b83983a4a95a73ad8d52d5fb78b8d187e8d565c2cecf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "29.7.0", + "bom-ref": "jest-util@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@29.7.0#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cfa11b29a8c8a6a18a539eb2e4a054832d5db758a18502605b352564702b03ff97d9a77b09be6217e00ad445952ff068ed1cfdbaeae9ab0e9288109e7d46c218" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/schemas@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@29.6.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a8e63e57fa321998942f78129e4bf72502e7a2a55eca8225f5bcc802c5a9b544d622a84d70eb69f4fed2499c7b635bc647710728e6063ce630379a2d0bfa748" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.27.8", + "bom-ref": "@sinclair/typebox@0.27.8", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.27.8", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f858f8de948cc09b38291ac7ffddfc51ffae0042c881506643383fab5606d74763c9f0374e7ad4f0df17cea0a1fe891976ccea0504d97fdea274c7c4e659f04c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "group": "@types", + "version": "4.0.9", + "bom-ref": "@types/js-yaml@4.0.9", + "description": "TypeScript definitions for js-yaml", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/js-yaml@4.0.9#types/js-yaml", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/js-yaml", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-4.0.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9383066909794c6a3f8a2a6a6f65031b65308d7ce2496921d2ecac41e953949a57d6a1a5a546589bc3e73b80f11b5a81a26b4951d609eaa47ac5d21a875d092e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mocha", + "group": "@types", + "version": "10.0.6", + "bom-ref": "@types/mocha@10.0.6", + "description": "TypeScript definitions for mocha", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mocha@10.0.6#types/mocha", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mocha", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "749beb616c4ffd47179b7e909f7e9fc6150abbc03fc4c457553d9c962145d59ed403d9621b93ec8f77b3352670fb9a6e1f67330d744b7174317fc25b26dd1e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mocha" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "group": "@types", + "version": "4.13.4", + "bom-ref": "@types/mock-fs@4.13.4", + "description": "TypeScript definitions for mock-fs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mock-fs@4.13.4#types/mock-fs", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mock-fs", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mock-fs/-/mock-fs-4.13.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "99798cd28ea550b3c8f33dd7367402a4bd011b13f0c75525d705d810f04697879f4a1cb15b64659f424e3c4586c9969864c33a3955ccff5e7352e14c639da58e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "undici-types", + "version": "5.26.5", + "bom-ref": "undici-types@5.26.5", + "description": "A stand-alone types package for Undici", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/undici-types@5.26.5", + "externalReferences": [ + { + "url": "git+https://github.com/nodejs/undici.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://undici.nodejs.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/undici/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26508c3be7a174420aaa517193a21f568014566833edc53bcc3fe1f57674ab37a8b121e650954ecd242fbd84985979055c2f887cb29221f7e1bf4b1566ea7aa4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/undici-types" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "group": "@types", + "version": "1.3.3", + "bom-ref": "@types/objects-to-csv@1.3.3", + "description": "TypeScript definitions for objects-to-csv", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/objects-to-csv@1.3.3#types/objects-to-csv", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/objects-to-csv", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/objects-to-csv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/objects-to-csv/-/objects-to-csv-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0be7cc752da02beacd51ce620231ff778cfea0d6b272d06ba45e46f433b84a9a81efcc06fd3929d917c8f3fe9a29ffd1f8b39a0117106b14371bfe9498083c19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "group": "@types", + "version": "4.2.3", + "bom-ref": "@types/prompt-sync@4.2.3", + "description": "TypeScript definitions for prompt-sync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/prompt-sync@4.2.3#types/prompt-sync", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/prompt-sync", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/prompt-sync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/prompt-sync/-/prompt-sync-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b1efb8024b1d18c9e6a41adfea7ce6544853524a2fac877001a063a20b088ed8a383c78f760499d49bda085d2f801c9b6aa75da233845db98eaf89327d6d8c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "tmp", + "group": "@types", + "version": "0.2.6", + "bom-ref": "@types/tmp@0.2.6", + "description": "TypeScript definitions for tmp", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/tmp@0.2.6#types/tmp", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/tmp", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/tmp/-/tmp-0.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72185a35fda82879519031adfad88a136679689eaa6a59bb67dae52dd07098e88001fd3d610befa0b5e358ae0758f175c54fdfaaf3207cd7e956806c700fed28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/tmp" + } + ] + }, + { + "type": "library", + "name": "uuid", + "group": "@types", + "version": "9.0.8", + "bom-ref": "@types/uuid@9.0.8", + "description": "TypeScript definitions for uuid", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/uuid@9.0.8#types/uuid", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/uuid", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0fbdec4188718f4018724945a68f5607ad283b2b4e06d18d0e4cb208e1fc340a1059740edc91aff5423b20f54f647530d7963cafeeec9a068650d99ca0407c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/uuid" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@7.12.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/eslint-plugin", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec5f757dc6ee0dffdddd2f28db5fabdd99dc18891effe7969341293b6d4b5e10df2da86b89917d0868f87db01eb448e56817637529bd6ba55e5dba5b4fa678d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "group": "@eslint-community", + "version": "4.10.0", + "bom-ref": "@eslint-community/regexpp@4.10.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/regexpp@4.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aef7a49dd81cbd982353c768b228e9aad74bf6da351542fd25427946372d7aa04f79f3dc84f900033dbacc182900e7570a6528373eefda4c955319f2ffaa350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/parser@7.7.1", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@7.7.1#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be63f304e3adcf8f05e89006552fe46589381245daa3a886ac3f37f2ca75c37350402d16f2bcbfabae35294e0fac6ec028d01fe7a34e711f063a91fc97d14f0b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/scope-manager@7.7.1", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.7.1#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f2b4189fd9217ef52a4450aca7627e60d511c575d254732ca71a9ced5f797f8a4eca99912fd7d5823215019075cf53d7acfd55860f7ff3837c20f74f83876ac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/types@7.7.1", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.7.1#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0263e69c65b564b4e959afbfda898facf7d1ec171b514e2885ae5521b49b4b56b54eff7ae9b925bcb357c69de6adb73e3f68f830d3937c37df36c938a3473aff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/visitor-keys@7.7.1", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.7.1#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8012f712adb9b800f0d4b43d915a5fde144cf835b3b34b999271d82b786ae237133ea5420a51c60e707a514515d9215e05e0382961d66db2ea99b19c6781586f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.7.1", + "bom-ref": "@typescript-eslint/typescript-estree@7.7.1", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.7.1#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.7.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0977b4247097aeef056b7e9db5e5ea987d98c6780a2639102e3c73a23e8b630cd9eea66f82c2d273e7aa22d0aba88a29f1597650aa008b44ad556bbdec541921" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-api-utils", + "version": "1.3.0", + "bom-ref": "ts-api-utils@1.3.0", + "author": "JoshuaKGoldberg", + "description": "Utility functions for working with TypeScript's API. Successor to the wonderful tsutils. 🛠️️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-api-utils@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/JoshuaKGoldberg/ts-api-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshuaKGoldberg/ts-api-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "510308a3ba5bf1646898a475ffe30554b4eba08bc356d317dcae8e522afcca72f2cc1f097ab8a89edd9b4c0b6634f6b57a402037b60f0f27fa57eca0add53e79" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-api-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "3.4.3", + "bom-ref": "eslint-visitor-keys@3.4.3", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@3.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2973e2d77a2ca28acc4f944914cd4eacbf24b57eb20edcc8318f57ddcbb3e6f1883382e6b1d8ddc56bf0ff6a0d56a9b3a9add23eb98eb031497cfdad86fa26a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "8.57.0", + "bom-ref": "eslint@8.57.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@8.57.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "759ebe99ec6769321b481656828bb9d54e8e9b322160cd9570d76d893b48eea3cd666df9024a6bd1feafb70df0d4a9a7e4f628fad6557e1d775ab8694baa0ba9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0", + "description": "Type utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/type-utils@7.12.0#packages/type-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/type-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9626fdeadc91b4c84bc706ae0d6529fee5b714c84b03a0f4ac9f13ec7987ef1db71a4d46c30bbc519f7834c5c1bce10b9fa7e548f881ac22a57a19225f26aac0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "utils", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0", + "description": "Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/utils@7.12.0#packages/utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63a861c31c03c78d473698ee62cc18a7a8036e4899f078a7f417f9689427d5ba53b3769f618e065fe30f63199af23b68215d864704ccfd4266ff6b86095bfe0d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "group": "@eslint-community", + "version": "4.4.0", + "bom-ref": "@eslint-community/eslint-utils@4.4.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint-community/eslint-utils@4.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint-community/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint-community/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d7fb00e1dc2bcc1032794a10ea8c5a8472a6ad9bec9cb0a0e117f15b76451869909123503c534b57d09410540fd71f446171d3a39a7ac5d85933535ef69fc07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint-community/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graphemer", + "version": "1.4.0", + "bom-ref": "graphemer@1.4.0", + "author": "Matt Davies", + "description": "A JavaScript library that breaks strings into their individual user-perceived characters (including emojis!)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/graphemer@1.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/flmnt/graphemer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/flmnt/graphemer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/flmnt/graphemer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/graphemer/-/graphemer-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12d2b0a0eea4c422fd58ee718a98874d9952cc19bb58b4fadbb4ea0bfb9545dd072a6abc357c9e6e7358c43a018bbc2df1e4d6ad4aca5c2395685abdc759206a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/graphemer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accurate-search", + "version": "1.2.15", + "bom-ref": "accurate-search@1.2.15", + "author": "Florin Mirel Dumitrescu", + "description": "The fastest and most accurate javascript full-text search library. Accurate search uses match distance algorithm to return the accurate order of the matching items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/accurate-search@1.2.15", + "externalReferences": [ + { + "url": "git+https://github.com/florind9/accurate-search.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://accuratesearch.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/florind9/accurate-search/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accurate-search/-/accurate-search-1.2.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2356977547875158d69468d26c177c35a304fc2414f78d87dad1cc12e6797adff16f9da60e18a421e6c08bdb9f12801ef25c331eb6c29784797ae099f0aff07c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accurate-search" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "8.16.0", + "bom-ref": "ajv@8.16.0", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@8.16.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ajv.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-8.16.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "174b7047c535654ebb24812d7a451c2e45e4a0ee6630c9a0183f2c2bfc5417327cd398f11d097dda1226140aaa5ccc8c62348f3b250f0301d8841ef6839b135f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ajv" + } + ] + }, + { + "type": "library", + "name": "fast-deep-equal", + "version": "3.1.3", + "bom-ref": "fast-deep-equal@3.1.3", + "author": "Evgeny Poberezkin", + "description": "Fast deep equal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-deep-equal@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/fast-deep-equal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/fast-deep-equal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f7a90f68432f63d808417bf1fd542f75c0b98a042094fe00ce9ca340606e61b303bb04b2a3d3d1dce4760dcfd70623efb19690c22200da8ad56cd3701347ce1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-deep-equal" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "1.0.0", + "bom-ref": "json-schema-traverse@1.0.0", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34cf3f3fd9f75e35e12199f594b86415a0024ce5114178d6855e0103f4673aff31be0aadaa9017f483b89914314b1d51968e2dab37aa6f4b0e96bb9a3b2dddba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-schema-traverse" + } + ] + }, + { + "type": "library", + "name": "require-from-string", + "version": "2.0.2", + "bom-ref": "require-from-string@2.0.2", + "author": "Vsevolod Strukchinsky", + "description": "Require module from string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-from-string@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/require-from-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/require-from-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dfd2759ee91b1ece214cbbe029f5b8a251b9a996ae92f7fa7eef0ed85cffc904786b5030d48706bebc0372b9bbaa7d9593bde53ffc36151ac0c6ed128bfef13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-from-string" + } + ] + }, + { + "type": "library", + "name": "uri-js", + "version": "4.4.1", + "bom-ref": "uri-js@4.4.1", + "author": "Gary Court", + "description": "An RFC 3986/3987 compliant, scheme extendable URI/IRI parsing/validating/resolving library for JavaScript.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/uri-js@4.4.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/garycourt/uri-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/garycourt/uri-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/garycourt/uri-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eeb294cb2df7435c9cf7ca50d430262edc17d74f45ed321f5a55b561da3c5a5d628b549e1e279e8741c77cf78bd9f3172bacf4b3c79c2acf5fac2b8b26f9dd06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/uri-js" + } + ] + }, + { + "type": "library", + "name": "punycode", + "version": "2.3.1", + "bom-ref": "punycode@2.3.1", + "author": "Mathias Bynens", + "description": "A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/punycode@2.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/punycode.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/punycode", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/punycode.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8b7b503d54f5683ad77f2c84bb4b3af740bbef03b02fe2945b44547707fb0c9d712a4d136d007d239db9fe8c91115a84be4563b5f5a14ee7295645b5fabc16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/punycode" + } + ] + }, + { + "type": "library", + "name": "form-data", + "version": "4.0.0", + "bom-ref": "form-data@4.0.0", + "author": "Felix Geisendörfer", + "description": "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data@4.0.0", + "externalReferences": [ + { + "url": "git://github.com/form-data/form-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/form-data/form-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/form-data/form-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1131249521a2e6dd10319ba25e803f43abdc9f170b40fe6f76e812a6e0328ba4951a2d9c94f3e9fb180486e31a1c2fb31a09f7d4a776df95b7e5fec7ca491ac3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data" + } + ] + }, + { + "type": "library", + "name": "proxy-from-env", + "version": "1.1.0", + "bom-ref": "proxy-from-env@1.1.0", + "author": "Rob Wu", + "description": "Offers getProxyForUrl to get the proxy URL for a URL, respecting the *_PROXY (e.g. HTTP_PROXY) and NO_PROXY environment variables.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-from-env@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/Rob--W/proxy-from-env.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Rob--W/proxy-from-env/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fece439109b03d7f5b5d5912b445a091dc63efe7470cc5caf3e17f24e4b4d2503d43930e3b98a24465036e9c8b514e45b082d6944a8d515454481bd65788562" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-from-env" + } + ] + }, + { + "type": "library", + "name": "assertion-error", + "version": "1.1.0", + "bom-ref": "assertion-error@1.1.0", + "author": "Jake Luer", + "description": "Error constructor for test and validation frameworks that implements standardized AssertionError specification.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/assertion-error@1.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/assertion-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/assertion-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/assertion-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/assertion-error/-/assertion-error-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8e0b1a35dbb3fa776f1b216ddee4ae5aabf2e250a72098a8beda2e40de4964738a092d90ba111d6dc407161564b33d8dd94f615c9a3ca1d1bb113c969447ae0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/assertion-error" + } + ] + }, + { + "type": "library", + "name": "check-error", + "version": "1.0.3", + "bom-ref": "check-error@1.0.3", + "author": "Jake Luer", + "description": "Error comparison and information related utility for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/check-error@1.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/check-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/check-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/check-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88a1280d869199dd66c4cf746b63847d6863b233e960fb90fa5318b28c41d76ebeb7c7f0ef24843b8f2798383908e4e3c4323ae7f636396a5e10793764e7bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/check-error" + } + ] + }, + { + "type": "library", + "name": "get-func-name", + "version": "2.0.2", + "bom-ref": "get-func-name@2.0.2", + "author": "Jake Luer", + "description": "Utility for getting a function's name for node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-func-name@2.0.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/get-func-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/get-func-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/get-func-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2f5cebee135ebb0ad21cdcec88b5ca3b37f76946d05b60eb0fb170b3ed7fcf3279468d88d21ae64980cd58ee699ec3b04a7fd06abcb5f6b67395cb504152cc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-func-name" + } + ] + }, + { + "type": "library", + "name": "deep-eql", + "version": "4.1.3", + "bom-ref": "deep-eql@4.1.3", + "author": "Jake Luer", + "description": "Improved deep equality testing for Node.js and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-eql@4.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/deep-eql.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/deep-eql#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/deep-eql/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "59a12d00ea51035310d1ea21a998e9183f33748d0ebec9bc9a616168337c76f0d9cf2a1431c6039dfe58ea2bbb1d35f17fc2434b6dea59ae1afa12820f238fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-eql" + } + ] + }, + { + "type": "library", + "name": "loupe", + "version": "2.3.7", + "bom-ref": "loupe@2.3.7", + "author": "Veselin Todorov", + "description": "Inspect utility for Node.js and browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/loupe@2.3.7", + "externalReferences": [ + { + "url": "git+https://github.com/chaijs/loupe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/loupe", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/loupe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/loupe/-/loupe-2.3.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cd230834655891da5848e0662e2d03d54a3b254f6755d40aac7c42f1e62557ef5828af5678fa8094bee54a5a2b1bf536170d70d214c199a6bf8eb43751b3c7b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/loupe" + } + ] + }, + { + "type": "library", + "name": "pathval", + "version": "1.1.1", + "bom-ref": "pathval@1.1.1", + "author": "Veselin Todorov", + "description": "Object value retrieval given a string path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pathval@1.1.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/chaijs/pathval.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chaijs/pathval", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chaijs/pathval/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e9eb31aaa537444dd47ade57a12583de20eaa988d04db5cec1a5648bace8deed4688b04e5a63ddabfc0ba7400eebb17bdeb7796b277267657dbd50f4ca5f229" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pathval" + } + ] + }, + { + "type": "library", + "name": "colors", + "version": "1.4.0", + "bom-ref": "colors@1.4.0", + "author": "Marak Squires", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colors@1.4.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/Marak/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Marak/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Marak/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6be52a4e1e2481983f4a51af7dbcc31e9811bbb00040e9a6a911c99f185164808a1544fdd5bad584d36de7c08c594f4fb016efdcf0c26541db571b83887da6b4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colors" + } + ] + }, + { + "type": "library", + "name": "csv-parse", + "version": "4.16.3", + "bom-ref": "csv-parse@4.16.3", + "author": "David Worms", + "description": "CSV parsing implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-parse@4.16.3", + "externalReferences": [ + { + "url": "git+https://github.com/wdavidw/node-csv-parse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/parse/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wdavidw/node-csv-parse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-parse/-/csv-parse-4.16.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "70ed48ff39b3e30d9d70a1d5be90abec9551bbcfc5ca61b9384a66bec65895c718a253c12e85462941e03687386469057859561840e633204cf934ea45d5bfc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-parse" + } + ] + }, + { + "type": "library", + "name": "dotenv", + "version": "16.4.5", + "bom-ref": "dotenv@16.4.5", + "description": "Loads environment variables from .env file", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/dotenv@16.4.5", + "externalReferences": [ + { + "url": "git://github.com/motdotla/dotenv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/motdotla/dotenv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/motdotla/dotenv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66674bdabba2f9e07663086c5b38c89d1f0b95db591c60e8435ba01fce69a472b0a541cbee3eeb3744e2f4d0a71a241b85a675d45a51fbb6a8d5d36c99db8d52" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dotenv" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif-typescript", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3", + "author": "oclif", + "description": "eslint config for Typscript'd oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif-typescript@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif-typescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif-typescript/-/eslint-config-oclif-typescript-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4de24a5d6050dee28cb73833fbe505356a5ed560b1f267ea46ecd9cb52e2ad112046556feb9e929151b880d65ab79ad13484207c39934be61e6f12b4da47f294" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "experimental-utils", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0", + "description": "(Experimental) Utilities for working with TypeScript + ESLint together", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/experimental-utils@4.33.0#packages/experimental-utils", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/experimental-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cde4233a8112e491634e7021239418ed9be27333330e9b65b35e4616c23a8f250eab490e7fdf96a27921b652218744601d19ea8f981d3715b98f512f032620e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema", + "group": "@types", + "version": "7.0.15", + "bom-ref": "@types/json-schema@7.0.15", + "description": "TypeScript definitions for json-schema", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json-schema@7.0.15#types/json-schema", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/json-schema", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/json-schema", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7e7cff0ff0c14d0be0326420f1ac1da991914f1b3a90594ce949ebae54bbe6f1531ca2b3586af06aa057312bc6d0cf842c6e7e2850411e9b8c032df732b061c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tsutils", + "version": "3.21.0", + "bom-ref": "tsutils@3.21.0", + "author": "Klaus Meinhardt", + "description": "utilities for working with typescript's AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsutils@3.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/ajafff/tsutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajafff/tsutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajafff/tsutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsutils/-/tsutils-3.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "98728ade25172fedd417ac4be64d0f12129150128f042bfff919043a98d15b1c71dbb28a4419a603ad00f6980e52f322f062a144c3c49a30513f3b365bb3b538" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esrecurse", + "version": "4.3.0", + "bom-ref": "esrecurse@4.3.0", + "description": "ECMAScript AST recursive visitor", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esrecurse@4.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esrecurse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esrecurse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esrecurse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a67ca2f76fa1be457bcff0dd6faf74ead642ffa021609f63585c4b6a3fcfcbde929aa540381bc70555aa05dd2537db7083e17ca947f7df8a81e692d8bafd36a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esrecurse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "3.0.0", + "bom-ref": "eslint-utils@3.0.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae402e3720672dc3af29240d5181b412f3f34feeb721e82c1de23dd906d828e3ff05963e1e184ed96126513778aae69554bfa18f756e59d511657a8f38b8b0c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "highlight", + "group": "@babel", + "version": "7.24.2", + "bom-ref": "@babel/highlight@7.24.2", + "author": "The Babel Team", + "description": "Syntax highlight JavaScript strings for output in terminals.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/highlight@7.24.2#packages/babel-highlight", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-highlight", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-highlight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "61a7356a8e1f9644f14ed7820d92c4bddc60d9f65fcf5bfc338429686ca9abf58f0ea8378a31d86c37ecf8b1b986fcd2a2a69267dfd9f652923f70a3663bfea4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight" + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "13.24.0", + "bom-ref": "globals@13.24.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@13.24.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0213b9414723f2596b6c6d3d89684f536076d38275c673de2fc910995a2b4accbe4a38f5b24f2023287a714a1c1a61f82f452e840272fa124c440e26800e2615" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "doctrine", + "version": "3.0.0", + "bom-ref": "doctrine@3.0.0", + "description": "JSDoc parser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/doctrine@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/doctrine.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/doctrine", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/doctrine/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c92f90e62de105fec6064778286f1aede04d3563462d3684c306165228c860cef3ae56033340455c78e33d6956675460ed469d7597880e68bd8c5dc79aa890db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/doctrine" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "enquirer", + "version": "2.4.1", + "bom-ref": "enquirer@2.4.1", + "author": "Jon Schlinkert", + "description": "Stylish, intuitive and user-friendly prompt system. Fast and lightweight enough for small projects, powerful and extensible enough for the most advanced use cases.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enquirer@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/enquirer/enquirer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/enquirer/enquirer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/enquirer/enquirer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad1a8983fea0779dfc547bd1dcf4ab75105bff5572d987f31eacef6e11884290d12886b816057fe786f9435c584b138ec0abe35f0792dba13443e9c0330a76a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enquirer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-colors", + "version": "4.1.1", + "bom-ref": "ansi-colors@4.1.1", + "author": "Brian Woodward", + "description": "Easily add ANSI colors to your text and symbols in the terminal. A faster drop-in replacement for chalk, kleur and turbocolor (without the dependencies and rendering bugs).", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-colors@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/ansi-colors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/ansi-colors", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/ansi-colors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2685f46a919b1da50904d97ac85fa9e89005619ebaebf86108628de6df501636c940a514fe0f0c35b1436ef7eb80a5ef23542966994f3a7c08a3df655ff00098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ansi-colors" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn-jsx", + "version": "5.3.2", + "bom-ref": "acorn-jsx@5.3.2", + "description": "Modern, fast React.js JSX parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-jsx@5.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn-jsx.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn-jsx/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aeaf6cf893617f4202863b435f196527b838d68664e52957b69d0b1f0c80e5c7a3c27eef2a62a9e293eb8ba60478fbf63d4eb9b00b1e81b5ed2229e60c50d781" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-jsx" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esquery", + "version": "1.5.0", + "bom-ref": "esquery@1.5.0", + "author": "Joel Feenstra", + "description": "A query library for ECMAScript AST using a CSS selector like query language.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/esquery@1.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/estools/esquery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esquery/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esquery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esquery/-/esquery-1.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6102d7529940c09802c9d43bf08309cb064271ea2a935a07d3538445d48025cffb5360329708e14822c312dab083cd7589d212ffd7c85391a31bbdc882328c56" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esquery" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "esutils", + "version": "2.0.3", + "bom-ref": "esutils@2.0.3", + "description": "utility box for ECMAScript language tools", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/esutils@2.0.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/esutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/esutils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/esutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "915b1ca97938382a7af126747648042958baffc8a3df4d0a0564c9ab7d8ffdd61e5934b02b8d56c93c5a94dd5e46603967d514fcb5fd0fb1564a657d480631ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/esutils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "file-entry-cache", + "version": "6.0.1", + "bom-ref": "file-entry-cache@6.0.1", + "author": "Roy Riojas", + "description": "Super simple cache for file metadata, useful for process that work o a given series of files and that only need to repeat the job on the changed ones since the previous run of the process", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/file-entry-cache@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/royriojas/file-entry-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/royriojas/file-entry-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec6a6cfd75b299b2e4d902d82b8373a4c3ab623321748c57b88bf2d9006c2c4ea58eea1d2af7645acfdca72249dc25485691f43a2d47be0d68bdb3332dd14106" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/file-entry-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "functional-red-black-tree", + "version": "1.0.1", + "bom-ref": "functional-red-black-tree@1.0.1", + "author": "Mikola Lysenko", + "description": "A fully persistent balanced binary search tree", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/functional-red-black-tree@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/mikolalysenko/functional-red-black-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikolalysenko/functional-red-black-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76c28d40d763eb10374fe4250030c0ee6392957d2a88c20d8e7d1c82bf9e1871ac6d21f34da6dc228833dbea7f8aa3f55ece843ffb12d926ea1fe6eb1936ead2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/functional-red-black-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2665cc67ac2ebc398b88712697dca4cea3ba97015ba1fd061b822470668435d0910c398c5679f2eece47b0880709b6aad30d8cc8f843aa48535204b62d4d8f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/imurmurhash" + } + ] + }, + { + "type": "library", + "name": "json-stable-stringify-without-jsonify", + "version": "1.0.1", + "bom-ref": "json-stable-stringify-without-jsonify@1.0.1", + "author": "James Halliday", + "description": "deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results, with no public domain dependencies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-stable-stringify-without-jsonify@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/samn/json-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/samn/json-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d6e8cbe97bb40dce196e858f21475a43f92ee0728f54e4df72e3caad1ac72cdd93dfff2528b6bb77cfd504a677528dc2ae9538a606940bbcec28ac562afa3f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-stable-stringify-without-jsonify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "levn", + "version": "0.4.1", + "bom-ref": "levn@0.4.1", + "author": "George Zahariev", + "description": "Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/levn@0.4.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/levn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/levn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/levn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9b4f6b87e04e4b184ee1fe7ddebdc4bfb109495c2a48a7aca6f0e589e5e57afbaec3b2a97f2da693eea24102ddabcdfa1aff94011818710e2c7574cb7691029" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/levn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lodash.merge", + "version": "4.6.2", + "bom-ref": "lodash.merge@4.6.2", + "author": "John-David Dalton", + "description": "The Lodash method `_.merge` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.merge@4.6.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0aa63a97455beb6320ac5f5b3047f5d32b4bdae9542440ce8c368ecfa96efb0728c086801103c11facfd4de3e2a52a3f184b46540ad453fd852e872603ba321" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.merge" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "optionator", + "version": "0.9.3", + "bom-ref": "optionator@0.9.3", + "author": "George Zahariev", + "description": "option parsing and help generation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/optionator@0.9.3", + "externalReferences": [ + { + "url": "git://github.com/gkz/optionator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/optionator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/optionator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/optionator/-/optionator-0.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2630a8ca9a7e8ca9f5b6d105131c617ad08a789b7dce102002f7b91571e2c53bc50d6ff968492d5fd6ee7c128b45131d53b6cdb692df706bbde01ddc7442608e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "progress", + "version": "2.0.3", + "bom-ref": "progress@2.0.3", + "author": "TJ Holowaychuk", + "description": "Flexible ascii progress bar", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/progress@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/node-progress.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-progress#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-progress/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ecf887b4b965e4b767288330d74d08fbcc495d1e605b6430598913ea226f6b46d78ad64a6bf5ccad26dd9a0debd979da89dcfd42e99dd153da32b66517d57db0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/progress" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexpp", + "version": "3.2.0", + "bom-ref": "regexpp@3.2.0", + "author": "Toru Nagashima", + "description": "Regular expression parser for ECMAScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexpp@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/regexpp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/regexpp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/regexpp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6ad9b5a8f66543e379dbb6cdb01afd7b5cb88d2f26be1a4959f246832d5d99d3c8030ac1a99ca9fd04531ea6f5ae1c26f256f63b279a39f8156fa106e69492e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexpp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "table", + "version": "6.8.2", + "bom-ref": "table@6.8.2", + "author": "Gajus Kuizinas", + "description": "Formats data into a string table.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/table@6.8.2", + "externalReferences": [ + { + "url": "git+https://github.com/gajus/table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gajus/table#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gajus/table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/table/-/table-6.8.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c36b1fbfcd27ac08765426ea47900adbbc2cc1786a71c9360217e7356efa6de417b24199d55d761b04bfff26156b77777dcbc08a9d8e5276c30235b6937bfd7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/table" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37ef148ac0170c693c3c55cfe07033551f676df995277cd82c05a24c8a2a0b9bf98ac8a786bfabe6e68ef3eeebdc131fb8d22e7c8b00ed176956069c0b6712a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-table" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache", + "version": "2.4.0", + "bom-ref": "v8-compile-cache@2.4.0", + "author": "Andres Suarez", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache@2.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/zertosh/v8-compile-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zertosh/v8-compile-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1cc967376c01c107f82ecaa250548e68e016643e1ce73d8506d9e6bcd06a2777f060356a5aa7c4ce98b49e7901bb6e787628c212c6c91d0031b9f63ef3aee87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confusing-browser-globals", + "version": "1.0.10", + "bom-ref": "confusing-browser-globals@1.0.10", + "description": "A list of browser globals that are often used by mistake instead of local variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/confusing-browser-globals@1.0.10#packages/confusing-browser-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/create-react-app.git#packages/confusing-browser-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/create-react-app#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/create-react-app/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/confusing-browser-globals/-/confusing-browser-globals-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "80d95dff7972487c2e85a565b8950a2de3d88ab33740d08acd5c6a01d849208f7f5972955f93d447331526ca52d634ec952aa37ae1b828c5534a8ba2b7960f1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/confusing-browser-globals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-mocha", + "version": "9.0.0", + "bom-ref": "eslint-plugin-mocha@9.0.0", + "author": "Mathias Schreck", + "description": "Eslint rules for mocha.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-mocha@9.0.0", + "externalReferences": [ + { + "url": "git://github.com/lo1tuma/eslint-plugin-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lo1tuma/eslint-plugin-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-mocha/-/eslint-plugin-mocha-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77b92701c423d633c2cd97f771a781227dc19d6ea291cbdfcf4912a90a703d871518ba09579b33d25d0e241d8b47c23b76f4c36eaab5a15eb29614a0cc0d74ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ramda", + "version": "0.27.2", + "bom-ref": "ramda@0.27.2", + "author": "Scott Sauyet", + "description": "A practical functional library for JavaScript programmers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ramda@0.27.2", + "externalReferences": [ + { + "url": "git://github.com/ramda/ramda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://ramdajs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ramda/ramda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ramda/-/ramda-0.27.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b88b3d4e3426e2678877b141202069ddf685fc1df834547701763e556e2394590f4fef6a151ca3b47cbc3f3a27fb5c10a285f6f66b515c20b66182aa508ac8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ramda" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-node", + "version": "11.1.0", + "bom-ref": "eslint-plugin-node@11.1.0", + "author": "Toru Nagashima", + "description": "Additional ESLint's rules for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-node@11.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-node/-/eslint-plugin-node-11.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a14c2d3c9d56d12283d13afec2abbdd9ce71b82790a81de14821dab27fd982315d03d88318d90d7f6662f73b58ed7fa136e3226f6dcb346466ebeb8df8a2c4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-es", + "version": "3.0.1", + "bom-ref": "eslint-plugin-es@3.0.1", + "author": "Toru Nagashima", + "description": "ESLint plugin about ECMAScript syntactic features.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-es@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-plugin-es.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-plugin-es/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-es/-/eslint-plugin-es-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "194980b0968de0573b19bb65f2e38195aca8d83aa1c16bc4cf290c1d20991d4dd7749f8d4b3cd97158578775715f989ca90fa841d2046b05d7f31911de620599" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-oclif", + "version": "4.0.0", + "bom-ref": "eslint-config-oclif@4.0.0", + "author": "Jeff Dickey @jdxcode", + "description": "eslint config for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-oclif@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/eslint-config-oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/eslint-config-oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-oclif/-/eslint-config-oclif-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6d91441e0b7deb1c0849c5a19e0466087e50cbba6795daa0ffe172c1757841ffa17ff899f075c7bdc181d2be4c74254a9441286942ff09115901a7fcf30fb86" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.27.0", + "bom-ref": "eslint-config-xo-space@0.27.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.27.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.27.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6fc5235be9d0c8e921880355a48a6daa528fc84ed7472438d2e435368061cd57eef798317d91aba658aaf191c1a5a385db008b65a7b14d28e0ed1be6f7dbe3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.35.0", + "bom-ref": "eslint-config-xo@0.35.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.35.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.35.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f96c994cb594265bc4c45ac153f2ddc3c001fd2d1ddf1fb6e8941d0566dcaa283665a5a1d338a761c1e893e113e08a0f68471145fdc513d92322d3558c1c2702" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "helper-validator-identifier", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-validator-identifier@7.22.20", + "author": "The Babel Team", + "description": "Validate identifier/keywords name", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-identifier@7.22.20#packages/babel-helper-validator-identifier", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-identifier", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "638399fb2b656ad47c008fbc2997cab8be6eacaa7ba9ecb4f216b7d4bf1bdc1c1ec0902825a993cf2bf13d1ff90fe2a47490863eaffef13ba41c1958d74157f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-identifier" + } + ] + }, + { + "type": "library", + "name": "clean-regexp", + "version": "1.0.0", + "bom-ref": "clean-regexp@1.0.0", + "author": "Sam Verschueren", + "description": "Clean up regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-regexp@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SamVerschueren/clean-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SamVerschueren/clean-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/clean-regexp/-/clean-regexp-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19f8ac119109bf32ab9865a4bdf860cdccff06594dd5449ea83d95ead835e0e00e81a083d99fcf504bb19c067f9cfbe6687446edaf32efba754ff2114380f51f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-template-visitor", + "version": "2.3.2", + "bom-ref": "eslint-template-visitor@2.3.2", + "licenses": [ + { + "expression": "GPL-3.0-or-later OR MIT" + } + ], + "purl": "pkg:npm/eslint-template-visitor@2.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/futpib/eslint-template-visitor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/futpib/eslint-template-visitor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-template-visitor/-/eslint-template-visitor-2.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df2761a85a6e57bc7533d10ae7604f363e95d0ac2ed0a2a470801fa548701db47ca1c4659ffa141e07f142ea58f0ed61e10bff3ce1c3ba66ff070c0d7f16ed9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/eslint-parser@7.24.1", + "author": "The Babel Team", + "description": "ESLint parser that allows for linting of experimental syntax transformed by Babel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/eslint-parser@7.24.1#eslint/babel-eslint-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#eslint/babel-eslint-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/eslint-parser/-/eslint-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77982ebb33253de0df6486e943cfa0d4d68236e00604118d1028741d5ab3d6c8ce7952e1d8211a89fb8ecac087d7c5115ba47ba6a5c836f7f93da47f742ea32d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope-5-internals", + "group": "@nicolo-ribaudo", + "version": "5.1.1-v1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "description": "Proxy package exposing internals of eslint-scope@5 for @babel/eslint-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/@nicolo-ribaudo/eslint-scope-5-internals/-/eslint-scope-5-internals-5.1.1-v1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e78fc946f90b233cc35ac84259fba169d7eb7d954f884958f057209a0d47ae8125cbf1034accf384102c6ab0aec7e0ff90eb254d1aae373bb21929944934c71a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "multimap", + "version": "1.1.0", + "bom-ref": "multimap@1.1.0", + "author": "villa.gao", + "description": "multi-map which allow multiple values for the same key", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/multimap@1.1.0", + "externalReferences": [ + { + "url": "git://github.com/villadora/multi-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/villadora/multi-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/villadora/multi-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/multimap/-/multimap-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d19211f4f6ac3f1197991b0417c8ec0f39ddcc70e3eed21abfe2549af20507f587b30962167aaec44093fc37bb191e3283df64cbf36544a253f361b5cb6ef56f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/multimap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-builtin-module", + "version": "3.2.1", + "bom-ref": "is-builtin-module@3.2.1", + "author": "Sindre Sorhus", + "description": "Check if a string matches the name of a Node.js builtin module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-builtin-module@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-builtin-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-builtin-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0522c4dc79d5dacc99d052b488c03fc941a995478c98dcf8016e5f9d3ba76c222a662e2f1b75a3253f451cccb90faf719806011d742125d00b769c15c55e74d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-builtin-module" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pluralize", + "version": "8.0.0", + "bom-ref": "pluralize@8.0.0", + "author": "Blake Embrey", + "description": "Pluralize and singularize any word", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pluralize@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/blakeembrey/pluralize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/pluralize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35cdc84f9c87cdf9537db8e0a967023e9a3b0da2b2e059e907497fcc2016d1373b8f1022baa4b11dab27b41dc3efcf3b2d2ac0f7790327d217a2fc49631c8b08" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pluralize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-pkg-up", + "version": "7.0.1", + "bom-ref": "read-pkg-up@7.0.1", + "author": "Sindre Sorhus", + "description": "Read the closest package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg-up@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccad1307b5dde89a422e694b9ae7eaca4184fbf4e539e3c3eaa28294d5bb8470ca161fc9effee0096191ee3a044045b56caab76b7c9465239b3a858b150e2886" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regexp-tree", + "version": "0.1.27", + "bom-ref": "regexp-tree@0.1.27", + "author": "Dmitry Soshnikov", + "description": "Regular Expressions parser in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/regexp-tree@0.1.27", + "externalReferences": [ + { + "url": "git+https://github.com/DmitrySoshnikov/regexp-tree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DmitrySoshnikov/regexp-tree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.27.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8844f1a632ba628456246e68ea15cbc2f8d80285be144667f68b343c3fdbe803fac50c2c6bf63b942560222c416d43cc7e1bbe8b62ed75e02a5538069506ab7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regexp-tree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safe-regex", + "version": "2.1.1", + "bom-ref": "safe-regex@2.1.1", + "author": "James C.", + "description": "detect possibly catastrophic, exponential-time regular expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-regex@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/davisjam/safe-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/davisjam/safe-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/davisjam/safe-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af1fb1f0033329be50e6543de59a22e996c9ab008b92a8b75ee257a793f7ad3f0e11ceac642246e40139754de5b2046bfc5e01b37d634a554dfa3e4aaec1aef4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-regex" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "52.0.0", + "bom-ref": "eslint-plugin-unicorn@52.0.0", + "author": "Sindre Sorhus", + "description": "More than 100 powerful ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@52.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-52.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58ce6eff9bed11e1d8c7d2d8c38df55e8bf8eedb0dc0cd41a31baabc267b8d20be71230b1f9720a8a16e6c7c1bd0a76a4c61015259608538db2309ac751079e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "2.1.4", + "bom-ref": "@eslint/eslintrc@2.1.4", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbaf59dfd312eb0549b6ca14975d0beb459d92125574f1b6e10e1e6531f79e717a969bd24a110adf04230d7f494560143ef3e1ec23a8b8fa54f48aea69916fb5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "9.6.1", + "bom-ref": "espree@9.6.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@9.6.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/espree/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-9.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2bb99685923a2b4e9177da40d2239ffbe558b019e6608a7186cb636839283743d6e7c259e60e6e072e7925d111379fe9e30d7474dfb698d7ec79f19ff315dc1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parent-module", + "version": "1.0.1", + "bom-ref": "parent-module@1.0.1", + "author": "Sindre Sorhus", + "description": "Get the path of the parent module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parent-module@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parent-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parent-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190d84591a5057cfe8f80c3c62ab5f6593df3515996246e2744f64e6ba65fe10b7bed1c705f1a6d887e2eaa595f9ca031a4ad42990311372e8b7991cb11961fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parent-module" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "4.0.0", + "bom-ref": "resolve-from@4.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a5bfcc6265ecb40932b11171f2988d235b4614d408140def904dc6ab812e035745ea01e9ffebe066ab021896a9bf2f0ddd0fb8a3b170beab8f25c9d9ed1632e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4dd1ea8067fda1d77c49736ec6d501571f0dbfea9939e8c4eaacaa8b2e4db5b61840e7856bace61e4c653f399a2f15961ec53a9c9981ec01137553e2fb634152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core-js-compat", + "version": "3.37.0", + "bom-ref": "core-js-compat@3.37.0", + "author": "Denis Pushkarev", + "description": "core-js compat", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-js-compat@3.37.0#packages/core-js-compat", + "externalReferences": [ + { + "url": "git+https://github.com/zloirock/core-js.git#packages/core-js-compat", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/zloirock/core-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zloirock/core-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd8ab82fe4fc692e54b858385300e173b60d45655e559c25b5a77d0bf8d5dd1d8b8153a94bd043afb97f58be8137475b5779355de8cf4c7aaa133260b1ad1fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-js-compat" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browserslist", + "version": "4.23.0", + "bom-ref": "browserslist@4.23.0", + "author": "Andrey Sitnik", + "description": "Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/browserslist@4.23.0", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/browserslist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/browserslist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/browserslist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "416f0788cd6c8614f61aece4be495f8dc2838961571ce78508803f86e24fc07b2c97073276093b5fecf6cd7a448a33fdf14098ec76ee6d9b79276660bdfd0269" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browserslist" + } + ] + }, + { + "type": "library", + "name": "caniuse-lite", + "version": "1.0.30001612", + "bom-ref": "caniuse-lite@1.0.30001612", + "author": "Ben Briggs", + "description": "A smaller version of caniuse-db, with only the essentials!", + "licenses": [ + { + "license": { + "id": "CC-BY-4.0" + } + } + ], + "purl": "pkg:npm/caniuse-lite@1.0.30001612", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/caniuse-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/caniuse-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001612.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "945827674ed485a09cb12660596d0ae63e1eebd74ad6efe5b6b2fd95352214ec0d1ecd764b750c204620055d19e82ea14437afee2467333cd898a69b61d5c5f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/caniuse-lite" + } + ] + }, + { + "type": "library", + "name": "electron-to-chromium", + "version": "1.4.747", + "bom-ref": "electron-to-chromium@1.4.747", + "author": "Kilian Valkhof", + "description": "Provides a list of electron-to-chromium version mappings", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/electron-to-chromium@1.4.747", + "externalReferences": [ + { + "url": "git+https://github.com/kilian/electron-to-chromium.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kilian/electron-to-chromium/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.747.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f859d2599200bc51dbb0d566531844a9689a3a23cc71fba6d464339560a0ff02e2815b6c84eb235c7c8415f9ade9c14aebe1e44b740e241bfaff738fba66c17f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/electron-to-chromium" + } + ] + }, + { + "type": "library", + "name": "node-releases", + "version": "2.0.14", + "bom-ref": "node-releases@2.0.14", + "author": "Sergey Rubanov", + "description": "Node.js releases data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-releases@2.0.14", + "externalReferences": [ + { + "url": "git+https://github.com/chicoxyzzy/node-releases.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chicoxyzzy/node-releases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cb5d30396b7cc99a6a5e63a0468efb59a1c49a1610606340eb2e36d4f2ac2985842bc696f9ca80a616e8ad90e1a9fc8aadb64437dd823755f629b69f636b3b63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-releases" + } + ] + }, + { + "type": "library", + "name": "update-browserslist-db", + "version": "1.0.13", + "bom-ref": "update-browserslist-db@1.0.13", + "author": "Andrey Sitnik", + "description": "CLI tool to update caniuse-lite to refresh target browsers from Browserslist config", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/update-browserslist-db@1.0.13", + "externalReferences": [ + { + "url": "git+https://github.com/browserslist/update-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/browserslist/update-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/browserslist/update-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5e6cff3548d70fb8da4f3f7bb3796d4d617c48debc72273177a43eac1f88c4ee8fc85fe5ad4a9c27554faa22c0cfca4d1dde198543b9a3a9ce80b55eb4e216e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/update-browserslist-db" + } + ] + }, + { + "type": "library", + "name": "escalade", + "version": "3.1.2", + "bom-ref": "escalade@3.1.2", + "author": "Luke Edwards", + "description": "A tiny (183B to 210B) and fast utility to ascend parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escalade@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/escalade.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/escalade#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/escalade/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b08730269ed7dbd1f2f4067b9d3122c5689b2d7dae0ea016edfeaf78e410ee3ab2e2cc58192cbd5ca81a0415fa339f97ce1948e4a59afe86c5af3d3e64c698" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escalade" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "5.3.0", + "bom-ref": "estraverse@5.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@5.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "30c74046e54443388d4de243f0380caa6870475d41450fdc04ffa92ed61d4939dfdcc20ef1f15e8883446d7dfa65d3657d4ffb03d7f7814c38f41de842cbf004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "builtin-modules", + "version": "3.3.0", + "bom-ref": "builtin-modules@3.3.0", + "author": "Sindre Sorhus", + "description": "List of the Node.js builtin modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/builtin-modules@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/builtin-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/builtin-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce16820e271d2ee58de546cde4832716a34c84d7e8f75f6c1fce72dbf79afb9620f53b1391e671a4bf892dba7a7206054b8b112e9dd85784bac83baa5561d83b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/builtin-modules" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "3.0.2", + "bom-ref": "jsesc@3.0.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@3.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-3.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4aab3cd65c3b6d26e39c6b006de0a9ca1c721fe6843f0b16b1fb43d6146f83143807340762f935c40800c8f91622154326c7cefddb1b0c6db8178f80b09cfe2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-try", + "version": "2.2.0", + "bom-ref": "p-try@2.2.0", + "author": "Sindre Sorhus", + "description": "`Start a promise chain", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-try@2.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-try.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-try#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-try/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4789cf0154c053407d0f7e7f1a4dee25fffb5d86d0732a2148a76f03121148d821165e1eef5855a069c1350cfd716697c4ed88d742930bede331dbefa0ac3a75" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-try" + } + ] + }, + { + "type": "library", + "name": "path-exists", + "version": "4.0.0", + "bom-ref": "path-exists@4.0.0", + "author": "Sindre Sorhus", + "description": "Check if a path exists", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-exists@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-exists.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-exists/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a4f50cb943b8d86f65b071ecb9169be0d8aa0073f64884b48b392066466ca03ec1b091556dd1f65ad2aaed333fa6ead2530077d943c167981e0c1b82d6cbbff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-exists" + } + ] + }, + { + "type": "library", + "name": "read-pkg", + "version": "5.2.0", + "bom-ref": "read-pkg@5.2.0", + "author": "Sindre Sorhus", + "description": "Read a package.json file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/read-pkg@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/read-pkg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/read-pkg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "520ebd98d3a97ef28301cd90f034693238f376dae7bfd1dc48c5fee15b19c43d5a67a673ac813bae5cd706d593ca150b48c2a0d3be805ba591e626690f42623a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "group": "@types", + "version": "2.4.4", + "bom-ref": "@types/normalize-package-data@2.4.4", + "description": "TypeScript definitions for normalize-package-data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/normalize-package-data@2.4.4#types/normalize-package-data", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/normalize-package-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/normalize-package-data", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfb8be39a59387da9e2b82d21cfb32442ecd6a19c6a2d36e66f8cb4a070fcdb9691c1debac227100e808e6009d2a6edca289ec697d4e7f420b8937276636dfc4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0e92a6d948bfc4deff1d0282b69671a11581859f59d24aadca01bc5c280d43c6650e7c6e4265a18f9eba8fc7cde02bb7fc999b86c0e8edf70026ae2cf61dbb13" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "regjsparser", + "version": "0.10.0", + "bom-ref": "regjsparser@0.10.0", + "author": "'Julian Viereck'", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/regjsparser@0.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jviereck/regjsparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jviereck/regjsparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jviereck/regjsparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab1fb1406655b32e79087d1ad61895c079aa8cbaf27e1ef04321791ced3b5c9f5fedd40c63f80f407865c83908cc9282fb1d9f502a42714383514505ae6ed21c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-indent", + "version": "3.0.0", + "bom-ref": "strip-indent@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip leading whitespace from each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-indent@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-indent/-/strip-indent-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "95a2536b725bf95429682e83b1e1e117b75756a1d37c93c24436846e277f76b3a1822b60624bbf95eb4c52a397168595d3320851b8e9747dadfad623e1b40c45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "min-indent", + "version": "1.0.1", + "bom-ref": "min-indent@1.0.1", + "author": "James Kyle", + "description": "Get the shortest leading whitespace from lines in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/min-indent@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejameskyle/min-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejameskyle/min-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23d8f0327d3b4b2fc8c0e8f7cd59158a4d894ef8296b29036448a02fa471e8df4b6cccb0c1448cb71113fbb955a032cb7773b7217c09c2fbae9ecf1407f1de02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/min-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js", + "group": "@eslint", + "version": "8.57.0", + "bom-ref": "@eslint/js@8.57.0", + "description": "ESLint JavaScript language implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/js@8.57.0#packages/js", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git#packages/js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cfb78364da5bb8000ce2733edf37489b420e13239dd703305550fd38fd880d417c9cc5283f660145d3dce7a7a6e3c76c8e8ffe6c840b1449ae87d4b03c7fe6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.11.14", + "bom-ref": "@humanwhocodes/config-array@0.11.14", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.11.14", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd3f0b90e9a0e39055e452026f5e5040cb325125ab43c0328157c2ed91b7db339a967aab8a59b4d7c6550b0d1e6a95eec7c16d037deaf0f4914acb6379ede34a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "2.0.3", + "bom-ref": "@humanwhocodes/object-schema@2.0.3", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@2.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f77cd874c112fdcd43ebdc9988a0c18f4576e2fa8dcc1fe4a05dba28f69a8007dddcfff8814961dc3cace688002be1318bd432ce50fcc7fd3c66def020a70370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "module-importer", + "group": "@humanwhocodes", + "version": "1.0.1", + "bom-ref": "@humanwhocodes/module-importer@1.0.1", + "author": "Nicholas C. Zaks", + "description": "Universal module importer for Node.js", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/module-importer@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/module-importer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/module-importer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f1bde57857cbf961be277054d3deb3d281904ea429237cad32e28555549c08b8354144c0d7acfc9744bf7cf22e5aa7d9bd6e7c8412359f9b95a4066b5f7cb7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/module-importer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs.scandir", + "group": "@nodelib", + "version": "2.1.5", + "bom-ref": "@nodelib/fs.scandir@2.1.5", + "description": "List files and directories inside the specified directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40nodelib/fs.scandir@2.1.5#master", + "externalReferences": [ + { + "url": "git+https://github.com/nodelib/nodelib.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodelib/nodelib/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodelib/nodelib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "beadb806adf29b91c4426d8d282af7c970f08dceef4ec1138510e7929d832bda75baa2d1f831eeae6fcd393a34286ec760753b7a9a4a663dcccaa62e3017fada" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nodelib/fs.scandir" + } + ] + }, + { + "type": "library", + "name": "run-parallel", + "version": "1.2.0", + "bom-ref": "run-parallel@1.2.0", + "author": "Feross Aboukhadijeh", + "description": "Run an array of functions in parallel", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-parallel@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/feross/run-parallel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/run-parallel", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/run-parallel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65e15c9947ce8b67f943c594d1ea3a8bf00144d92d0814b30fdba01b8ec2d5003c4776107f734194b07fb2dfd51f0a2dddcf3f0e950b8f9a768938ca031d004" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-parallel" + } + ] + }, + { + "type": "library", + "name": "queue-microtask", + "version": "1.2.3", + "bom-ref": "queue-microtask@1.2.3", + "author": "Feross Aboukhadijeh", + "description": "fast, tiny `queueMicrotask` shim for modern engines", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/queue-microtask@1.2.3", + "externalReferences": [ + { + "url": "git://github.com/feross/queue-microtask.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/queue-microtask", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/queue-microtask/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36e68d49ae9f94a4f925a498433268934e09cd32f5080e9a1a1bf9adf2d6dcf82a03e3360a1a59427002f21f22e19164052f17e51aa40c11c0eebe217a3dcaf4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/queue-microtask" + } + ] + }, + { + "type": "library", + "name": "fastq", + "version": "1.17.1", + "bom-ref": "fastq@1.17.1", + "author": "Matteo Collina", + "description": "Fast, in memory work queue", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fastq@1.17.1", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/fastq.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/fastq#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/fastq/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b11543de55952175a0e81cbaf1937bbe1a3d6b5a5070dfd604568002c0c31739498efa06c743fccfb575b7bda0ac525f261bb760f641baedb97fb29ac368cdd7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastq" + } + ] + }, + { + "type": "library", + "name": "reusify", + "version": "1.0.4", + "bom-ref": "reusify@1.0.4", + "author": "Matteo Collina", + "description": "Reuse objects and functions with style", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/reusify@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/mcollina/reusify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mcollina/reusify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mcollina/reusify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53d9c7f3c6b77dcfde902175974fd43f5228b22b888f24e1ee106f5d530762055c7c6bedf3ded782e8f650e2c3788e411b69bbfeec3268b553e9f6ed0b04f2cf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/reusify" + } + ] + }, + { + "type": "library", + "name": "structured-clone", + "group": "@ungap", + "version": "1.2.0", + "bom-ref": "@ungap/structured-clone@1.2.0", + "author": "Andrea Giammarchi", + "description": "A structuredClone polyfill", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40ungap/structured-clone@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/ungap/structured-clone.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ungap/structured-clone#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ungap/structured-clone/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cee55d16b3098ae083414302cd0683e8a2f6f0c8e7aaa37c5e702a884abd3cd9bf8423d34867eb5c239fc23d68c382c56ffb4dca624fc2c35b55e3dcd7116aad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ungap/structured-clone" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2399e374a9dfb2d23b3312da18e3caf43deab97703049089423aee90e5fe3595f92cc17b8ab58ae18284e92e7c887079b6e1486ac7ee53aa6d889d2c0b844e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "907c6bdb366962d766acdd6a0e3aeb5ff675ad1d641bc0f1fa09292b51b87979af5ecc26704d614d6056614ce5ada630d7fc99a7a62e0d8efb62dbdb3747660c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-command" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efef9d161b5cc77df9dee05aabc0c347836ec417ad0730bb6503a19934089c711de9b4ab5dd884cb30af1b4ed9e3851874b4a1594c97b7933fca1cfc7a471bd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/shebang-regex" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04b2374e5d535b73ef97bd25df2ab763ae22f9ac29c17aac181616924a8cb676d782b303fb28fbae15b492e103c7325a6171a3116e6881aa4a34c10a34c8e26c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "447c4c2e9f659ca1c61d19e0f5016144231b600715a67ebdb2648672addfdfac638155564e18f8aaa2db4cb96aed2b23f01f9f210d44b8210623694ab3241e23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "7.2.2", + "bom-ref": "eslint-scope@7.2.2", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@7.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "74eb76d4eee54cc84333e5fd981e065fe0d9ad9b425093cbff095c4eac72af1e48bced0862d20b76dad0190a7ef27e52d20c1256639ff4d42b8cc3a07d066522" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "8.11.3", + "bom-ref": "acorn@8.11.3", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@8.11.3", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63dad17c91b98dc28e13408b8ac61ba2352322b20413b00633303f4a6e01b2500d85b4be70332980175c3d3f75a09eceb89f61609071e7d4636e1c559eb17c5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn" + } + ] + }, + { + "type": "library", + "name": "flat-cache", + "version": "3.2.0", + "bom-ref": "flat-cache@3.2.0", + "author": "Jared Wray", + "description": "A stupidly simple key/value storage using files to persist some data", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/flat-cache@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/flat-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/flat-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09870435af85b5c50a2e6861ab272da5c96cabb405dfca4a8d91ec18d892405e6be05b6828359a6c50e5de1cda11032f4f52c7132b30e6dc202efa5861be2f6f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flat-cache" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "flatted", + "version": "3.3.1", + "bom-ref": "flatted@3.3.1", + "author": "Andrea Giammarchi", + "description": "A super light and fast circular JSON parser.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/flatted@3.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/flatted.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/flatted#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/flatted/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5fc72a30b2e27bb2ac3540d277378df0560af6b12de03b7aeceb06fc33469d84d20c11b8b850091419d47a257ecc2540bf0172e7a22333db07e758d568484dc7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/flatted" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "keyv", + "version": "4.5.4", + "bom-ref": "keyv@4.5.4", + "author": "Jared Wray", + "description": "Simple key-value storage with support for multiple backends", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/keyv@4.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/keyv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/keyv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/keyv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3154790747f1097f608d5e75b144b5ba9a0ec9c82094706d03b441a62f672d528d4f3538a7d4f52297eafffb8af93295600bf7e7d648ecc7b9a34ae8caa88a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/keyv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-buffer", + "version": "3.0.1", + "bom-ref": "json-buffer@3.0.1", + "author": "Dominic Tarr", + "description": "JSON parse & stringify that supports binary via bops & base64", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-buffer@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/dominictarr/json-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/json-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1b57905f4769aa7d04c99be579b4f3dd7fe669ba1888bd3b8007983c91cad7399a534ff430c15456072c17d68cebea512e3dd6c7c70689966f46ea6236b1f49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-buffer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "5.0.0", + "bom-ref": "find-up@5.0.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "efcfcf5d3d7094b2c3813cc3b3bb23abd873cf4bd70fece7fbbc32a447b87d74310a6766a9f1ac10f4319a2092408dda8c557dd5b552b2f36dac94625ba9c69e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "6.0.0", + "bom-ref": "locate-path@6.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "88f64ae9e6236f146edee078fd667712c10830914ca80a28a65dd1fb3baad148dc026fcc3ba282c1e0e03df3f77a54f3b6828fdcab67547c539f63470520d553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "5.0.0", + "bom-ref": "p-locate@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2da363b51594058fbecc1e6713f37071aa0cca548f93e4be647341d53cdd6cc24c9f2e9dca7a401aded7fed97f418ab74c8784ea7c47a696e8d8b1b29ab1b93f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-extglob", + "version": "2.1.1", + "bom-ref": "is-extglob@2.1.1", + "author": "Jon Schlinkert", + "description": "Returns true if a string has an extglob.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-extglob@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-extglob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-extglob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "49b29b00d90deb4dd58b88c466fe3d2de549327e321b0b1bcd9c28ac4a32122badb0dde725875b3b7eb37e1189e90103a4e6481640ed9eae494719af9778eca1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-extglob" + } + ] + }, + { + "type": "library", + "name": "is-path-inside", + "version": "3.0.3", + "bom-ref": "is-path-inside@3.0.3", + "author": "Sindre Sorhus", + "description": "Check if a path is inside another path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-path-inside@3.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-path-inside.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-path-inside/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15de200016fec9c18098aa2ef1e31fb42ba94a2af9951c6a7f8683fef774703daa7381cbd3b3a309eb8732bf11a380a831a782283074fc40813955a34f052f3d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-path-inside" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "prelude-ls", + "version": "1.2.1", + "bom-ref": "prelude-ls@1.2.1", + "author": "George Zahariev", + "description": "prelude.ls is a functionally oriented utility library. It is powerful and flexible. Almost all of its functions are curried. It is written in, and is the recommended base library for, LiveScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prelude-ls@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/gkz/prelude-ls.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://preludels.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/prelude-ls/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be47033eb459a354192db9f944b18fa60fd698843ae6aa165a170629ffdbe5ea659246ab5f49bdcfca6909ab789a53aa52c5a9c8db9880edd5472ad81d2cd7e6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prelude-ls" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-check", + "version": "0.4.0", + "bom-ref": "type-check@0.4.0", + "author": "George Zahariev", + "description": "type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-check@0.4.0", + "externalReferences": [ + { + "url": "git://github.com/gkz/type-check.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gkz/type-check", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gkz/type-check/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e5794a1cf6ec065ea8d6c176944d9026ccc705679f39f10036befc7552be7121c8b15c83fef0b9c50e0469954df4bacead7aa765b2415fbbe69ee0aefd3a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-check" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "word-wrap", + "group": "@aashutoshrathi", + "version": "1.2.6", + "bom-ref": "@aashutoshrathi/word-wrap@1.2.6", + "author": "Jon Schlinkert", + "description": "Wrap words to a specified length.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40aashutoshrathi/word-wrap@1.2.6", + "externalReferences": [ + { + "url": "git+https://github.com/aashutoshrathi/word-wrap.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aashutoshrathi/word-wrap/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aashutoshrathi/word-wrap/-/word-wrap-1.2.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d588ecd92bccf137e5111fce0f770e8e15963996f9f00dadef0a44d92f577c161388897e5c58501b66e3cb83eed48f8402508d533443603745c056142af5dc20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aashutoshrathi/word-wrap" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "deep-is", + "version": "0.1.4", + "bom-ref": "deep-is@0.1.4", + "author": "Thorsten Lorenz", + "description": "node's assert.deepEqual algorithm except for NaN being equal to NaN", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/deep-is@0.1.4", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/thlorenz/deep-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/deep-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/deep-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a083f392c993838fccae289a6063bea245c34fbced9ffc37129b6fffe81221d31d2ac268d2ee027d834524fcbee1228cb82a86c36c319c0f9444c837b7c6bf6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/deep-is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "accepts", + "version": "1.3.8", + "bom-ref": "accepts@1.3.8", + "description": "Higher-level content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/accepts@1.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/accepts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/accepts#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/accepts/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d802d8536b69b654ac6ebd20f70cf0bf1b2f94fac380d4b02e4fc9a4991bafc3e34009269e5c443e34771517bace365eaa71ac55dd4b9e9b06b093eefe4892f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/accepts" + } + ] + }, + { + "type": "library", + "name": "mime-types", + "version": "2.1.35", + "bom-ref": "mime-types@2.1.35", + "description": "The ultimate javascript content-type utility.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-types@2.1.35", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-types.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-types#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-types/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64363e6cf9b9cd34c5f98a42ac053d9cad148080983d3d10b53d4d65616fe2cfbe4cd91c815693d20ebee11dae238323423cf2b07075cf1b962f9d21cda7978b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-types" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8452ca863cbb0cfa3ff37428598ec9d7e758385eb1c53885f07e70953c695093f9398226a470ab2ec4239b051bba0d29bda29c3f3bab2559b25d82140ce1b06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/negotiator" + } + ] + }, + { + "type": "library", + "name": "array-flatten", + "version": "1.1.1", + "bom-ref": "array-flatten@1.1.1", + "author": "Blake Embrey", + "description": "Flatten an array of nested arrays into a single flat array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/array-flatten@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/array-flatten.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/array-flatten/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c254042cc167a6bba51dc6c0c5157ffe815798a8a0287770f75159bdd631f0ca782e3b002f60f871f2736533ef8da9170ae82c71a5469f8e684874a88789baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/array-flatten" + } + ] + }, + { + "type": "library", + "name": "body-parser", + "version": "1.20.2", + "bom-ref": "body-parser@1.20.2", + "description": "Node.js body parsing middleware", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/body-parser@1.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/body-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/body-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/body-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a5f6945e0aedcceb590696aa139b6ba64974e5453b864f1d1b7d88feb8850a298c9c1b936d49b79eb55ddf69253a47b6a338fc3483f2753ef2b8a8dcbbb396c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser" + } + ] + }, + { + "type": "library", + "name": "bytes", + "version": "3.1.2", + "bom-ref": "bytes@3.1.2", + "author": "TJ Holowaychuk", + "description": "Utility to parse a string bytes to bytes and vice-versa", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bytes@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/bytes.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/bytes.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcd7fb4f2cd3c7a4b7c9124e6ce015efde7aafc72bdbe3a3f000b976df3048fdc1400a1e5f9f0da07c8253c3fccc690d5d2b634d28ba7f33ba174a4175c61b12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bytes" + } + ] + }, + { + "type": "library", + "name": "depd", + "version": "2.0.0", + "bom-ref": "depd@2.0.0", + "author": "Douglas Christopher Wilson", + "description": "Deprecate all the things", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/depd@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/dougwilson/nodejs-depd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dougwilson/nodejs-depd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83b9c7e8fe9dc838a8268800006a6b1a90ad5489898693e4feba02cdd6f77c887ad7fb3f9cfb1f47aa27c8cc2408047f3a50b7c810b49444af52840402cb08af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/depd" + } + ] + }, + { + "type": "library", + "name": "destroy", + "version": "1.2.0", + "bom-ref": "destroy@1.2.0", + "author": "Jonathan Ong", + "description": "destroy a stream if possible", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/destroy@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/destroy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/destroy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/destroy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dac246253697208691d70e22252368374867318ec6a5cfe7f03e2a482270f10a855977fb72e0209c41f1069c1e69570f7af0b69772a98d80b1dcdca941081a26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/destroy" + } + ] + }, + { + "type": "library", + "name": "http-errors", + "version": "2.0.0", + "bom-ref": "http-errors@2.0.0", + "author": "Jonathan Ong", + "description": "Create HTTP error objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-errors@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/http-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/http-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/http-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16dc2b1bf7ae0736848d8791a8e825cbb1b4aaf8a25e82569ef107d99d6994175781bca3bf7e291d349bf73a1e1ccc83cb7dfe0d6cb95adf56a3e4d446d39849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-errors" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.4.24", + "bom-ref": "iconv-lite@0.4.24", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.4.24", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf73179d901cbe7cb091350466898801cb657bb4575de79d391df5c3097b565ca85cee108bd6abbd27a73505a77b54dc4708422f51f02c8db56c4a9da63f3fac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/iconv-lite" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "619a372bcd920fb462ca2d04d4440fa232f3ee4a5ea6749023d2323db1c78355d75debdbe5d248eeda72376003c467106c71bbbdcc911e4d1c6f0a9c42b894b6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safer-buffer" + } + ] + }, + { + "type": "library", + "name": "on-finished", + "version": "2.4.1", + "bom-ref": "on-finished@2.4.1", + "description": "Execute a callback when a request closes, finishes, or errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/on-finished@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/on-finished.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/on-finished#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/on-finished/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a15973920dc4340842936cddbfb209c1dfd0503e33d91c51c2991c198f29b0255c09864dab8c189d55802c733e6ebb6e26378f5a2605fc2966b83afc0a1e7e92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/on-finished" + } + ] + }, + { + "type": "library", + "name": "qs", + "version": "6.11.0", + "bom-ref": "qs@6.11.0", + "description": "A querystring parser that supports nesting and arrays, with a depth limit", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/qs@6.11.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/qs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/qs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/qs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32f8e830227011aad26d4624e4efa79a84b34aeb52b13c05f39cdc1cf43d3ab945a193982236aa040248a885e3a6dc83e6f4e1c46ab9d97bbf31a273464224e1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/qs" + } + ] + }, + { + "type": "library", + "name": "raw-body", + "version": "2.5.2", + "bom-ref": "raw-body@2.5.2", + "author": "Jonathan Ong", + "description": "Get and validate the raw body of a readable stream.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/raw-body@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/raw-body.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/raw-body#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/raw-body/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f331aaca97c4363088a868605d3a02f1a076afb62b057f804007c83ecfcc964f81b4f4f3b4ebd34b4d4d456ff7121eb427e6b8f25b7caac0b38ab43a9680957c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/raw-body" + } + ] + }, + { + "type": "library", + "name": "unpipe", + "version": "1.0.0", + "bom-ref": "unpipe@1.0.0", + "author": "Douglas Christopher Wilson", + "description": "Unpipe a stream from all destinations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/unpipe@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/stream-utils/unpipe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stream-utils/unpipe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stream-utils/unpipe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a63cb66d8852b2e7f05a52b03dcfa5ddc37bfb0b8994aeaecf461d2443a54036e5ea3a3f6253e2e266fc6a0524542f0117b57c36ecdec8f36a464b00de1ced29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/unpipe" + } + ] + }, + { + "type": "library", + "name": "type-is", + "version": "1.6.18", + "bom-ref": "type-is@1.6.18", + "description": "Infer the content-type of a request.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/type-is@1.6.18", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/type-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/type-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/type-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e444aafdb144f1107f0c75fb8248fed58b3272cd134c8e3d89d9da3626bdcaca6e7df0955d124b2eccf4029e514f5b8932f50fa203e99af411a6d3a5d0072f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/type-is" + } + ] + }, + { + "type": "library", + "name": "content-disposition", + "version": "0.5.4", + "bom-ref": "content-disposition@0.5.4", + "author": "Douglas Christopher Wilson", + "description": "Create and parse Content-Disposition header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/content-disposition@0.5.4", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/content-disposition.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/content-disposition#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/content-disposition/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "16f7994cdb86c34e1cc6502259bce2eb34c02ff9617a16966d3b6096e261e3f13de43a8cc139a16b7299375680580f1c148847ccc654bcb7af930e51aa4fad49" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/content-disposition" + } + ] + }, + { + "type": "library", + "name": "cookie-signature", + "version": "1.0.6", + "bom-ref": "cookie-signature@1.0.6", + "author": "TJ Holowaychuk", + "description": "Sign and unsign cookies", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie-signature@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/visionmedia/node-cookie-signature.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/node-cookie-signature/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4000f395a1dcf22715f08eef6da257270a1df47598a7cb82a9fd716b839f36ed53ec9571408ad480e5ad1dd343b4f8b2c2615b892d76563a2d2172eb28cde8ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie-signature" + } + ] + }, + { + "type": "library", + "name": "cookie", + "version": "0.6.0", + "bom-ref": "cookie@0.6.0", + "author": "Roman Shtylman", + "description": "HTTP server cookie parsing and serialization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cookie@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/cookie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/cookie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/cookie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53bd5cc936a6ba1d4244d09fa4663ab68dbc971bcdc0f1b81aecff1158e07f7266cefd2f943a756ad4fd792e5d0e33181ee7291db5a7b3a2f07f704acfab2f77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cookie" + } + ] + }, + { + "type": "library", + "name": "encodeurl", + "version": "1.0.2", + "bom-ref": "encodeurl@1.0.2", + "description": "Encode a URL to a percent-encoded form, excluding already-encoded sequences", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encodeurl@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/encodeurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/encodeurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4cf257abc26a15a5589b609698fbe73f6232a3865233bfd029c4a6b8c2c339b7e91f97e2ed150699dfeb4c37feaeeb7fb1a88389011e5533600262447403b1d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/encodeurl" + } + ] + }, + { + "type": "library", + "name": "escape-html", + "version": "1.0.3", + "bom-ref": "escape-html@1.0.3", + "description": "Escape string for use in HTML", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-html@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/component/escape-html.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/escape-html#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/escape-html/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3624aea59e0e7ae1b0afaf251887b29bf92c219309a1d506392099fc54a74f172b7a46efaab81d53194938ca628da299563009ad6ac6b3fe89cbc38cbb28fda3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/escape-html" + } + ] + }, + { + "type": "library", + "name": "etag", + "version": "1.8.1", + "bom-ref": "etag@1.8.1", + "description": "Create simple HTTP ETags", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/etag@1.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/etag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/etag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/etag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6882f9171ee66b055adf4d1a976067104e2236fa35a844f12eb3c8fe8d392fbcfa828edf0b0d49e844266cae05989d804bb920545fca1195ae7c17dd0a531c3e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/etag" + } + ] + }, + { + "type": "library", + "name": "finalhandler", + "version": "1.2.0", + "bom-ref": "finalhandler@1.2.0", + "author": "Douglas Christopher Wilson", + "description": "Node.js final http responder", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/finalhandler@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/finalhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/finalhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e5dc5157ed9503059d60bdaaefecbe45afdc64ddd8f7d484aff73cb9183407bb15ba8932ddf9d791dac44e9e44bef819db2b8a2c2e8e26b075a0750691084a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler" + } + ] + }, + { + "type": "library", + "name": "parseurl", + "version": "1.3.3", + "bom-ref": "parseurl@1.3.3", + "description": "parse a url with memoization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parseurl@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/parseurl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/parseurl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/parseurl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0a2c9e3b1153fc96723799b4cfd3df5f0e1208127a4b2833d43a65d30aa39610c418604fd469ec51510bd29eb78681b57dc8f77c7ca75e2f4d60ee2758e2fea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parseurl" + } + ] + }, + { + "type": "library", + "name": "statuses", + "version": "2.0.1", + "bom-ref": "statuses@2.0.1", + "description": "HTTP status utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/statuses@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/statuses.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/statuses#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/statuses/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "470340f59ffb3eb2b4eab60b23314c95a17e97bde2c29ceca9120581b30b6d370b0fa70e6a8f364da59e7cf5d0bc1d9f382e008ee612127752ecdfe64c26e475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/statuses" + } + ] + }, + { + "type": "library", + "name": "fresh", + "version": "0.5.2", + "bom-ref": "fresh@0.5.2", + "author": "TJ Holowaychuk", + "description": "HTTP response freshness testing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fresh@0.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/fresh.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/fresh#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/fresh/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cc9da6418335f2b1053ae75e57819285318843b45bcc0ee8cdb53d23f5c1a66ee4aa0332c209b294cc171f16499a45686249daf5dda95575573dd6133fd7a3f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fresh" + } + ] + }, + { + "type": "library", + "name": "setprototypeof", + "version": "1.2.0", + "bom-ref": "setprototypeof@1.2.0", + "author": "Wes Todd", + "description": "A small polyfill for Object.setprototypeof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/setprototypeof@1.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/wesleytodd/setprototypeof.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wesleytodd/setprototypeof/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1392c35fb5aba7ce4a8a5e5b859bf8ea3f2339e6e82aae4932660cde05467461fcc45a4f59750cb0dae53830ab928c4c11e362fd7648c2e46f6385cdc18309a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setprototypeof" + } + ] + }, + { + "type": "library", + "name": "toidentifier", + "version": "1.0.1", + "bom-ref": "toidentifier@1.0.1", + "author": "Douglas Christopher Wilson", + "description": "Convert a string of words to a JavaScript identifier", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/toidentifier@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/toidentifier.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/toidentifier#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/toidentifier/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39b123ca12483f0c840d987e37574fee7ab2eba7355e764521f2d18dbda797a5fa6ec2329e9e54a8c7fd8efc14e5654b447be246eece58844cfad3c3e500744" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/toidentifier" + } + ] + }, + { + "type": "library", + "name": "merge-descriptors", + "version": "1.0.1", + "bom-ref": "merge-descriptors@1.0.1", + "author": "Jonathan Ong", + "description": "Merge objects using descriptors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/merge-descriptors@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/component/merge-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/merge-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/merge-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7028ba837fd9af58aa422eb249bb1e3355efa286bdf0dd30df58f3518ad73d7db1a8e6e61461c9d2d439bbbe07de6561ef02e8b93b1e672608ab7f60f1c369d7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/merge-descriptors" + } + ] + }, + { + "type": "library", + "name": "methods", + "version": "1.1.2", + "bom-ref": "methods@1.1.2", + "description": "HTTP methods that node supports", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/methods@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/methods.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/methods#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/methods/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "89c9401de36a366ebccc5b676747bed4bdb250876fccda1ab8a53858103756f1ffbcf162785eea7d197051953e0c0f4ff5b3d7212f74ba5c68528087db7b15db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/methods" + } + ] + }, + { + "type": "library", + "name": "ee-first", + "version": "1.1.1", + "bom-ref": "ee-first@1.1.1", + "author": "Jonathan Ong", + "description": "return the first event in a set of ee/event pairs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ee-first@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonathanong/ee-first.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonathanong/ee-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonathanong/ee-first/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58cc26f4b851528f9651a44dfaf46e113a86f3d22066985548d91d16079beac4bf1383ab0c837bb78f0201ec121d773a0bc95e7c3f0a29faf9bd8eb56eb425a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ee-first" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "0.1.7", + "bom-ref": "path-to-regexp@0.1.7", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@0.1.7", + "externalReferences": [ + { + "url": "git+https://github.com/component/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/component/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/component/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e43164ba8aa5bf5b9840ac72f2898505e24f41c768134ecabf6b1f7ab0c2ac0ab5a21394f8c483b300c86e7c7760033ad2a20e9d86b9df00615d6d046cca27ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-to-regexp" + } + ] + }, + { + "type": "library", + "name": "proxy-addr", + "version": "2.0.7", + "bom-ref": "proxy-addr@2.0.7", + "author": "Douglas Christopher Wilson", + "description": "Determine address of proxied request", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/proxy-addr@2.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/proxy-addr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/proxy-addr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96542c30b4940d43d3e388ddad4fcedfbaa59e27e2b433fe670ae699972848ac8b2afb59c69c95d27dbf6c3fcde2d040019fe024475953b28cadaa0ad7e5d802" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/proxy-addr" + } + ] + }, + { + "type": "library", + "name": "forwarded", + "version": "0.2.0", + "bom-ref": "forwarded@0.2.0", + "description": "Parse HTTP X-Forwarded-For header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/forwarded@0.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/forwarded.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/forwarded#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/forwarded/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ee446d1fa41b511d24c238049eea10f6e7cb44b9b16844b6f864d03a3713151cdc3680e7301e8f70c9a6e5ccccce039cfdc40f4bd4a36393f36de8c4fd698a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/forwarded" + } + ] + }, + { + "type": "library", + "name": "ipaddr.js", + "version": "1.9.1", + "bom-ref": "ipaddr.js@1.9.1", + "author": "whitequark", + "description": "A library for manipulating IPv4 and IPv6 addresses in JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ipaddr.js@1.9.1", + "externalReferences": [ + { + "url": "git://github.com/whitequark/ipaddr.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/whitequark/ipaddr.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0a23feb4ef1a31493a07ec68cdd457d26cba14d3e6ed4e2723b1049642587f859ca437c2a998c7fbb98c0f5b747e6a467a47fc35f199574870585e26143cede" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ipaddr.js" + } + ] + }, + { + "type": "library", + "name": "side-channel", + "version": "1.0.6", + "bom-ref": "side-channel@1.0.6", + "author": "Jordan Harband", + "description": "Store information about any JS value in a side channel. Uses WeakMap if available.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/side-channel@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/side-channel.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/side-channel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/side-channel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c35bf119e90f5188ef1e146f078feeeefe85be5eb3d320287008e336fad87603a39b943b58608a6f7bd9be2af23d6780bda9211795a191e9b4c460745eba094" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/side-channel" + } + ] + }, + { + "type": "library", + "name": "call-bind", + "version": "1.0.7", + "bom-ref": "call-bind@1.0.7", + "author": "Jordan Harband", + "description": "Robustly `.call.bind()` a function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/call-bind@1.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/call-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/call-bind#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/call-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1874d2352608090eec707eec67e336ac5a294682e1f2dd9b2d25ba05b82bb4bb1a84e201e62c805497fd1a358addc6130da323e17741a4cd5c03aa484b42afdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/call-bind" + } + ] + }, + { + "type": "library", + "name": "es-define-property", + "version": "1.0.0", + "bom-ref": "es-define-property@1.0.0", + "author": "Jordan Harband", + "description": "`Object.defineProperty`, but not IE 8's broken one.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-define-property@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-define-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-define-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-define-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f16b22ca4a1ac4aaacc9d1eba641b5614d840cdbb09f4f54f7e7e8028031682fcd892ec5ea4c9efacefe80d182ce8049cb50cbcbcec0ec188ae5f0d1694f681" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-define-property" + } + ] + }, + { + "type": "library", + "name": "get-intrinsic", + "version": "1.2.4", + "bom-ref": "get-intrinsic@1.2.4", + "author": "Jordan Harband", + "description": "Get and robustly cache all JS language-level intrinsics at first require time", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-intrinsic@1.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/get-intrinsic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/get-intrinsic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6e621b091fc549053bfba2c960e01ce7258843a1123ac1a602c4c9827674eb702ac703f7c214aa13173d8928a1341dd0c5505effa10ba1cee99724aee968145" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-intrinsic" + } + ] + }, + { + "type": "library", + "name": "es-errors", + "version": "1.3.0", + "bom-ref": "es-errors@1.3.0", + "author": "Jordan Harband", + "description": "A simple cache for a few of the JS Error constructors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/es-errors@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/es-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/es-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/es-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65fe47d8ac6ddb18d3bdb26f3f66562c4202c40ea3fa1026333225ca9cb8c5c060d6f2959f1f3d5b2d066d2fa47f9730095145cdd0858765d20853542d2e9cb3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/es-errors" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ed71cdc47eea5fdc46e66230c6486e993a31fcc21135c3a00ebc56b0cb76a40af6dd61e9e8cad194dec50521690a9afea153b417be38894811f369c931f1b648" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/function-bind" + } + ] + }, + { + "type": "library", + "name": "set-function-length", + "version": "1.2.2", + "bom-ref": "set-function-length@1.2.2", + "author": "Jordan Harband", + "description": "Set a function's length property", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/set-function-length@1.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/set-function-length.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/set-function-length#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/set-function-length/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6045ce21278fec363582492f409a74b8d31ddb34c0d39271e02f951a3014ccc899d4f741205a1d51cfe302f5e16ee01b8dfd4c198ca42e63fd6fdeb33b1cc7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/set-function-length" + } + ] + }, + { + "type": "library", + "name": "define-data-property", + "version": "1.1.4", + "bom-ref": "define-data-property@1.1.4", + "author": "Jordan Harband", + "description": "Define a data property on an object. Will fall back to assignment in an engine without descriptors.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-data-property@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/define-data-property.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/define-data-property#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/define-data-property/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac132f23396903cbfa13e489668a3ef87018aac2eb920ecc49f2229cc3c5866928af0ed7f9d39754942cf904faf731a4cccc9f0e720c3765a2775f8d6cbdd3f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-data-property" + } + ] + }, + { + "type": "library", + "name": "gopd", + "version": "1.0.1", + "bom-ref": "gopd@1.0.1", + "author": "Jordan Harband", + "description": "`Object.getOwnPropertyDescriptor`, but accounts for IE's broken implementation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gopd@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/ljharb/gopd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/gopd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/gopd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77ae5b36521a771be96ff03669b55d96a2aa579eb78ee4676755ad93ab35b0847cb8db1747bd31a88cd5ab155fd5e4ea0ee9f04f632473311e69ecc2293661c0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gopd" + } + ] + }, + { + "type": "library", + "name": "has-property-descriptors", + "version": "1.0.2", + "bom-ref": "has-property-descriptors@1.0.2", + "author": "Jordan Harband", + "description": "Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-property-descriptors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-property-descriptors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-property-descriptors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7924d2ae216fafab829ed418ce4e333661cb5022f093ec61731f099f64f1a8e709eb82489dd1842d9c095e152aae9999b86b3de7d814be7ab6f2e62a49760ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-property-descriptors" + } + ] + }, + { + "type": "library", + "name": "has-proto", + "version": "1.0.3", + "bom-ref": "has-proto@1.0.3", + "author": "Jordan Harband", + "description": "Does this environment have the ability to get the [[Prototype]] of an object on creation with `__proto__`?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-proto@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/has-proto.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/has-proto#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/has-proto/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "489d5a999009522652f8f86c54b7f9b46c9d95a541f04745a5a48ee209a250a50ec64f2ace7e40232e19789526876db39c8764fee300513da9977171cd5507f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-proto" + } + ] + }, + { + "type": "library", + "name": "has-symbols", + "version": "1.0.3", + "bom-ref": "has-symbols@1.0.3", + "author": "Jordan Harband", + "description": "Determine if the JS environment has Symbol support. Supports spec, or shams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-symbols@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/has-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ljharb/has-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ljharb/has-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9772c2b85e8c8033704c32a47581848a1623b79a513db120e3aaed9669d23e551b82607c2ce22b2896d86050526e73da25ec4c2ad88f3bc8667918d1cf64ddf8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-symbols" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d21254f5208fbe633320175916a34f5d66ba76a87b59d1f470823dcbe0b24bcac6de72f8f01725adaf4798a8555541f23d6347e58ef10f0001edb7e04a391431" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hasown" + } + ] + }, + { + "type": "library", + "name": "object-inspect", + "version": "1.13.1", + "bom-ref": "object-inspect@1.13.1", + "author": "James Halliday", + "description": "string representations of objects in node and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/object-inspect@1.13.1", + "externalReferences": [ + { + "url": "git://github.com/inspect-js/object-inspect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/object-inspect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e6aa23d5152228e32c08234b57508188f604d74b33893b2798dc64008feb661883eb7085ec8a9d1460bf5f38d68e94a02dfd0bc575f76c3148874135f1fe9485" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/object-inspect" + } + ] + }, + { + "type": "library", + "name": "range-parser", + "version": "1.2.1", + "bom-ref": "range-parser@1.2.1", + "author": "TJ Holowaychuk", + "description": "Range header field string parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/range-parser@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/range-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/range-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/range-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1eb82cc7ea2baa8ca09e68456ca68713a736f7a27e1d30105e8c4417a80dba944e9a6189468cb37c6ddc700bdea8206bc2bff6cb143905577f1939796a03b04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/range-parser" + } + ] + }, + { + "type": "library", + "name": "send", + "version": "0.18.0", + "bom-ref": "send@0.18.0", + "author": "TJ Holowaychuk", + "description": "Better streaming static file server with Range and conditional-GET support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/send@0.18.0", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/send.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/send#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/send/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aaa5b3b8e8d214ebaa3e315ee0d3ac30b69f4e8410c0148e1294be17012ddc0d95def2ae6d3aae4f7be62d3429160317a7c02515616e3f5a8a68964eb4fa555e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send" + } + ] + }, + { + "type": "library", + "name": "mime", + "version": "1.6.0", + "bom-ref": "mime@1.6.0", + "author": "Robert Kieffer", + "description": "A comprehensive library for mime-type mapping", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime@1.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-mime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-mime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-mime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c74567f2ca48fb0b89d4ee92ee09db69083c3f187834d1dbeca4883661162a23c4e1128ea65be28e7f8d92662699180febc99cef48f611b793151b2bb306907a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime" + } + ] + }, + { + "type": "library", + "name": "serve-static", + "version": "1.15.0", + "bom-ref": "serve-static@1.15.0", + "author": "Douglas Christopher Wilson", + "description": "Serve static files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/serve-static@1.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/expressjs/serve-static.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/expressjs/serve-static#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/expressjs/serve-static/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c6b910cd8d75228ec50bd2f97a9d20fb730511bb31208256ce685b9933d8379300d7396553724d232f38cfcc60fe4dacd66dba1962ee76ffdfd73dd5209def6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serve-static" + } + ] + }, + { + "type": "library", + "name": "media-typer", + "version": "0.3.0", + "bom-ref": "media-typer@0.3.0", + "author": "Douglas Christopher Wilson", + "description": "Simple RFC 6838 media type parser and formatter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/media-typer@0.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/media-typer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/media-typer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/media-typer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76afaa7a543d6a41e970e97f8145514f15483a4009d70477400bdbe11b158d2f285681630c64dcebbf702589949a49d41791f030b3a06f93be6b72b17d66a93d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/media-typer" + } + ] + }, + { + "type": "library", + "name": "utils-merge", + "version": "1.0.1", + "bom-ref": "utils-merge@1.0.1", + "author": "Jared Hanson", + "description": "merge() utility function", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "http://opensource.org/licenses/MIT" + } + } + ], + "purl": "pkg:npm/utils-merge@1.0.1", + "externalReferences": [ + { + "url": "git://github.com/jaredhanson/utils-merge.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredhanson/utils-merge#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/jaredhanson/utils-merge/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a4c653bc8913d5df93146bc33aaa1d39c971d105a49208ba4dda1af200bc7df18002acfda733d36560326dbb071e8103ff3b4cb64bff5686136324a1527f3584" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/utils-merge" + } + ] + }, + { + "type": "library", + "name": "vary", + "version": "1.1.2", + "bom-ref": "vary@1.1.2", + "author": "Douglas Christopher Wilson", + "description": "Manipulate the HTTP Vary header", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/vary@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/vary.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/vary#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/vary/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04d19b58b7ddd1e50f69b8645d4566d23f2ebaf444c93879a2f45afddca8c3f06a01b649c82fb97d4f88cd03b39802b362a6110084a8461750af778867f3d7aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/vary" + } + ] + }, + { + "type": "library", + "name": "asynckit", + "version": "0.4.0", + "bom-ref": "asynckit@0.4.0", + "author": "Alex Indigo", + "description": "Minimal async jobs utility library, with streams support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/asynckit@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/alexindigo/asynckit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexindigo/asynckit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexindigo/asynckit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39e8bd387e2d461d18a94dc6c615fbf5d33f9b0560bdb64969235a464f9bb21923d12e5c7c772061a92b7818eb1f06ad5ca6f3f88a087582f1aca8a6d8c8d6d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/asynckit" + } + ] + }, + { + "type": "library", + "name": "combined-stream", + "version": "1.0.8", + "bom-ref": "combined-stream@1.0.8", + "author": "Felix Geisendörfer", + "description": "A stream that emits multiple other streams one after another.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/combined-stream@1.0.8", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-combined-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-combined-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1503783117ee25e1dfedc05b04c2455e12920eafb690002b06599106f72f144e410751d9297b5214048385d973f73398c3187c943767be630e7bffb971da0476" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/combined-stream" + } + ] + }, + { + "type": "library", + "name": "delayed-stream", + "version": "1.0.0", + "bom-ref": "delayed-stream@1.0.0", + "author": "Felix Geisendörfer", + "description": "Buffers events from a stream until you are ready to handle them.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/delayed-stream@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-delayed-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-delayed-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "672483ecd7fdd5a2c1d11c4be0a1ab28705797b11db350c098475ca156b05e72c3ed20e1a4d82db88236680920edaed04b8d63c4f499d7ba7855d1a730793731" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/delayed-stream" + } + ] + }, + { + "type": "library", + "name": "mime-db", + "version": "1.52.0", + "bom-ref": "mime-db@1.52.0", + "description": "Media Type Database", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mime-db@1.52.0", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/mime-db.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/mime-db#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/mime-db/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0f538b95edd625bed589c70c311c3d0fba285536213b4f201b439496c43081f66518bce82ba103b061040e28f27c0886c4fb51135653a82b5502da7537818be" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mime-db" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "11.2.0", + "bom-ref": "fs-extra@11.2.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as recursive mkdir, copy, and remove.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@11.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e60e2deec0ae6716e5e1ed70d39559d2d7bc494bbbd6dfa8acdbec37c5cbfc495c620783720137f872d9156396e44a35f46389dbbd90aad7f123b44cabf64b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs-extra" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "6.1.0", + "bom-ref": "jsonfile@6.1.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@6.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5d8277563ab8984a6e5c9d86893616a52cd0ca3aa170c8307faebd44f59b067221af28fb3c476c5818269cb9fdf3e8ad58283cf5f367ddf9f637727de932a5d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jsonfile" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "2.0.1", + "bom-ref": "universalify@2.0.1", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "829b4735082120d9dcfef4c6224d12385185357c3b255ae5454b42a2725196f6b0e83b97d303b925e928f6c5ab301861f8fb18019ee85c088e9dffd42a88328b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/universalify" + } + ] + }, + { + "type": "library", + "name": "get-installed-path", + "version": "4.0.8", + "bom-ref": "get-installed-path@4.0.8", + "author": "Charlike Mike Reagent", + "description": "Get installation path where the given package is installed. Works for globally and locally installed packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-installed-path@4.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/tunnckoCore/get-installed-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tunnckoCore/get-installed-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-installed-path/-/get-installed-path-4.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e600d2b5c449481e51c7dad5df3a84e74835235f55f71af28ae99c8b6d49d20829f5a400f0bbaede556b6db8fcc95ab5c30d3d8c7ceeae01a2882ce15f8ad98" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-installed-path" + } + ] + }, + { + "type": "library", + "name": "global-modules", + "version": "1.0.0", + "bom-ref": "global-modules@1.0.0", + "author": "Jon Schlinkert", + "description": "The directory used by npm for globally installed npm modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-modules@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-modules.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-modules/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-modules/-/global-modules-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0ace91247f5d46a4e16ec346738f39ade01e146708ce706ef9ecf3efadf87170b15bab4c29b20a4eab1a71b71162086e03b46f7733a5d155b176a0675ebfb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-modules" + } + ] + }, + { + "type": "library", + "name": "global-prefix", + "version": "1.0.2", + "bom-ref": "global-prefix@1.0.2", + "author": "Jon Schlinkert", + "description": "Get the npm global path prefix.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/global-prefix@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/global-prefix.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/global-prefix/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e65b31d4d5031ed4a37e0d1e1e5998bd92aff3f9d5a97e1c9056ccf85ac6710fb4e0a59c585a3d3f93313d9612cd4bf2ce67536c8ec48b1f10e086c42c3ab32a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix" + } + ] + }, + { + "type": "library", + "name": "expand-tilde", + "version": "2.0.2", + "bom-ref": "expand-tilde@2.0.2", + "author": "Jon Schlinkert", + "description": "Bash-like tilde expansion for node.js. Expands a leading tilde in a file path to the user home directory, or `~+` to the cwd.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expand-tilde@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/expand-tilde.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/expand-tilde/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0391267ac1d6eab7e767dcac1d08cf7494678b44916abd2d8ed1b930db66f67e5352fb1853ca28ce9aed443e00a87c5c6565a556e026428da758a7cdf68ca34f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/expand-tilde" + } + ] + }, + { + "type": "library", + "name": "homedir-polyfill", + "version": "1.0.3", + "bom-ref": "homedir-polyfill@1.0.3", + "author": "Brian Woodward", + "description": "Node.js os.homedir polyfill for older versions of node.js.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/homedir-polyfill@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/homedir-polyfill.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/homedir-polyfill/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7929a6584e5b6532b6368bb8834008df367daecc29ec644aa0a5d2d412d492f3ef88eaace184cdd5d8d022aad7cbd939804b5d2cfcbce898d1c2c34cf6d9c370" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/homedir-polyfill" + } + ] + }, + { + "type": "library", + "name": "parse-passwd", + "version": "1.0.0", + "bom-ref": "parse-passwd@1.0.0", + "author": "Brian Woodward", + "description": "Parse a passwd file into a list of users.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-passwd@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/doowb/parse-passwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/doowb/parse-passwd", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/doowb/parse-passwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d58d40fff4145c464aed82b3fab0fd5b275c135f84b8fafa64180a79c001f2d9a85ba505bf435111525ed69fa3471b5386471b6ca91fc086d625efc8784ea6d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/parse-passwd" + } + ] + }, + { + "type": "library", + "name": "is-windows", + "version": "1.0.2", + "bom-ref": "is-windows@1.0.2", + "author": "Jon Schlinkert", + "description": "Returns true if the platform is windows. UMD module, works with node.js, commonjs, browser, AMD, electron, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-windows@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-windows.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-windows/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7972b55089ead9b3e68f25fa7b754723330ba1b73827de22e005a7f87a6adce5392a4ad10bde8e01c4773d127fa46bba9bc4d19c11cff5d917415b13fc239520" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-windows" + } + ] + }, + { + "type": "library", + "name": "resolve-dir", + "version": "1.0.1", + "bom-ref": "resolve-dir@1.0.1", + "author": "Jon Schlinkert", + "description": "Resolve a directory that is either local, global or in the user's home directory.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-dir@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/resolve-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/resolve-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bba24e3102cef3ac5927dd33440a14d05515c2b6eda1ce53076f2b9dc1716f33aa719d629d056e3f36732e78fb60383f6b45336d89e6445f7b547e94cff5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-dir" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "5.0.3", + "bom-ref": "domhandler@5.0.3", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@5.0.3", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "720c25bffd621508859d4f7a5d78113a1f314de7adb272620ec4dced36022c577dfbf58d908a8f4f188cffca5277c548ae15c64dfd4dcb5ab586ab95a83241e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "3.1.0", + "bom-ref": "domutils@3.1.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@3.1.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fbf2e32642d23602180326359e4261f0249d9b2cf0f718c98eed98dafd9661f38c249bee2eb7e2149d47516bcb82197f3c0e2571d63e8545ed577f11208c464" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "2.0.0", + "bom-ref": "dom-serializer@2.0.0", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-serializer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-serializer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c08900af28aab7f9d5e4440aa90a68dd24e848e57d2740e76c9ab02bb5affd3adcf76cc801867816532ef893c55b50df185b7cd594c21a00c469b7df5de2f226" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "4.5.0", + "bom-ref": "entities@4.5.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease & speed", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@4.5.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5748631f87463e1f40a39a74328458e8156ab700a3873eaf2392d3f00279e47fb883dff8bdb1f1d48e787d2d17b9c94b8431c0acf40288c8c3c6368bf1f3f187" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "https", + "version": "1.0.0", + "bom-ref": "https@1.0.0", + "author": "hardus van der berg", + "description": "https mediation", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/https@1.0.0", + "externalReferences": [ + { + "url": "https://registry.npmjs.org/https/-/https-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e040b9edd757ae4685d31f373a3f2c33a48b4070165f0f744a4aaed8ce0011610d677174d9d14913f180440f2280eefdb5c818a86ac3eda7b87f92f7ba6da582" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/https" + } + ] + }, + { + "type": "library", + "name": "inquirer-file-tree-selection-prompt", + "version": "2.0.2", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2", + "author": "anc95", + "description": "inquerer file tree selection prompt", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inquirer-file-tree-selection-prompt@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/anc95/inquirer-file-tree-selection.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anc95/inquirer-file-tree-selection/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer-file-tree-selection-prompt/-/inquirer-file-tree-selection-prompt-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae56d0ec1ca4819fdf9aded259cdac681072b8cb10ad487e8aa9f2e1a32868bab6e426354ed643a7171a3bea0407335e5410fbe7d7789936884877e74a75414b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt" + } + ] + }, + { + "type": "library", + "name": "cli-cursor", + "version": "3.1.0", + "bom-ref": "cli-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Toggle the CLI cursor", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/cli-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/cli-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "23fcc7030b0a7fd16a1a85cce16591002a1bf7e48dba465377de03585e7b138b68a2e46e95b0b171487a44a5043909584c7267ce43ccc92bcf35a6922cd7cb67" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-cursor" + } + ] + }, + { + "type": "library", + "name": "restore-cursor", + "version": "3.1.0", + "bom-ref": "restore-cursor@3.1.0", + "author": "Sindre Sorhus", + "description": "Gracefully restore the CLI cursor on exit", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/restore-cursor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/restore-cursor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/restore-cursor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97eb1279fcc7a63e6a8a6845484e5af27b9f65800cdec05254c00fb589260bee041f66a7486684317483d22cd141bbbd9dfc90f72e49ad59a9ec4f2866b523bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/restore-cursor" + } + ] + }, + { + "type": "library", + "name": "onetime", + "version": "5.1.2", + "bom-ref": "onetime@5.1.2", + "author": "Sindre Sorhus", + "description": "Ensure a function is only called once", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/onetime@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/onetime.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/onetime#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/onetime/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91ba5a4921894d674063928f55e30e2974ab3edafc0bc0bbc287496dcb1de758d19e60fe199bbc63456853a0e6e59e2f5abd0883fd4d2ae59129fee3e5a6984a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/onetime" + } + ] + }, + { + "type": "library", + "name": "mimic-fn", + "version": "2.1.0", + "bom-ref": "mimic-fn@2.1.0", + "author": "Sindre Sorhus", + "description": "Make a function mimic another one", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-fn@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-fn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-fn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3aa6ce939a0441e019f165d6c9d96ef47263cfd59574422f6a63027179aea946234e49c7fecaac5af850def830285451d47a63bcd04a437ee76c9818cc6a8672" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-fn" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "3.0.7", + "bom-ref": "signal-exit@3.0.7", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@3.0.7", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c270f6644fa5f923c2feea12d2f5de13d2f5fb4c2e68ca8a95fcfd00c528dfc26cc8b48159215c1d1d51ae2eb62d9735daf2ebd606f78e5ee2c10860c2901b19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "figures", + "version": "3.2.0", + "bom-ref": "figures@3.2.0", + "author": "Sindre Sorhus", + "description": "Unicode symbols with Windows CMD fallbacks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/figures@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/figures.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/figures#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/figures/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c9a76e40544a2d760e1a0127e8065abbdd23de08123b28aa5d4d05f4965f79762135af899385feb38e40db38398e7b3cec60056b7e01066da45f0e17a4d71b76" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures" + } + ] + }, + { + "type": "library", + "name": "inquirer", + "version": "8.0.0", + "bom-ref": "inquirer@8.0.0", + "author": "Simon Boudrias", + "description": "A collection of common interactive command line user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/inquirer@8.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inquirer/-/inquirer-8.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38df291093cf09dca3c63f9cc6c6117ba5df0897a94f100d74d9d379bb13b90817a51c994514fdb78749c2346e6e09af9f6d022d2127a334546b25f233d5535c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "3.0.0", + "bom-ref": "cli-width@3.0.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "171aa990f3f0bb51e3b8df773a67e6e21f2e21a9d7a1f5b44715445b793944ac7e9892584ad873361a77d8acf1c72dd800467f0dcfc458dd6f651634fa43a16f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cli-width" + } + ] + }, + { + "type": "library", + "name": "external-editor", + "version": "3.1.0", + "bom-ref": "external-editor@3.1.0", + "author": "Kevin Gravier", + "description": "Edit a string with the users preferred text editor using $VISUAL or $ENVIRONMENT", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/external-editor@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mrkmg/node-external-editor.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mrkmg/node-external-editor/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84c438097d69d62ce6b8b63266a2cc3bfa86370d74c12bfd40308f7f35dfc85ace682492a117ea13529fd6ce5a9fae89e49642eb635ec06fa62b8f63382b507b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor" + } + ] + }, + { + "type": "library", + "name": "chardet", + "version": "0.7.0", + "bom-ref": "chardet@0.7.0", + "author": "Dmitry Shirokov", + "description": "Character detector", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chardet@0.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/runk/node-chardet.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/runk/node-chardet", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/runk/node-chardet/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "993f220dcae1d37a83191466a00da1981267c69965311fb4ff4aa5ce3a99112e8d762583719902340938acf159f50f39af6eee9e488d360f193a2c195c11f070" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chardet" + } + ] + }, + { + "type": "library", + "name": "os-tmpdir", + "version": "1.0.2", + "bom-ref": "os-tmpdir@1.0.2", + "author": "Sindre Sorhus", + "description": "Node.js os.tmpdir() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/os-tmpdir@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/os-tmpdir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/os-tmpdir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f6151d37562afb148bb8e57058db49936fefd9496074d2c8d4f637505edf37803ac8e19b73e45b3bff2cbbe20d8de52550638c58d6a0ebe2b35d770611557d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/os-tmpdir" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "0.0.8", + "bom-ref": "mute-stream@0.0.8", + "author": "Isaac Z. Schlueter", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@0.0.8", + "externalReferences": [ + { + "url": "git://github.com/isaacs/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e76d658e9285b252c4e32ab8600f475ccf6da67644a7a58a9b123226da787086ec654a4a72c09981a3c87466a25d929ef799bf744acb0790de2bb1168101f00" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mute-stream" + } + ] + }, + { + "type": "library", + "name": "run-async", + "version": "2.4.1", + "bom-ref": "run-async@2.4.1", + "author": "Simon Boudrias", + "description": "Utility method to run function either synchronously or asynchronously using the common `this.async()` style.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-async@2.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/run-async.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/run-async#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/run-async/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-async/-/run-async-2.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6f56756fd356fc73546b03a129ec9912b63f391aebff62b31cc2a6109f08ec012d9c4e698f181063023a425bb46b4a874d4a8136fea83d3b86dc78dbd4b8381" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-async" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "6.6.7", + "bom-ref": "rxjs@6.6.7", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@6.6.7", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "853770afeef260d213e67e00318a7ce4a03acb0d956b414b6b7460baf6e96b85b7239c729da059a38d5c3375ccfb843a7d1323dec058211d5502664c5d826f45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs" + } + ] + }, + { + "type": "library", + "name": "through", + "version": "2.3.8", + "bom-ref": "through@2.3.8", + "author": "Dominic Tarr", + "description": "simplified stream construction", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/through@2.3.8", + "externalReferences": [ + { + "url": "git+https://github.com/dominictarr/through.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dominictarr/through", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dominictarr/through/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/through/-/through-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3cf6a83b3c8f3001dbd7eb46cc0cff9b1680f90ef866f682e1785a793b86b6405d1c4811ac057e2a66669d3ccbd5aa52c9041722f96a8618e00fbdc0de35256" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/through" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "29.7.0", + "bom-ref": "jest-mock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@29.7.0#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21338c667f949184b864587cdf16003b3592b65a0dcc914edacf035ab138961b460fe028ae09db92228445ee3041507274818fc74e7d83aae25b906da7a2e59f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-report", + "group": "@types", + "version": "3.0.3", + "bom-ref": "@types/istanbul-lib-report@3.0.3", + "description": "TypeScript definitions for istanbul-lib-report", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/istanbul-lib-report@3.0.3#types/istanbul-lib-report", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/istanbul-lib-report", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/istanbul-lib-report", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3509fb00742793f4522cec6b05b1b224cfda550fa98e3e470a06ac1717342bf2a1a004df43fe3b032525d79236c815298a18e66acf9af952413aa79cac51feb8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/istanbul-lib-report" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "group": "@types", + "version": "21.0.3", + "bom-ref": "@types/yargs-parser@21.0.3", + "description": "TypeScript definitions for yargs-parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/yargs-parser@21.0.3#types/yargs-parser", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/yargs-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/yargs-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-21.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "238abd414f4c42fe2810ecf8b401c9b4dcf5730b8bc67d85df171cda257959da8b3e95278f7d1a52ec6dd660316131bea1ef0264c57ffbaad4e12e20443ceab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "29.7.0", + "bom-ref": "jest@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@29.7.0#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348cb7a00169f6c85d6b5f61cb81cad0745358ab4f26619d9efcb0bb4d673aa342daf660f99f9fbc90f1a4c400f3c79bd88f4471a7dc763620b03b619d84ef1b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/core@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@29.7.0#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fb69e5d628c9c6b43038f32f132d624f2662e6999eb8d827a8efc718584a620fb1730e098d0d5fc6095468acf0017572c967ff70cf38190251e35e3c431c6b2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/console@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@29.7.0#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e4d8b8094ed71d08b7d88277f7c1043f846b07c795d3db173f644ea83e1b92c1eb9d3ade7b9d8fb31bd7f2da4bf0bbd3677a45cd7c8f6cd411792378d420213a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/reporters@29.7.0", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@29.7.0#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c0a6ad0a25b24e1330056231c00cd371004dca6e1c50075cb92a995be566aac3acd56ee59ab529cc8c4e60b3c1548043e636c9d90373425a5f4d1b489ad383e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-result@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@29.7.0#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15dc7eb6feb1d7396424f7165e6303006d87067691f573d277968359056c7eb6662d54f7954d5cc32c4b81199747dcabab8341a049bd04cb1f805cd34006c960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/transform@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@29.7.0#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24fc14cf17314a54cc0ee5e38746bbe70551dd472f48aecad6d46a4c690f4c0a78a534b5d02a6017f2cd585c315a6a2f7126969cdb24b357461e451102af657" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "fs.realpath", + "version": "1.0.0", + "bom-ref": "fs.realpath@1.0.0", + "author": "Isaac Z. Schlueter", + "description": "Use node's fs.realpath, but fall back to the JS implementation if the native one fails", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs.realpath@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/fs.realpath.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/fs.realpath/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38ed291f694ae9ad2166701d6aee48b731cf23aa5496f23b8cc567c54411b70e28c05db093c94e49a6ed1830933f81a0ae0d8c6c69d63bd5fc2b5b78f9f18c0f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fs.realpath" + } + ] + }, + { + "type": "library", + "name": "inflight", + "version": "1.0.6", + "bom-ref": "inflight@1.0.6", + "author": "Isaac Z. Schlueter", + "description": "Add callbacks to requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/inflight@1.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/npm/inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/inflight", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "93dd88fdbd3cab8c2f16c71708bbea7ec1c2ae3ac5ef2897b10b8856f544ecdf365b7f9aaa9cee51d05b7e159ccbf159477ff82207e532028b3acbcf0eb18224" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inflight" + } + ] + }, + { + "type": "library", + "name": "path-is-absolute", + "version": "1.0.1", + "bom-ref": "path-is-absolute@1.0.1", + "author": "Sindre Sorhus", + "description": "Node.js 0.12 path.isAbsolute() ponyfill", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-is-absolute@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-is-absolute.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-is-absolute/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0156f0dd42767bd6eaeb8bd2692f409b47e37b53daf296c6a934ec9977da2223299ebe4394385f24eb8b8fd49ff7964f5430147ab0df124f3c30f98f7bb50242" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-is-absolute" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "6.0.2", + "bom-ref": "istanbul-lib-instrument@6.0.2", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@6.0.2#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-6.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5652c67d475940d07b414a8853926dfd5933e534a489e62164ed4c2a5e404ba07413fa17ea3ec7ec4c356e65d286681c27edd8a7f5b4bb4ac9e802bf78de1bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "make-dir", + "version": "4.0.0", + "bom-ref": "make-dir@4.0.0", + "author": "Sindre Sorhus", + "description": "Make a directory and its parents if needed - Think `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/make-dir@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/make-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/make-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/make-dir/-/make-dir-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8577544d960854eb75131fff8c0422fb04d9669529c018ffd10b0ecea7a06f7ac630c78989212ee712c79d87c1ad1578447dbe38248e3bde48b3fef1d562786f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/make-dir" + } + ] + }, + { + "type": "library", + "name": "source-map", + "version": "0.6.1", + "bom-ref": "source-map@0.6.1", + "author": "Nick Fitzgerald", + "description": "Generates and consumes source maps", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/source-map@0.6.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/mozilla/source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mozilla/source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mozilla/source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "52381aa6e99695b3219018334fb624739617513e3a17488abbc4865ead1b7303f9773fe1d0f963e9e9c9aa3cf565bab697959aa989eb55bc16396332177178ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/source-map" + } + ] + }, + { + "type": "library", + "name": "html-escaper", + "version": "2.0.2", + "bom-ref": "html-escaper@2.0.2", + "author": "Andrea Giammarchi", + "description": "fast and safe way to escape and unescape &<>'\" chars", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/html-escaper@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/WebReflection/html-escaper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/WebReflection/html-escaper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f688cb5dd08e0cb7979889aa517480e3a7e5f37a55d0d2d144e094bb605c057af5d73263a9f66c8dad4bc28340fac2cf22aa444f05f28781bc228354a694b7e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/html-escaper" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "29.7.0", + "bom-ref": "jest-worker@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@29.7.0#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "788cf69ac2ff1332fd5054c5171ee305391e65f92ed32500c99659989f771f64d8122ae8231d8f42311773062d625f335c2c5bf8f02603684b22dffa64490f1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "char-regex", + "version": "1.0.2", + "bom-ref": "char-regex@1.0.2", + "author": "Richie Bendall", + "description": "A regex to match any full character, considering weird character ranges.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/char-regex@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/Richienb/char-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Richienb/char-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Richienb/char-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "916597cedbd9e5205057e79180a15e87cab9b0bb99636fbc5942339715954e0fa81b0635e2aca5c7529b2b31ddf0fe99624020d31c880d4f4930787224c6758f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/char-regex" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "2.0.0", + "bom-ref": "convert-source-map@2.0.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afa78e7d1eb576144275080b22d4abbe318de46ac1f5f53172913cf6c5698c7aae9b936354dd75ef7c9f90eb59b4c64b56c2dfb51d261fdc966c4e6b3769126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "29.7.0", + "bom-ref": "jest-changed-files@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@29.7.0#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c402b162c1fd41a50fb86d74a9adc0dcdffc781d2ccbe1a976b68cf05690c5a6cc402e32d87728882b87b9573eba1902486d727cdbedf93edcaca1fa6d357db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "get-stream", + "version": "6.0.1", + "bom-ref": "get-stream@6.0.1", + "author": "Sindre Sorhus", + "description": "Get a stream as a string, buffer, or array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stream@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b6ce968beda3de3423aa2ef4c3902537c0c59e44b00be32a9b113374400b076a976585775ff6f50937e03cb18934c7805b174f7d4f053b59acdcd51f68708f62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stream" + } + ] + }, + { + "type": "library", + "name": "human-signals", + "version": "2.1.0", + "bom-ref": "human-signals@2.1.0", + "author": "ehmicky", + "description": "Human-friendly process signals", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/human-signals@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/ehmicky/human-signals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://git.io/JeluP", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ehmicky/human-signals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07814567aabf4f68e1864b2091b116dc706f5887c35bce6c9e44206b0b74ed2ec9e505d393a064355fb4c80799acce50a4c01d625a1c1a89639f4b09fd642417" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/human-signals" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "4.0.1", + "bom-ref": "npm-run-path@4.0.1", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b8f16cd95bbefbce1348ae7ee0c4e94848d02a8bd642fee4059d175b7881e1661080e94aa990e4fc4f51bb06f7dd80fe04afc805e2c51b692d22ed0bc87c25b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "strip-final-newline", + "version": "2.0.0", + "bom-ref": "strip-final-newline@2.0.0", + "author": "Sindre Sorhus", + "description": "Strip the final newline character from a string/buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-final-newline@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-final-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-final-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06ba6f7cd004ddd72fabb965df156e9b38ca8d9439b48d6c11420aaf752892cd17525e394addc595ab55a9e7fda6b9388d10f3856e96660fb76e4f77cbaa4b8c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/strip-final-newline" + } + ] + }, + { + "type": "library", + "name": "yocto-queue", + "version": "0.1.0", + "bom-ref": "yocto-queue@0.1.0", + "author": "Sindre Sorhus", + "description": "Tiny queue data structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yocto-queue@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yocto-queue.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yocto-queue/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ad592cbec9cd09d27fa2119ceb180fc3237c7a1782c6c88b33c9b1b84fedfe6395a897b03ee3b59a22e94c74224604ca08b7b12f831e00555a82db3b1e6359d9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yocto-queue" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "29.7.0", + "bom-ref": "jest-config@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@29.7.0#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b976e97de43b47a4d906a237fd3c42538ab8b6d937bb43c9782f84d336df4a84a3aba6c9edbb813f1cd03cbd227eb918e0336ee0951d9342269415188bce3479" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/test-sequencer@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@29.7.0#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "190c09e56655aca9ce26e898880179d94354257813671d4d1e3152101d2a10c99264a02474ca08cf0fc28fac7a345e00bd5db7014a83a45cd090dfde602613c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "29.7.0", + "bom-ref": "jest-haste-map@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@29.7.0#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7cff2eda9c9fab1d0ad6b1a7d51f69c84d3f2939fe1bb3f192d5a274e053a853cb617d1bf64b1a3059212b9beb4b70d5ba7d3da5c90b765c7dd10b61956ec098" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "29.7.0", + "bom-ref": "babel-jest@29.7.0", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@29.7.0#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06bbc6637c594b011c0b32af2ac0a2d86807a83aac62438fe3f6f2e710a023019743120487ef1ec37826ac4d72ed7451e8b1d9223eb22d89d48bf9a6d8a5ca06" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "29.7.0", + "bom-ref": "jest-circus@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@29.7.0#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc4d6708c822a5c4e40a8705c0cf745d741a6fd6d2f8632c8dda663eb95e95ac700fddc077c8951235ffbef1cf74b3e715ff8be34bbee7e8aeb51740d4df66cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/environment@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@29.7.0#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "69021f1c3ab7dc4c6c3788cfd4d5865e1c6043fc22c6ceb480388a3be5d531df0c9f43563d681cdf86500d36f68ca694590eccbb0a22b5702c3765d55cd32903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/expect@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@29.7.0#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2e31e00cc9cb6da6f6b73f59411c1f157224bd5745c0af71b298fa62a5dc905db05cba190b40e49ef04fe9f7647201d4e84ba643d6d1645fe0a486810213475" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "29.7.0", + "bom-ref": "jest-snapshot@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@29.7.0#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "466d01316b7105c8a81ebd7f397e5808ff14a2fe2b887bca3e49ce1acf34e1983d2466609880646ed971242ffb6789ac29855b209b5f53eb4a6fcc6560d7dd93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "1.5.3", + "bom-ref": "dedent@1.5.3", + "author": "Desmond Brand", + "description": "A string tag that strips indentation from multi-line strings. ⬅️", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@1.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-1.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34742d7ce396ebc583f25832a5b2c0e684fe06dd315c986262fa11e929a635765fa733865f074a5a67301bc37b3f0555595dde17febc9e60fd05a252b13061c9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "29.7.0", + "bom-ref": "jest-each@29.7.0", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@29.7.0#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "827b3e12bd78f99ac4a02e5f84e7d8098d4b3871ebd1323ead0507652f13b70da5ee097ef3478773f8057f62ad930d3e4880020d3796be915cbf7074e157a66d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "29.7.0", + "bom-ref": "jest-runtime@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@29.7.0#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8149cb8e0c1d1aa5bb0782ef38891b2acf5619b9fe40ba91410f63b82e879dd78389ecc8c210cffa684cc0758211c7d0e515176ba38f9c517c049879c5e830c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "pure-rand", + "version": "6.1.0", + "bom-ref": "pure-rand@6.1.0", + "author": "Nicolas DUBIEN", + "description": " Pure random number generator written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pure-rand@6.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/dubzzz/pure-rand.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dubzzz/pure-rand/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d559ac2fa19a01629a7ac88a10b505c76639b3df94525479d439379f97c55c8ebf2c9d33d8d709e948f3167a4705c1bc48ea0b664fbad260f16fcfbd6576238" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pure-rand" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "29.7.0", + "bom-ref": "jest-environment-node@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@29.7.0#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ce4b0091a978ab4ceca178cfb87796193ab59c76ed0b359f3b7b0528cb06dc6f65d1e302a0aa21bcbcd798c218c531b1247e3bbbc31d86607d0fda07af1af17" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/fake-timers@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@29.7.0#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ab80c7d476b84d314f7712eca835cad5ddfe8a848bef22f9a023096600d89ba8bee82ca05b9139c55aff0f51ddb06c63b7565649f500b3d3b1481fc135e956ad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "29.6.3", + "bom-ref": "jest-regex-util@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@29.6.3#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "289241b110b2c8b35608d04ebd9c910e70087d489127cbfe84e0506069fc803c85dd47a0c223f8830451dff4836b8da0d586d5c9c4e2754177aca8f22c50d66e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "29.7.0", + "bom-ref": "jest-resolve@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@29.7.0#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20e561652ae0f94bd502c843483b47c8508205497f43700026ff2267a6639d9ef8c73bf0bb32d789df482083e04e763ad922637eeba930a66c65046c0afc4480" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "29.7.0", + "bom-ref": "jest-runner@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@29.7.0#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ec73837a70f0806a1c9b1817d345cab9c0547a7e92f39cc838eec639683a6ca1e8ce7156056f4ec01ee4a747496231c3d3801b00dd924bea414e8cf768362a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "29.7.0", + "bom-ref": "jest-validate@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@29.7.0#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "641ef01ea691195c3ff61493fceb85511786eccf2f29eab4fc9d9e80818b76f8c70a662a180461cd79ad822fa055e679b97145db5f5a39cdcbb36c8b836eed93" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "bser", + "version": "2.1.1", + "bom-ref": "bser@2.1.1", + "author": "Wez Furlong", + "description": "JavaScript implementation of the BSER Binary Serialization", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/bser@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/watchman.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://facebook.github.io/watchman/docs/bser.html", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/watchman/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "810c53344fc601f208ae61cb504de8272a7914ee874417e18e7c38ff032603add91832675819a063f972401a670d490698085b49edfdb71d9dfe24ce01f825c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bser" + } + ] + }, + { + "type": "library", + "name": "node-int64", + "version": "0.4.0", + "bom-ref": "node-int64@0.4.0", + "author": "Robert Kieffer", + "description": "Support for representing 64-bit integers in JavaScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-int64@0.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/broofa/node-int64.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/broofa/node-int64#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/broofa/node-int64/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b9973f75c5239ea173fa0ee9721df965a6af84834d0c5a2b5921bb4f7e8484bea207765e607dc63a858cc35a78f4a83e6dcf9d8f234f2ef6a52f49579405e1f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/node-int64" + } + ] + }, + { + "type": "library", + "name": "makeerror", + "version": "1.0.12", + "bom-ref": "makeerror@1.0.12", + "author": "Naitik Shah", + "description": "A library to make errors.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/makeerror@1.0.12", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-makeerror.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-makeerror/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "266a82bd4866b78de669d9691731b8050cc6d99de6eadbd00cd29d0a56673b755b22e749626c6c4f414d24c7a2076f894d295341349b53c41d7ac566c097262e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/makeerror" + } + ] + }, + { + "type": "library", + "name": "tmpl", + "version": "1.0.5", + "bom-ref": "tmpl@1.0.5", + "author": "Naitik Shah", + "description": "JavaScript micro templates.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/tmpl@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/daaku/nodejs-tmpl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/daaku/nodejs-tmpl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddfd2e384010c08a86b965b6315cd883c7d5fd036773f229b89346f37eeb2ee73301a2d51ec9561d9423e081a2125e47b379246e1c0bf406fb1ebb26ba3f929b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmpl" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "29.7.0", + "bom-ref": "jest-resolve-dependencies@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@29.7.0#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba7d330ffeaac49f92d1eb7b5b1788dc7e5749ef654c1051edb3870875e4291ea5b86e66c030e5233550d15e5c642ba84e011d71dc334e085891359fb9b8be9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "2.0.2", + "bom-ref": "resolve.exports@2.0.2", + "author": "Luke Edwards", + "description": "A tiny (952b), correct, general-purpose, and configurable \"exports\" and \"imports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@2.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5f6516e8dc379ff68c803572fb4ad2aa01e5bf7f56640959ad709d9dbc8488a9b5ec34aa1d7e0c99031a493dc56de591e454ee45c530600ce265a8e38b463b9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.13.1", + "bom-ref": "emittery@0.13.1", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.13.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0de5b06b093aaf9c91f631609c3298b78b0b4b42e61c9262dd93a76f9fc975b6308f79d6f85c509c72238412b3f182c2ee844d3d533d350e3b237095c77e1ea9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "29.7.0", + "bom-ref": "jest-docblock@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@29.7.0#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abad7b02ec3703ad7682ec9a160b1b15e62934fe6dd9aa1434bc0151b73fd240f5478b7d8b10dbc854c77759e89387a9a15169afb3e67961eb86fb95dd7689e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "29.7.0", + "bom-ref": "jest-leak-detector@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@29.7.0#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "91803c20971262d493d8163d23e48c0b7da70e9053dc9d8dbd6271f3e242b82765fc247523810a50944e88ff17b42731aa04d304624d75b07503c5d129b4deb7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "29.7.0", + "bom-ref": "jest-watcher@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@29.7.0#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e3d160ed65e4537565da1e8b6cbb4c43f1f207aad74885fb4aabc12d09acb1104637d2343cdbcf980982592398e923afae3848fc5eff6c602ff51b67b0f034de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "29.7.0", + "bom-ref": "@jest/globals@29.7.0", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@29.7.0#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a98b3dddbad2db916d8c345b9b50650454b9131a2a96eb22d54c0f896cfe9f23a27988bf58d0d960f24f79a5c17c72d2b0092ed6571b5e06cdbd8617c0a2dcd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "29.6.3", + "bom-ref": "@jest/source-map@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@29.6.3#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3078d3f7942e8a970fae92ccfbc24c4b3171e9e1e9e419bee177850c9970b2f5418e628d88802f6ac18ad9fc73d966c64659efa9e8456e1d3b30c6bb9f76099f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-jsx", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/plugin-syntax-jsx@7.24.1", + "author": "The Babel Team", + "description": "Allow parsing of jsx", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-jsx@7.24.1#packages/babel-plugin-syntax-jsx", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-jsx", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-jsx", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9e0adc595dffa46e4308b174b8a684ef4f862ee6b5e245afbdc46553e7aada8218e605328ca4535cf51e080e20787a66a8f5e3b6d8ec7b0b1b891bb060131a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-jsx" + } + ] + }, + { + "type": "library", + "name": "helper-plugin-utils", + "group": "@babel", + "version": "7.24.0", + "bom-ref": "@babel/helper-plugin-utils@7.24.0", + "author": "The Babel Team", + "description": "General utilities for plugins to use", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-plugin-utils@7.24.0#packages/babel-helper-plugin-utils", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-plugin-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-plugin-utils", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.24.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5c5339d7306d3e17146e25fbcbf364254ea2338555bdb0bd0a8cc3c784038ebe94062fc42d7719c12882e306ac651f2962cf4c826b51bdd3765723f16e1f2db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-plugin-utils" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-async-generators", + "group": "@babel", + "version": "7.8.4", + "bom-ref": "@babel/plugin-syntax-async-generators@7.8.4", + "description": "Allow parsing of async generator functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-async-generators@7.8.4#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b727266719067d96b184c45b5e53d7b95169756957a62af65b800c85226044ace4fde0e52173a16f62c75a82e90c5ed3107ca5579ccd872917e8a0201c999337" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-async-generators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-bigint", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-bigint@7.8.3", + "description": "Allow parsing of BigInt literals", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-bigint@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c274e71651be631426def0f1a46139ecf8f4b2b454e2c1c4fe60e4b75aafd9824949e50079cda66b858b52750f78a8f2adf9ed5707bf37a7425e953eccbdcda6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-bigint" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-class-properties", + "group": "@babel", + "version": "7.12.13", + "bom-ref": "@babel/plugin-syntax-class-properties@7.12.13", + "description": "Allow parsing of class properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-class-properties@7.12.13#packages/babel-plugin-syntax-class-properties", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-class-properties", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-class-properties", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e6e227632a56b461a85436014d2c2074ab249db283e264fde2404deb932d26054b4c676df20c9f5225d83a7574d20e7ba5395aa21771e0afd9db5ef5d341960" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-class-properties" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-import-meta", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-import-meta@7.10.4", + "description": "Allow parsing of import.meta", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-import-meta@7.10.4#packages/babel-plugin-syntax-import-meta", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-import-meta", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62a7e6f970f1d3e3eb8775527844023d4f35c82f89599da90cf1524b865da5f661a7832414c6830b552ab1ea2f10ac125299c82fbfaf2be0a5a7b6df874883ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-import-meta" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-json-strings", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-json-strings@7.8.3", + "description": "Allow parsing of the U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR in JS strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-json-strings@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ea4746a561ef8e87b6be4e16ac06a912e051ebd10cc5997e46819186b14635854af2638f016f157db4ff660ac56d794336289ac509c0b6054267a8efdf410" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-json-strings" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-logical-assignment-operators", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "description": "Allow parsing of the logical assignment operators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-logical-assignment-operators@7.10.4#packages/babel-plugin-syntax-logical-assignment-operators", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-logical-assignment-operators", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "77cc1a4a19691438a743932dbc653dc4300ecca1f8efe145a277b2d9b68522832bf79da128e2e9d4747b56cce866f3ac57fe3e451b33358ec3d7b6dad2d7b48a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-logical-assignment-operators" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-nullish-coalescing-operator", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "description": "Allow parsing of the nullish-coalescing operator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-nullish-coalescing-operator@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6927dfe333c8235bb6403ef2f85f280eccf5f5ec3820610983d4955be6eac29c2d7c595e8900cc77303f47e525583cdf9c7142c7195e153d0f308ad1dfa5cb35" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-nullish-coalescing-operator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-numeric-separator", + "group": "@babel", + "version": "7.10.4", + "bom-ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "description": "Allow parsing of Decimal, Binary, Hex and Octal literals that contain a Numeric Literal Separator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-numeric-separator@7.10.4#packages/babel-plugin-syntax-numeric-separator", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-numeric-separator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f47e9875f91c2bfb8e9d8fcaeff680db1a73680824427dfbcb35943112bb39a3cea8ea464b5fa7d07e61c53f40530f44b128cf5bc495c8c270611b56b375f7ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-numeric-separator" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-object-rest-spread", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "description": "Allow parsing of object rest/spread", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-object-rest-spread@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e8a8c8a31996fdcb7cb65ec90df8fd70506895c16679266a03470c79fb71a612994dc95336b360e0f082c5426f2b58ce3ca2b1b2e58a48e4197c535cbbc9d94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-object-rest-spread" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-catch-binding", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "description": "Allow parsing of optional catch bindings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-catch-binding@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e953c3d0f7359694eac3468aa1e45332207e916840a13db83c0fa4b16481ac5b65e52211569665c0ddcd34f4237a103613ff75155dd18cb5a855382559c495dd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-catch-binding" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-optional-chaining", + "group": "@babel", + "version": "7.8.3", + "bom-ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "description": "Allow parsing of optional properties", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-optional-chaining@7.8.3#master", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#master", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/babel/babel/tree/master#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a82bd12b1f53019423f15745403645d6dbf770e2f95b183ac5833f1b994b0119890545c6d1c0c87a70826e6dd3eb931470b8676d0a4d2fff03d329b42006392" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-optional-chaining" + } + ] + }, + { + "type": "library", + "name": "plugin-syntax-top-level-await", + "group": "@babel", + "version": "7.14.5", + "bom-ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "author": "The Babel Team", + "description": "Allow parsing of top-level await in modules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/plugin-syntax-top-level-await@7.14.5#packages/babel-plugin-syntax-top-level-await", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-plugin-syntax-top-level-await", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-plugin-syntax-top-level-await", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.14.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "871fbeba92efe54d6b8187f07b5c41414851994e35344be952fae9f2392b48276f1929cce7fa9d44cb72949e8f1b938590168791b4c02939dddff63211244717" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/plugin-syntax-top-level-await" + } + ] + }, + { + "type": "library", + "name": "pkg-dir", + "version": "4.2.0", + "bom-ref": "pkg-dir@4.2.0", + "author": "Sindre Sorhus", + "description": "Find the root directory of a Node.js project or npm package", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pkg-dir@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/pkg-dir.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/pkg-dir/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1d10f36da2a30be00e5955f1014ff1e7808e19e22ff5e6fee82903490a0d4ede17c96a0826fb8fb178b3c6efc5af6dc489e91bb59c2687521c206fe5fdad7419" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir" + } + ] + }, + { + "type": "library", + "name": "resolve-cwd", + "version": "3.0.0", + "bom-ref": "resolve-cwd@3.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from the current working directory", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-cwd@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-cwd.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-cwd/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3ab65a5f631bfab242a47ffa0a94aab7dc4556937efb1d355e737689ef60e8fe7fdf17a52c0917595003a5dcf52070ff2857c45f213a574534d4e43750edab12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "29.7.0", + "bom-ref": "jest-cli@29.7.0", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@29.7.0#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3955686f0d88b9b37f19262cc444e2fa039eeca6b9f4414c47fb70394dc96f61a728a78c189079486514ac4cf7485566240494759533cbcdec2cd350da066c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "create-jest", + "version": "29.7.0", + "bom-ref": "create-jest@29.7.0", + "description": "Create a new Jest project", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-jest@29.7.0#packages/create-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/create-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-jest/-/create-jest-29.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "01dcf66dd1f456adc5e772843093a87ed405bad582ba49ba276e306cf5913b893590c63b812eddb3fba826436e57cc030ad5969eec06709c2959c8a1fb3116d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-jest" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "8.0.1", + "bom-ref": "cliui@8.0.1", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05278d9f2bacef90b8fff350f6042dd7f72c4d7ca8ffc49bf9a7cb024cc0a6d16e32ca1df4716890636e759a62fe8415ef786754afac47ee4f55131df83afb61" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cliui" + } + ] + }, + { + "type": "library", + "name": "get-caller-file", + "version": "2.0.5", + "bom-ref": "get-caller-file@2.0.5", + "author": "Stefan Penner", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/get-caller-file@2.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/stefanpenner/get-caller-file.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/stefanpenner/get-caller-file/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f214fdc133fdd81d340e0942ffc343991d1d25a4a786af1a2d70759ca8d11d9e5b6a1705d57e110143de1e228df801f429a34ac6922e1cc8889fb58d3a87616" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-caller-file" + } + ] + }, + { + "type": "library", + "name": "require-directory", + "version": "2.1.1", + "bom-ref": "require-directory@2.1.1", + "author": "Troy Goode", + "description": "Recursively iterates over specified directory, require()'ing each file, and returning a nested hash structure containing those modules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/require-directory@2.1.1", + "externalReferences": [ + { + "url": "git://github.com/troygoode/node-require-directory.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/troygoode/node-require-directory/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/troygoode/node-require-directory/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c6c4423bfb0b06f71aef763b2b9662f6d8e3134e21d1c0032ba2211e320abc833a0b0bf3d0afb46c4434932d483f6d9019b45f9354890773aff84482abba2f9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/require-directory" + } + ] + }, + { + "type": "library", + "name": "y18n", + "version": "5.0.8", + "bom-ref": "y18n@5.0.8", + "author": "Ben Coe", + "description": "the bare-bones internationalization library used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/y18n@5.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/y18n.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/y18n", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/y18n/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d297c5cde81e0d62472480264cb44fd83c078dd179b3b8e8f6dbb3b5d43102120d09dbd2fb79c620da8f774d00a61a8947fd0b8403544baffeed209bf7c60e7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/y18n" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "2.0.1", + "bom-ref": "argparse@2.0.1", + "description": "CLI arguments parser. Native port of python's argparse.", + "licenses": [ + { + "license": { + "id": "Python-2.0" + } + } + ], + "purl": "pkg:npm/argparse@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f3ef56a9e6db173a57f4e47e59ae8edbd6ac22881e44ccdc1ad00835da4c1c7c80835d1fd3969215505b704a867ff3d7c35123019faadbf6c4060dc3beeacadd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "json-colorizer", + "version": "2.2.2", + "bom-ref": "json-colorizer@2.2.2", + "author": "Joe Attardi", + "description": "A library to format JSON with colors for display in the console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-colorizer@2.2.2", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/joeattardi/json-colorizer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/joeattardi/json-colorizer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-colorizer/-/json-colorizer-2.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7aa19b70575a625eb42744d4ed25ea91bfe07d63f7570182ea04169897f08e71476867180b04b00ef3cf829e46d3e8cc4db3473913d98f0486f6b0570dcf7bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer" + } + ] + }, + { + "type": "library", + "name": "markdown-diff", + "version": "2.0.0", + "bom-ref": "markdown-diff@2.0.0", + "author": "Martijn van Duijneveldt", + "description": "Generate a diff between two markdown files in markdown format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-diff@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/martijnvanduijneveldt/markdown-diff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/martijnvanduijneveldt/markdown-diff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-diff/-/markdown-diff-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "625ac74890b6ac0b1e707082ddce556a178aec6a6dd749040552aa2b9012ead91b4e2fa1bfe9393d73e517e8aa010ff7e9720d36aaab2baf13f6811a66a49174" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff" + } + ] + }, + { + "type": "library", + "name": "marked", + "version": "12.0.2", + "bom-ref": "marked@12.0.2", + "author": "Christopher Jeffrey", + "description": "A markdown parser built for speed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/marked@12.0.2", + "externalReferences": [ + { + "url": "git://github.com/markedjs/marked.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://marked.js.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/markedjs/marked/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a97526edefd8285a2a14f60f6b752483dc6523973202d1a6c8423331f5bffe6ea45f00b2d8fb3d0d87f98a88a314a43cab2bac72b1e8634e2224672dbb62a0d1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/marked" + } + ] + }, + { + "type": "library", + "name": "markdown-table-ts", + "version": "1.0.3", + "bom-ref": "markdown-table-ts@1.0.3", + "author": "Jiri Hajek", + "description": "A zero-dependency library for generating Markdown tables written in TypeScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/markdown-table-ts@1.0.3", + "externalReferences": [ + { + "url": "git+https://gitlab.com/jiri.hajek/markdown-table-ts.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://gitlab.com/jiri.hajek/markdown-table-ts/-/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/markdown-table-ts/-/markdown-table-ts-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "958ae9ec55e606aa661a6b0417dd969d2ba476062f2e6d7914f20e0d93b1f7ede7a1b9312718c161cb33a997f956a4e306d2123d2342ef38d4f68df3c292fa01" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-table-ts" + } + ] + }, + { + "type": "library", + "name": "mocha", + "version": "10.4.0", + "bom-ref": "mocha@10.4.0", + "author": "TJ Holowaychuk", + "description": "simple, flexible, fun test framework", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mocha@10.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/mochajs/mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mochajs.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mochajs/mocha/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mocha/-/mocha-10.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7aa84607c24a6a9118702e32b57ff1af329fa2b8047378f5a469405d5cb7791c2bb40cb9fe721f4f54af806cdf3745d967178bab46905a4394026a88262bfe6c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "browser-stdout", + "version": "1.3.1", + "bom-ref": "browser-stdout@1.3.1", + "author": "kumavis", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/browser-stdout@1.3.1", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kumavis/browser-stdout.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kumavis/browser-stdout/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa1015235f80bf65fba9e94e7c0218c1738da2877a5e5644fdf5da052996fd3e52ccb0260a0ce2f9e89613b7d4bdb1da78d0501f5dd47ed8e95f1b1f2e432983" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/browser-stdout" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fill-range", + "version": "7.0.1", + "bom-ref": "fill-range@7.0.1", + "author": "Jon Schlinkert", + "description": "Fill in a range of numbers or letters, optionally passing an increment or `step` to use, or create a regex-compatible range with `options.toRegex`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fill-range@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/fill-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/fill-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ea3d17e74c5260b62dc6f805b56f9ca2714cf8c29be451a5ee200ee1abce42fb984565fdd8d84aed8e750d8f6b7d36378a2a91283d8abea368b589d94495a5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fill-range" + } + ] + }, + { + "type": "library", + "name": "to-regex-range", + "version": "5.0.1", + "bom-ref": "to-regex-range@5.0.1", + "author": "Jon Schlinkert", + "description": "Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-regex-range@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/micromatch/to-regex-range.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/micromatch/to-regex-range/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb93fb8b3e97e7212bd5cc1c82f4316db230ed493780ecb974876d678ac3bde2ea86b7493fe2e2fc7c7ab722b43446fed860b29de08c2621aaac00c248d93cb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-regex-range" + } + ] + }, + { + "type": "library", + "name": "is-number", + "version": "7.0.0", + "bom-ref": "is-number@7.0.0", + "author": "Jon Schlinkert", + "description": "Returns true if a number or string value is a finite number. Useful for regex matches, parsing, user input, etc.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-number@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/jonschlinkert/is-number.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jonschlinkert/is-number/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e350a27e483a7bc4f2952a5db53a5e2d532abd20445734edb47bc4443ef8d7ea6767c00dbf4d34e0c44be3740a3c394af5c1af369e8d6566540656c65d8c719e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-number" + } + ] + }, + { + "type": "library", + "name": "is-binary-path", + "version": "2.1.0", + "bom-ref": "is-binary-path@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a file path is a binary file", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-binary-path@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-binary-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-binary-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "64c11161eb3aa43c9dcae1a276c7bb3ac1f1b5b23b595794128ce047f83baddd31522998365bd9444fcad8c8194e35b2ef6e487de94b79570433dee69ad4465f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-binary-path" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "09e87eee8c79a9eecb26e2c7a18d1f7a1de91ee5031c071151ec8bd95620859c1fa64348cbffbc39c8346b752e4a86336af9b2970b8b59039fde19748e330c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/binary-extensions" + } + ] + }, + { + "type": "library", + "name": "readdirp", + "version": "3.6.0", + "bom-ref": "readdirp@3.6.0", + "author": "Thorsten Lorenz", + "description": "Recursive version of fs.readdir with streaming API.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readdirp@3.6.0", + "externalReferences": [ + { + "url": "git://github.com/paulmillr/readdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/paulmillr/readdirp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/paulmillr/readdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e4b4f3da27f1176ea9d6e1bd0e59dfb0341128ecab3eaa9d171f7ec314df8f7916e4dda929beedb849dbd26f20eb010c41276a7e433eef6ddd3a3d55194ccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/readdirp" + } + ] + }, + { + "type": "library", + "name": "wrappy", + "version": "1.0.2", + "bom-ref": "wrappy@1.0.2", + "author": "Isaac Z. Schlueter", + "description": "Callback wrapping utility", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/wrappy@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/wrappy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/wrappy", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/wrappy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9784a9fc346c7a8afdc0be84bd5dbe4ee427eb774c90f8d9feca7d5e48214c46d5f4a94f4b5c54b19deeeff2103b8c31b5c141e1b82940f45c477402bdeccf71" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/wrappy" + } + ] + }, + { + "type": "library", + "name": "is-unicode-supported", + "version": "0.1.0", + "bom-ref": "is-unicode-supported@0.1.0", + "author": "Sindre Sorhus", + "description": "Detect whether the terminal supports Unicode", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-unicode-supported@0.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-unicode-supported.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-unicode-supported/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "927c46daae140b7bbcb2d446c8054908e771166bf90d989171d94868041701b49f2726be3a1a29368b4b42bb2d061aaeaaee19a6e29b0dcffc4ba9a05e03c53f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-unicode-supported" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "serialize-javascript", + "version": "6.0.0", + "bom-ref": "serialize-javascript@6.0.0", + "author": "Eric Ferraiuolo", + "description": "Serialize JavaScript to a superset of JSON that includes regular expressions and functions.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/serialize-javascript@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yahoo/serialize-javascript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yahoo/serialize-javascript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "42bdd3a2cbe0b85b7c78f5aab2f45facac905c8896fa719b629cbc5cadb83501c4f3771ac56b7e988ca64d3d7d0c615b35634b7c4c2cae44a637ae2555607d6a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/serialize-javascript" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "randombytes", + "version": "2.1.0", + "bom-ref": "randombytes@2.1.0", + "description": "random bytes from browserify stand alone", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/randombytes@2.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/crypto-browserify/randombytes.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/crypto-browserify/randombytes/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bd897788e5fee022945aec468bd5248627ba7eca97a92f4513665a89ce2d3450f637641069738c15bb8a2b84260c70b424ee81d59a78d49d0ba53d2847af1a99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/randombytes" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "workerpool", + "version": "6.2.1", + "bom-ref": "workerpool@6.2.1", + "author": "Jos de Jong", + "description": "Offload tasks to a pool of workers on node.js and in the browser", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/workerpool@6.2.1", + "externalReferences": [ + { + "url": "git://github.com/josdejong/workerpool.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/josdejong/workerpool", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/josdejong/workerpool/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/workerpool/-/workerpool-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b10813dee40d9bc5f566fd7fa8796972b8b304a528651c3841a22186f638ebbf22b0d4f62c23d1f0fffd2b00e84e626f0271a44be1ba59496384a5e0672903" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/workerpool" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "20.2.4", + "bom-ref": "yargs-parser@20.2.4", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@20.2.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e92980d84f4e513bde1e1514016c3a7a262556a8bcef15a8b0f3cb9b1a0a1441150141a0c622ae8c325be43d1c1e07145e19ed5653886de24b3249036f7244" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs-unparser", + "version": "2.0.0", + "bom-ref": "yargs-unparser@2.0.0", + "author": "André Cruz", + "description": "Converts back a yargs argv object to its original array form", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs-unparser@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-unparser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-unparser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ee9453200f5073571a6746d9e9161119b1c9b61256b9a91ff969872b4ad578b90daeb1a17e869b04d76e7ba91d20d23aaf889fee872af5a0ff9fbc7028e77338" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decamelize", + "version": "4.0.0", + "bom-ref": "decamelize@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert a camelized string into a lowercased one with a custom separator: unicornRainbow → unicorn_rainbow", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decamelize@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decamelize.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decamelize/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decamelize/-/decamelize-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f621353e04a293d1de208c3624ef78222767137781a10ac5277c3bb05bb3497e03a66677bf9b19a54895e52c1c7fa990105f98d2bbbc35ea3ea7e9f287627e85" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decamelize" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "2.1.0", + "bom-ref": "is-plain-obj@2.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6169dfc91c312fff92b2b5987cea54b73e5bdd80fe9f27e41ef8db71a9f393cce0c8ee00483ebbb95311b7c9396cce252cc0e75dfae24613a97a6c3e35f4f578" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mock-fs", + "version": "5.2.0", + "bom-ref": "mock-fs@5.2.0", + "author": "Tim Schaub", + "description": "A configurable mock file system. You know, for testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mock-fs@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/tschaub/mock-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tschaub/mock-fs", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tschaub/mock-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mock-fs/-/mock-fs-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9d17647a60c4996e98a9d55d561ca18b363aff938f2e40296a3156f91f730ebf073daa1622b37fc859b8f4daa220fd8f0c0d7285178739bf4af1c76a3ac5367" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mock-fs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "objects-to-csv", + "version": "1.3.6", + "bom-ref": "objects-to-csv@1.3.6", + "author": "Anton Ivanov", + "description": "Converts an array of objects into a CSV file. Saves CSV to disk or returns as string.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/objects-to-csv@1.3.6", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/objects-to-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/anton-bot/objects-to-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/objects-to-csv/-/objects-to-csv-1.3.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfcdde4a94b786680292c5bce4a22a06d71b8125b90c356c0a6ccba0ce82deae32cce5f6ae6b56c45e296cb27be9fcfeb9f03ee3f4b0013e1075a63a2145a602" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/objects-to-csv" + } + ] + }, + { + "type": "library", + "name": "async-csv", + "version": "2.1.3", + "bom-ref": "async-csv@2.1.3", + "author": "Anton Ivanov", + "description": "ES7 async-await wrapper for the csv package.", + "licenses": [ + { + "license": { + "id": "Unlicense" + } + } + ], + "purl": "pkg:npm/async-csv@2.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/anton-bot/async-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/catcher-in-the-try/async-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-csv/-/async-csv-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a9b0237e0fb9b365eaab943c3b5133e1bc3403971d62f35f44f5f6ca22df1dae48040f91523a506fdd193ffac5dd7af9cedb0c2546454e43891d4f4032a8fa9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-csv" + } + ] + }, + { + "type": "library", + "name": "csv", + "version": "5.5.3", + "bom-ref": "csv@5.5.3", + "author": "David Worms", + "description": "A mature CSV toolset with simple api, full of options and tested against large datasets.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv@5.5.3", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-csv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv/-/csv-5.5.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "413698d178e385340e760b80445d2518a9b9fe612af4f0fdfd585965e8070c806adad43080da47737767783e261a8da226cf9f4cabf9069d1f67e051b98dd9d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv" + } + ] + }, + { + "type": "library", + "name": "csv-generate", + "version": "3.4.3", + "bom-ref": "csv-generate@3.4.3", + "author": "David Worms", + "description": "CSV and object generation implementing the Node.js `stream.Readable` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-generate@3.4.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-generate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/generate/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-generate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-generate/-/csv-generate-3.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3f4feaea474bf0bc7a96b3fd59c8c0d6b471d225a374ea4951a895c11290c968cffe75992ca3438a87555cbae62f2b75cce772b2b1536af0aa3f7a908af303b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-generate" + } + ] + }, + { + "type": "library", + "name": "csv-stringify", + "version": "5.6.5", + "bom-ref": "csv-stringify@5.6.5", + "author": "David Worms", + "description": "CSV stringifier implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/csv-stringify@5.6.5", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-csv-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/stringify/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-csv-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e3890eb9f5a43e7d44d0a92addd571039ceaf9da3877d1106eadfce4b1c684dad3da16c0c7e703801c98b0f17007a614649c2c0c504f4a45ac9ce0afcd6cef0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/csv-stringify" + } + ] + }, + { + "type": "library", + "name": "stream-transform", + "version": "2.1.3", + "bom-ref": "stream-transform@2.1.3", + "author": "David Worms", + "description": "Object transformations implementing the Node.js `stream.Transform` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stream-transform@2.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/adaltas/node-stream-transform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://csv.js.org/transform/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-stream-transform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stream-transform/-/stream-transform-2.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f461d488ce613220a2e98d378c3d80442d5eb6d0579100684007bb9c9b0f9279c8d28c35d1a5e34e77b0f10b584262e3ce7f7be019e658400980263a64fd4379" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stream-transform" + } + ] + }, + { + "type": "library", + "name": "mixme", + "version": "0.5.10", + "bom-ref": "mixme@0.5.10", + "author": "David Worms", + "description": "A library for recursively merging JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mixme@0.5.10", + "externalReferences": [ + { + "url": "git+https://github.com/adaltas/node-mixme.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/adaltas/node-mixme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/adaltas/node-mixme/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mixme/-/mixme-0.5.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e47efa00d5a29c1d47dedc2927a258f2ebc0b69985bc7340ae98a52408d744a5d20c32cf20ca1902bc39487d2af73fa52ecf08accc3b436556a568a614a153d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mixme" + } + ] + }, + { + "type": "library", + "name": "oclif", + "version": "4.13.0", + "bom-ref": "oclif@4.13.0", + "author": "Salesforce", + "description": "oclif: create your own CLI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/oclif@4.13.0", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/oclif.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/oclif", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/oclif/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/oclif/-/oclif-4.13.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c12b4e4be3963c2c513ca2bc87a037648009aeed940377b6f568d791ad2085e0fd64a60375495d8e3b6df2d2930dfac3ac64009d17f06de32f4baea28620726d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-cloudfront", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Cloudfront Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-cloudfront@3.575.0#clients/client-cloudfront", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-cloudfront", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-cloudfront", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-cloudfront/-/client-cloudfront-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a3a39ffdc9954b510287ef7fc531f8267a2b003663279a9c563b7b40ef5cad4106549b9183585e20e327c7a14d6745e453c284854a1c3b32f69d641a6e08693" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "xml-builder", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/xml-builder@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "XML builder for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/xml-builder@3.575.0#packages/xml-builder", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/xml-builder", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/xml-builder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "716800c266c560d085ccfc312fbd39fa55a9b3417766f39c92e7ddd8a2a8119526b69570f7fb7151736b3f24945d29914d2461a1ab4830004d7d2b56474e376d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/xml-builder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-waiter", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/util-waiter@3.0.0", + "author": "AWS SDK for JavaScript Team", + "description": "Shared utilities for client waiters for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/util-waiter@3.0.0#packages/util-waiter", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/util-waiter", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/util-waiter", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/util-waiter/-/util-waiter-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f9f1172711832c2a2a44a5529a8d1ab86c5aa9b882a3ef28a61fb86ae79f62368dc6338b2926363315507d1ce8eb93da66fe1fafee655a0f9abbbbd2b8927fcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/util-waiter" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-s3", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript S3 Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-s3@3.583.0#clients/client-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a52ef09dcba04ae210f1182d44813d0f2b2d76677798c9e37e388ed62035521197932020a09cd0e231f4afee57f9e5a660761071fcbd7d44174f682a577b7d18" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sha1-browser", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/sha1-browser@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/sha1-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/sha1-browser/-/sha1-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "349b61e5cf7dec62c7b3a9ce613cc52936d874c340ebfd5794a5609d9a1a65c43bcfb50994e823d8975b1c4f2d8982d2ddfcd734282e72defb48f19ab76ada4b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/region-config-resolver@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.577.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e0284214008dc33ab1ff18e0df3805716f00962e91f42f797051022964ffec250cd43d0c1af91c9521f670b6ab9870a626053aa272a426ba05b56a74907860ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-user-agent-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.577.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eabed1636d232dc9c653595c037bc0d15a8beea0c6c0e789e1528670554eab5bd3920fa359586479d7605418715a5b35b45a0f3ef838f5d05aca4c6d97b6a7c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-env@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.577.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "271bb6e798f4813a0c1848aab9f3fc66d288f075bdd2538b8f02772eb7650ff34bb00634b4e41fd5f59ce77bb6f215a698d18cc660ab2f6a7ae883a030384353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-process@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.577.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a29fa056b4e897c488084eb27737073e6363f5b954fa86e611e0471b03f0c950f5b23b49fdcb95052dec0fbd56cb9119f5e49784a84ac12d4ac772592238ab7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.577.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6461c6351682b49266b336fd5139c2ee2ccd0ad454b6d74f94b74c921e3528f4b7daf7ddac10c7b3526ba5b6628c8b518f5c4ab8e5ec8984972c068719c2e1f1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/token-providers@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.577.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d02908669702dc3350250d610e39b66dd4b2fd78ececdcb962f4ac69c6ac18e90d7e4f85764890cba37aedb657dd96dcf4a231f8dcf86eede20de3523699679d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso-oidc@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.577.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9e398a48f0d6b9e59661516915c6763f77c8ebfa5d4150dad05802c986613a724b8041d921c04183502c9e455669c06e2e8a69f5756dda6fbb84eeae818d7fd6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sts@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.577.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e74f4a9258a6bdad575658466e94e9797de438fe8e4699b8e2dc09c431e96bd4d445b9a86b18fbbde5a59cb09b0e8af10d3adbb03821bd866c86f70bb288d5a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.576.0", + "bom-ref": "@aws-sdk/core@3.576.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.576.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.576.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "283bc395b7a2a524c87fe7df2ad4e0d66e35f532bbb3d9994960bc6efb99f6ac7afec8d014e5c828e56acae962e839dfc466ef45cc2846e63df4e7021f537fd3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-node@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.577.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a96751ce32cad704d7337341d0a6fd15323a80129734f43500ed183781425f9fcba684c2fb03b6d79d4caa3c0f92e78ab7f7b51883595e40a7529f6dce8b041" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-user-agent@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.577.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3f9e470178309a21c7a45c792443ef3a701b7e137bbfab16bfd3c142cfb3dad0bb42205c3d2d1c74947a3df57b2759f854f2b9dbf3a7acade5f55c5d43b32cd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/util-endpoints@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.577.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "163b94cf529dcb8665cb6abf739f2da5da8777acfb88e754fdc698ce873c8f08001c10c16c824d40b094f615c99cf57633ca56c500f2219b28570b66bc4acfcf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-http@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.577.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9fefb2842a7aedbf7e651184758d6385a981e44fcef90b080ce3d2b9199d69218c08e77cda850428f8085445356e4ab10ec071822116bafb5f84aeac3620d2d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-ini@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.577.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abb9473edbfa06346f0a1504de6d2d21a1192b13d3699d41de52b1198b0597754b02ee4df3218250ac2e0358b37f8b9c4fe2f22ac7151aa2ba543671d5ebf79f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/credential-provider-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.577.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8959b9490bd2ec48194c9b116aa50e9834290503cf3dab78d9209b585bc540e2eb97ca9ec2af0e3fde21152e70da63fadb39e0798cea8499c37a5efd1d76f17b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/client-sso@3.577.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.577.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "070ba3757af276593a504c8f99ec26e46a86e27910e8e5724614bf4b264fffa50a485bf6fec7f7f750a6cf484dd22b544c7d6b4785de2e59fc5c23ad6ab92bce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-bucket-endpoint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-bucket-endpoint@3.577.0#packages/middleware-bucket-endpoint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-bucket-endpoint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-bucket-endpoint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b70964357d95a1f33a9075f30c48893a260273db550017b971bcb1300ad15ac708b02586f666a63e10bbedecc6e17b0df5d144c157711180f90aba66ff91148b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-bucket-endpoint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-arn-parser", + "group": "@aws-sdk", + "version": "3.568.0", + "bom-ref": "@aws-sdk/util-arn-parser@3.568.0", + "author": "AWS SDK for JavaScript Team", + "description": "A parser to Amazon Resource Names", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-arn-parser@3.568.0#packages/util-arn-parser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-arn-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-arn-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-arn-parser/-/util-arn-parser-3.568.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d4289596a3e28e07b7db9cf3f4fa0fe8e54964bbf5f9dedee2fe1fac3c7af9c71613249f426276d3a28f799b3c5eef15af90baec36d27c2fe327367f4836cdb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/util-arn-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-expect-continue", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-expect-continue@3.577.0#packages/middleware-expect-continue", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-expect-continue", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-expect-continue", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-expect-continue/-/middleware-expect-continue-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e9d3e9f13bf8174a1fe2e9f9200c86eaafbe1ab46b3504383f6340301d56d153b826812ed42f0689ebdb6c32e2f3c4c52059ad2a99c70743830b3c27a1ef09b0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-expect-continue" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-flexible-checksums", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-flexible-checksums@3.577.0#packages/middleware-flexible-checksums", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-flexible-checksums", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-flexible-checksums", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-flexible-checksums/-/middleware-flexible-checksums-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "207014122a487da823c3dd8b57c48e48188217b667a9f1dcc35e0891c656dbf99fac2cb5161fe4e343284bfb774eba36b50f75ae040fc14a12801fd00a2d8eae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-flexible-checksums" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2334a0b2bc5472cade8d06cf5629482b2d7a9004f9d84c01eb349a23e337c712212a1e7e6a5744caf23ecfa7ab33b4c22c1d8126c16bb478e9ebfe3fb2bfb774" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "crc32c", + "group": "@aws-crypto", + "version": "3.0.0", + "bom-ref": "@aws-crypto/crc32c@3.0.0", + "author": "AWS Crypto Tools Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-crypto/crc32c@3.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/aws/aws-sdk-js-crypto-helpers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/tree/master/packages/crc32c", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-crypto-helpers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-crypto/crc32c/-/crc32c-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10d34f3cc6a79a7549e014d794e8c0803ed446275b0339d446a0f42af7d1132738a36d033d874495d5357f9710ec96e3d0224948f68c224ffd66c85d077db5d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-location-constraint", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-location-constraint@3.577.0#packages/middleware-location-constraint", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-location-constraint", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-location-constraint", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ca3d30f60f6b3eb76414a3f21762d55affa527f0667ea61493064c81371da47d9cf82b06af865fc92734aa4d5dc67c25e455d16eec2ae3a17ec167aa9679350" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-location-constraint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-sdk-s3", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-sdk-s3@3.582.0#packages/middleware-sdk-s3", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-sdk-s3", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-sdk-s3", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c9a90a4ba0b6993d12382ff5d951e1e477d5152bc540afd477f30bf4a2c19e313bf30fd8b0cf39342364ed06a15d6bfe71101d58815619c32aaf992b579adb6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-sdk-s3" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-signing", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-signing@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-signing@3.577.0#packages/middleware-signing", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-signing", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-signing", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "412fdd877f8da996d7b58d23fc367cebba203f8d77a46e5c146a81cbd39e3a10ccb2895cc0bad06e2d12d1ceb6d5d73540dabe7abf5f7da32167f68f9325d722" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-signing" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-ssec", + "group": "@aws-sdk", + "version": "3.577.0", + "bom-ref": "@aws-sdk/middleware-ssec@3.577.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-ssec@3.577.0#packages/middleware-ssec", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-ssec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-ssec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-ssec/-/middleware-ssec-3.577.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8b604f251faba7cc6645520673487590344570cd89f469c296aaa973e34b4a399869d95c83898f9258accfd1f3c0555c44f2795dc19fdd4e0162ce46f3e893ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/middleware-ssec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signature-v4-multi-region", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/signature-v4-multi-region@3.582.0#packages/signature-v4-multi-region", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/signature-v4-multi-region", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/signature-v4-multi-region", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68508e8e336a117da5f95f108ce5b2e45ec2b47202fd1958741bafdcda3acb19fea4cbd55147bacdd324db21d672e755a475accaf719cc050196200f7852cfb1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/signature-v4-multi-region" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-browser@3.0.0#packages/eventstream-serde-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-browser/-/eventstream-serde-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "341ec01623cde0dc4ffd80809ebbd8475f33dbf66c887885ed5b46df482c84ef466c5ac86f5ac2f1ea78346a49496af3e8feb8ba13d77a8e0cd14b022e764aab" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-universal", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-universal@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-universal@3.0.0#packages/eventstream-serde-universal", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-universal", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-universal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-universal/-/eventstream-serde-universal-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1cd15f4a19a8b5619e0285b8ba33fc99e57d0596af72999eac36cf2239096f129b37c46c51ca5143fd8ec88c563715cd1f6196080c6e481ef29e62062654370f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-universal" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-codec", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-codec@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-codec@3.0.0#packages/eventstream-codec", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-codec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-codec", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-codec/-/eventstream-codec-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3d4b72100d0e8a4e7449a105099d163d5b45f6dcffb5ecded9f0e9b56e9645797e46b11e9c7f146c48ee74ecfc89a922325de513794256a61fd98fb39cbf1015" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-codec" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-config-resolver", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-config-resolver@3.0.0#packages/eventstream-serde-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-config-resolver/-/eventstream-serde-config-resolver-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "454406def4372d7ee97aaa8701b99aca182b1796938a53e76b38a7692185d4fd3eb60337bef21158f1e694b233daa16a07d2ea148c5d8adc5cf0ed99ea9b2b47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eventstream-serde-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/eventstream-serde-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/eventstream-serde-node@3.0.0#packages/eventstream-serde-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/eventstream-serde-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/eventstream-serde-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/eventstream-serde-node/-/eventstream-serde-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6da44f74c0433011316572140283c69bf867b62c63b7f545a54ebe5660b2898258cd11d1c68688d4c37ee5713e8484bc009d860872cc14420e2f3abdc71d4481" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/eventstream-serde-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-blob-browser", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-blob-browser@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-blob-browser@3.0.0#packages/hash-blob-browser", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-blob-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-blob-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-blob-browser/-/hash-blob-browser-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd66e9760f9bc09bd6ee5c51ff3a5601cd7fc7f62472a82eb85d9b033909aef5eb899bb5be6f2bf8f51d138b32895c1083b3cf476757a62dc22c16fda910da55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-blob-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader-native", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader-native@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader-native@3.0.0#packages/chunked-blob-reader-native", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader-native", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader-native", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5439290985bea5e4ae338cc98a9e560dfaaf836328fdef32c4ebf7545d66d75cbb07c28a30a545b666560dedfa16f93cac6b96acf6471d767bad1eee339c96ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader-native" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chunked-blob-reader", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/chunked-blob-reader@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/chunked-blob-reader@3.0.0#packages/chunked-blob-reader", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/chunked-blob-reader", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/chunked-blob-reader", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/chunked-blob-reader/-/chunked-blob-reader-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b1b9d4442c231748124e81a5b0188099dd654429929fbda7bbd6b17c9bb9948c7a4541201eee86c1331ba827614128b43ee99c9b9bc5c6c8bd5d65dbda64daa0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/chunked-blob-reader" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hash-stream-node", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/hash-stream-node@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/hash-stream-node@3.0.0#packages/hash-stream-node", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/hash-stream-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/hash-stream-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/hash-stream-node/-/hash-stream-node-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2748bb75ef848170c41884c3e1fc7398c5fc0b208d1134c84579718cc88d52fbeeefa5e7dc6277d70411f39ca794f936c08d65aa892700525a0f57e234395b20" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/hash-stream-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "md5-js", + "group": "@smithy", + "version": "3.0.0", + "bom-ref": "@smithy/md5-js@3.0.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40smithy/md5-js@3.0.0#packages/md5-js", + "externalReferences": [ + { + "url": "git+https://github.com/awslabs/smithy-typescript.git#packages/md5-js", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/md5-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@smithy/md5-js/-/md5-js-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e6d2faeb5738e50fee910904f1ec3dcbb39f12dc5507d590ad53530887fa9099a3a8d47f6530dd9ab3a0a291c13081ab6d9c0f5251149da09276ef131c11f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@smithy/md5-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "confirm", + "group": "@inquirer", + "version": "3.1.9", + "bom-ref": "@inquirer/confirm@3.1.9", + "author": "Simon Boudrias", + "description": "Inquirer confirm prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/confirm@3.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/confirm/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/confirm/-/confirm-3.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "505d3d69e8f10a2e17aa6e8dfe32408855c0ad77e2f5a979d8015a483fb6b881e78591ad77577a94819344c3e8b95489c5b1848be1e43964986a2118ffeb3353" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/confirm" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@inquirer", + "version": "8.2.2", + "bom-ref": "@inquirer/core@8.2.2", + "author": "Simon Boudrias", + "description": "Core Inquirer prompt API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/core@8.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/core/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/core/-/core-8.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2bc4ae357e398c41655f7101269bbd07e4b64c84b330f197648b89f4c13ddb84aa6dd5ba3ede9f2242af5e0ee638438a2785b1a50b318f45137dc2ff038df85b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "figures", + "group": "@inquirer", + "version": "1.0.3", + "bom-ref": "@inquirer/figures@1.0.3", + "author": "Simon Boudrias", + "description": "Vendored version of figures, for CJS compatibility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/figures@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "12b5d7cc434c1f9a49b79fecb175740df59466a972f271b37f451c055f714e73fe2b27df1369aacb120c06b67c8a341c9369d4d13426e34110079dd8adec961f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/figures" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type", + "group": "@inquirer", + "version": "1.3.3", + "bom-ref": "@inquirer/type@1.3.3", + "author": "Simon Boudrias", + "description": "Inquirer core TS types", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/type@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/type/-/type-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5352dd0dba5ca55f6effcccc74e1961aaff92bd6b69a8854d5bd0e5f7a58d0b22020766d163e3e12ef7ff27b47dbb2587ed7942b22e0ef7c25d37a4ee9318e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/type" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "group": "@types", + "version": "0.0.4", + "bom-ref": "@types/mute-stream@0.0.4", + "description": "TypeScript definitions for mute-stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/mute-stream@0.0.4#types/mute-stream", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/mute-stream", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/mute-stream", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/mute-stream/-/mute-stream-0.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "08f33d9f3ac23cf24740d03d91e1fd09591523e591e6431afbb5c4b398dc190d15a001a72efdb8db0f252158300047e6138a2e7c945a4dcf4f34b425d22a00a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "group": "@types", + "version": "3.0.0", + "bom-ref": "@types/wrap-ansi@3.0.0", + "description": "TypeScript definitions for wrap-ansi", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/wrap-ansi@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/wrap-ansi/-/wrap-ansi-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "96d229c7e90cee0fcc2d165f91b2fb12c0848dfcc271270ba64837ede5c4b71e649ab00a0644c9c1dd462008c348bf304e933a1f39f960ee2949bf75044c2ed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "input", + "group": "@inquirer", + "version": "2.1.9", + "bom-ref": "@inquirer/input@2.1.9", + "author": "Simon Boudrias", + "description": "Inquirer input text prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/input@2.1.9", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/input/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/input/-/input-2.1.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d714c21e621ee3cc7d086d7ef209401eb555747f907d887380151b832a15a69e4da2f9d78117234a7fd236e95ea717fd3a5f070eade0cf0dd908052bfa1d44ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/input" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "select", + "group": "@inquirer", + "version": "2.3.5", + "bom-ref": "@inquirer/select@2.3.5", + "author": "Simon Boudrias", + "description": "Inquirer select/list prompt", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40inquirer/select@2.3.5", + "externalReferences": [ + { + "url": "git+https://github.com/SBoudrias/Inquirer.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/blob/master/packages/select/README.md", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SBoudrias/Inquirer.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@inquirer/select/-/select-2.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "232063f2812d99d1761b1e052533ed1326b7ecc0fab342804cab07aa09a5b3494aec441b8584aaf46425705aba701b187bf720434160d9c0aa6183e2fddfdfc5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/select" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "plugin-not-found", + "group": "@oclif", + "version": "3.2.1", + "bom-ref": "@oclif/plugin-not-found@3.2.1", + "author": "Salesforce", + "description": "\"did you mean\" for oclif", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/plugin-not-found@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/plugin-not-found.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/plugin-not-found/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/plugin-not-found/-/plugin-not-found-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63617258b133893ae0750c1de0bb59718bf754e31e0e15b4a56ea16c4d2eddf25dc6cf1fdc92df38724f77c14fa2b56dda576c6a3e3371751603abcc40a78a6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "3.0.0", + "bom-ref": "fast-levenshtein@3.0.0", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84a28d6a39b8eae3664e58474b2664993a00739eae649c18abbcab722663a8ec6795f4301110d02661cf529ee6d66f70c7cbe039ef08682299e4abf69350dd09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7919c2b534ed199169402c2126250ebb13d05915d52980e7d1bd8f7877d72fafd98b9dd22c0cc01df5615562b602bc82fd61f4e6419fc611483ef4c5d125d0ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "async-retry", + "version": "1.3.3", + "bom-ref": "async-retry@1.3.3", + "description": "Retrying made simple, easy and async", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/async-retry@1.3.3", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/async-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/async-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/async-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/async-retry/-/async-retry-1.3.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1faff8ecb70f71362ff4b5e307ad15bb76ccf72ede4046160d6767b0a5a76785a229e666c02e13803fe10076c0bbb7867ac2ab0356ff7e5ba826d4393d984cb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/async-retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.13.1", + "bom-ref": "retry@0.13.1", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.13.1", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d0050dc8f16d4281ed127a1fba8238f4dcb6e64455aea2cce02bda280a9c1822b861a0ef34a5fab8714914e439249f07ce7c5b5e470959e7a3d838663215676" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/retry" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "change-case", + "version": "4.1.2", + "bom-ref": "change-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform a string between `camelCase`, `PascalCase`, `Capital Case`, `snake_case`, `param-case`, `CONSTANT_CASE` and others", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/change-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/change-case/-/change-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d2c58db0b3d3adbe220b1b51226392bb34dc64aa0fc99d19c5c4bb4a43de896af8a22318bb76332b49dd04093f400be96db429666302b0e77056a4e31b968ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/change-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camel-case", + "version": "4.1.2", + "bom-ref": "camel-case@4.1.2", + "author": "Blake Embrey", + "description": "Transform into a string with the separator denoted by the next word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camel-case@4.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/camel-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camel-case/-/camel-case-4.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83119606b4d3d49b8cc7a47ea393d35cc9949e19d5ccb43d48dbad0f862a2ad23a6a9f3deedded28409895aea0096124a655e794dc9b124660f46106c4a14283" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camel-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pascal-case", + "version": "3.1.2", + "bom-ref": "pascal-case@3.1.2", + "author": "Blake Embrey", + "description": "Transform into a string of capitalized words without separators", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pascal-case@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/pascal-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pascal-case/-/pascal-case-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b969464f76129caf71dc140968e75c670ae757a84fa5df23147d7fb9ca622d13e1ff6cc2549292d7d1381af607bda09c0029f77e85d9d1c2c1f56af1d4a19ee6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pascal-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "capital-case", + "version": "1.0.4", + "bom-ref": "capital-case@1.0.4", + "author": "Blake Embrey", + "description": "Transform into a space separated string with each word capitalized", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/capital-case@1.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/capital-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/capital-case/-/capital-case-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "76cdfb5bc0b2b478309e11864e2f3ca5c3f2475e6aa0d90ea58c2630c7e75aaa9680449aa4baaf0f1ea1b858d0e6fa964a7d99d3ad7bdd7340ecbb4c39e521d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/capital-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "no-case", + "version": "3.0.4", + "bom-ref": "no-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with spaces between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/no-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/no-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/no-case/-/no-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e000dde318087e468c541991d348e2c922a51cdb09a8070191e2d6e93402a69a8bc5a16ab439d4646f456495d45e3b66b68814ff384ba51bd5d251cd74af7ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/no-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case-first", + "version": "2.0.2", + "bom-ref": "upper-case-first@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string with the first character in upper cased", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case-first@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case-first#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case-first/-/upper-case-first-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e75e29a581c168ac1f2512bfa4d0ba73f3b17c66b4a1b4a7025d74eaef7b11dd08eb6e4d8a7f7a2808edb5917a64bdded572eda61c67aab3a2f625a09bebbe6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case-first" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "constant-case", + "version": "3.0.4", + "bom-ref": "constant-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into upper case string with an underscore between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/constant-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/constant-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/constant-case/-/constant-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "236852062ed5becec112e243af97431dfcdbfd1ba3dc5caf17287b28b8a5023350c3705efb182a5010365bab1c54470bd212f57703d1b48a843d55022a44acc9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/constant-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "upper-case", + "version": "2.0.2", + "bom-ref": "upper-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to upper case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/upper-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/upper-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/upper-case/-/upper-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a07600c626dd93a6ec015088e01ba973c36196151096f5091f922bf40f1a871cb6091e6b6675420a71977cac78054a3a29553970ea08330a6d5bf0c150c2292" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/upper-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "dot-case", + "version": "3.0.4", + "bom-ref": "dot-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with a period between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dot-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/dot-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dot-case/-/dot-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2afe672a587ac91addac6bf1789d9ee72d9e454a64528b085b8036012dfccf04b3dbbceeeee7c3c103e2e4986cdd702518d7ad9776e69c6850b0cb642899e3df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/dot-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "header-case", + "version": "2.0.4", + "bom-ref": "header-case@2.0.4", + "author": "Blake Embrey", + "description": "Transform into a dash separated string of capitalized words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/header-case@2.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/header-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/header-case/-/header-case-2.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1ffbee9394c4115670ad1d25a76cde77d382a35b8020b325c742443200b6eabcf2249dcdd6fe979301c75c941d4767684a37063cce8e28f6282607f4a65275d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/header-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lower-case", + "version": "2.0.2", + "bom-ref": "lower-case@2.0.2", + "author": "Blake Embrey", + "description": "Transforms the string to lower case", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lower-case@2.0.2", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/lower-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lower-case/-/lower-case-2.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edf9b797734017d59f37a5b724e99fe5daf0a55a97efc26da0627703a5b46ba66795d338d70d9f5790f8f74a6c2854e931db3c4c9b1efde1cb145b0d1c78c782" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lower-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "param-case", + "version": "3.0.4", + "bom-ref": "param-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower cased string with dashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/param-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/param-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/param-case/-/param-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "457963ef3098a2445ea96a4e3c7f68622bd4ccb619e6f00f21f1260933558a8b02efc17c1741fdcbb4fb806d8cdfdca682eb7117981c144b326504a987d069dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/param-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-case", + "version": "3.0.4", + "bom-ref": "path-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with slashes between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/path-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-case/-/path-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a8ee2a0858d7a954eb71b3edfe141f85343e56116ca8d28e3edcad80d2a42b14a8129dd73d443c39b16e78fca5388a24e608e7ebdaf2f178942f10b0a2ddd67e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sentence-case", + "version": "3.0.4", + "bom-ref": "sentence-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case with spaces between words, then capitalize the string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sentence-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/sentence-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sentence-case/-/sentence-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0b4b42489da40c091a10ed8532b40a3fc54bb95b65e74315761c8ffab8ce94ec22134b546a3c496bdf457ab88ab230a33d949191545cb9ff80aecdc8b13584a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sentence-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "snake-case", + "version": "3.0.4", + "bom-ref": "snake-case@3.0.4", + "author": "Blake Embrey", + "description": "Transform into a lower case string with underscores between words", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/snake-case@3.0.4", + "externalReferences": [ + { + "url": "git://github.com/blakeembrey/change-case.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/tree/master/packages/snake-case#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blakeembrey/change-case/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/snake-case/-/snake-case-3.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c03a1e33f3d6c642f97da457cd17c575e3a8bba3bfc2a853dbab36203fec98cc3203792f4768d16d5c005a9915be010cc454e0dcbc4efd96327ef1af5849d32" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/snake-case" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-yarn-workspace-root", + "version": "2.0.0", + "bom-ref": "find-yarn-workspace-root@2.0.0", + "author": "Square, Inc.", + "description": "Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/find-yarn-workspace-root@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/square/find-yarn-workspace-root.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/square/find-yarn-workspace-root/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-yarn-workspace-root/-/find-yarn-workspace-root-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d483276e3b782b3b107e7867ccd77cc141205d9e3823365a6669cb631ec3e45665687b76816db40ab8bc43e13fb79b488f8f9ea5306e6fed99c6efef3482f3a9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/find-yarn-workspace-root" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "github-slugger", + "version": "2.0.0", + "bom-ref": "github-slugger@2.0.0", + "author": "Dan Flettre", + "description": "Generate a slug just like GitHub does for markdown headings.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/github-slugger@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/Flet/github-slugger.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Flet/github-slugger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Flet/github-slugger/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/github-slugger/-/github-slugger-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21a390f69b98b63ae4abb63462097d283667adffda89425852955ff3dcbc9326b16d11bb6354ab5ff8daba6aeff35bdceb5fa488c7a6a6e8ec337630ef0e6a73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/github-slugger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "got", + "version": "13.0.0", + "bom-ref": "got@13.0.0", + "description": "Human-friendly and powerful HTTP request library for Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/got@13.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/got.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/got#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/got/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/got/-/got-13.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5df064d42c4e39270370cafd3b5c8a90d690cb2f3ae4d6d8b3e17b76be07d0b64c5600a3d8b7b9f64e8fa9b347a0be53a1e684414621e9ceb231f55c73a489c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/got" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is", + "group": "@sindresorhus", + "version": "5.6.0", + "bom-ref": "@sindresorhus/is@5.6.0", + "author": "Sindre Sorhus", + "description": "Type check values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sindresorhus/is@5.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sindresorhus/is/-/is-5.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4d5eedf062986895ac9f4d2d143a81c3cf94aa6afc0347d1535b6f4d08726731afd2c24219140bdc918c237b9cb8aa375c865d50ff8bc7bfe0876b7795ec32ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sindresorhus/is" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-timer", + "group": "@szmarczak", + "version": "5.0.1", + "bom-ref": "@szmarczak/http-timer@5.0.1", + "author": "Szymon Marczak", + "description": "Timings for HTTP requests", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40szmarczak/http-timer@5.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http-timer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http-timer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http-timer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f9905f43e20183cc79561edb7ecb24062f38c616d63dab1f96113b24b76f8093549ba6df81df46f2af033a331c0406d139c735d51f63d9c2794c9102cfff73" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@szmarczak/http-timer" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "defer-to-connect", + "version": "2.0.1", + "bom-ref": "defer-to-connect@2.0.1", + "author": "Szymon Marczak", + "description": "The safe way to handle the `connect` socket event", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/defer-to-connect@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/defer-to-connect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/defer-to-connect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2dbedb5ea571b555a606ad189b93913025dd6de2e76e9d239531d2d200bea621dd62c78dfca0fc0f64c00b638d450a28ee90ed4bd2dc0d706b1dcd2edd1e00e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/defer-to-connect" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-lookup", + "version": "7.0.0", + "bom-ref": "cacheable-lookup@7.0.0", + "author": "Szymon Marczak", + "description": "A cacheable dns.lookup(…) that respects TTL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-lookup@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/cacheable-lookup.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/cacheable-lookup/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "faa272c78c622ab6bc999adcc218cc44c5210f9351d51f1eb0f933218c57f7a26279c168c405c5bb3fc6a51dfe7afe0f13559a9878a9efcc15d2f7263d0b69f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-lookup" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacheable-request", + "version": "10.2.14", + "bom-ref": "cacheable-request@10.2.14", + "author": "Jared Wray", + "description": "Wrap native HTTP requests with RFC compliant cache support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cacheable-request@10.2.14", + "externalReferences": [ + { + "url": "git+https://github.com/jaredwray/cacheable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jaredwray/cacheable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jaredwray/cacheable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.14.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ce40d3e56005e21492a148327e0e6d148c73f1740afb6e56fd32d5a2325330a05ac5ebcb041b4bc60aa0b80b95401f0f556efd1558c7714f8627db556c367d99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cacheable-request" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "group": "@types", + "version": "4.0.4", + "bom-ref": "@types/http-cache-semantics@4.0.4", + "description": "TypeScript definitions for http-cache-semantics", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/http-cache-semantics@4.0.4#types/http-cache-semantics", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/http-cache-semantics", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/http-cache-semantics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d66d1b20555cede256caf7bd4b4467b9181c42a17f5dde50b1464065e405af5437fe9f495a841012a995cbe0cf4cda465f086021eb40a1817c252737deadbd40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7abdbde4328f56c57cda3e64c351a3b7e00303f5d81ec6a397cd9c18d406d9eca83e4be05215fe9c32327a5ce12166dbb173f7f441dc23a979b58b36158a985d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "4.0.0", + "bom-ref": "mimic-response@4.0.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b92121fdc4c614d03ceb4fe8e5f2adb37bd0fa79606da3e23c08da5ef9523e2b627f17f9373dd91d4ddcf8c2f1951f8353a68f8d4584d522e31010c31cb0baa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-url", + "version": "8.0.1", + "bom-ref": "normalize-url@8.0.1", + "author": "Sindre Sorhus", + "description": "Normalize a URL", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/normalize-url@8.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/normalize-url.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/normalize-url/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20ef50be350c5b13d0421b3ad283aed740919160a26734949336d718657da6f8989757d761cbe4cd0e6357dcfc63aba7f0046855197812d0babfa8cda9b689ff" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-url" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "responselike", + "version": "3.0.0", + "bom-ref": "responselike@3.0.0", + "author": "Luke Childs", + "description": "A response-like object for mocking a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/responselike@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/responselike.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/responselike#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/responselike/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/responselike/-/responselike-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e34c87c5b35c976fabcd7bd9b9592b62885ab61b122653135caaf21b9cbcb9c887bf5fb10cb1d0a608c6eb82543bd9eb12ada318b1fa219f01719cb0df0af07a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/responselike" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "decompress-response", + "version": "6.0.0", + "bom-ref": "decompress-response@6.0.0", + "author": "Sindre Sorhus", + "description": "Decompress a HTTP response if needed", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/decompress-response@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/decompress-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/decompress-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "696df9c9933a05bff8a099599dc307d8b0a866d2574d1c444b5eef137868462a305369161da24a1644810e70d1f9c9bd27ef5085799113221fbf4a638bd7a309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "form-data-encoder", + "version": "2.1.4", + "bom-ref": "form-data-encoder@2.1.4", + "author": "Nick K.", + "description": "Encode FormData content into the multipart/form-data format", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/form-data-encoder@2.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/octet-stream/form-data-encoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/octet-stream/form-data-encoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-2.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c8361280d32b6aabe7c621173b8862f3cf986716870ba40acdbe4df388910930de44eed900ba62aff95599ffee5d4867c14af63b81d4f2cfe7eb1fb23634241f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/form-data-encoder" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http2-wrapper", + "version": "2.2.1", + "bom-ref": "http2-wrapper@2.2.1", + "author": "Szymon Marczak", + "description": "HTTP2 client, just with the familiar `https` API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http2-wrapper@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/http2-wrapper.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/http2-wrapper/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5799d5c353c03a07c8dcb99e6a3d84c667a0edf7a78e1454833d653d27b3cb50ae84f61b810b5b423e2365f10010c95a2febeea6cbe18ea0b28f3a1bd32c6c99" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/http2-wrapper" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "resolve-alpn", + "version": "1.2.1", + "bom-ref": "resolve-alpn@1.2.1", + "author": "Szymon Marczak", + "description": "Detects the ALPN protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-alpn@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/szmarczak/resolve-alpn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/szmarczak/resolve-alpn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d1ad45e25ef7fd915939a9099d0dc5be4276fa0493416cffaf6284e4e7436344f13e6e61e0692a91659f338ed3ec7b1b9ceb5c255105e1ea42572eaeed0dcafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-alpn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lowercase-keys", + "version": "3.0.0", + "bom-ref": "lowercase-keys@3.0.0", + "author": "Sindre Sorhus", + "description": "Lowercase the keys of an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lowercase-keys@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/lowercase-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/lowercase-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a33082ea0750fa0957390b2f78a0f462c0f2f034901630d3cf8cf2cc41cd579f893f90fad8b99f0d9ea8d5cc9c171f68b86f78d0ce5d13c0bc0937b0763d9859" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lowercase-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-cancelable", + "version": "3.0.0", + "bom-ref": "p-cancelable@3.0.0", + "author": "Sindre Sorhus", + "description": "Create a promise that can be canceled", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-cancelable@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-cancelable.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-cancelable/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a55604773c6bb3968d0c993764e1c5ea5d69704032e738d4c083ab26eb65e430912247137718bdd27df918beac289db90905cac8ed4befe5987dca3be7da253" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/p-cancelable" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eabbc27de456f8e1196a0001e2530b48db933586562d5b4a71c2bbf554937ffff24d8e5538281ca47f343be6d92bc35ea6cee95277791be425320d7257fda265" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "90df5d25bbe7c921d42c896e0c7cb7d961d152edce83b07db1b63bb6c14b72d42422a9cc877844ad881d3234d8baa99c5d7fa52b94f596752ddc6ef336cc2664" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "71ba87ba7b105a724d13a2a155232c31e1f91ff2fd129ca66f3a93437b8bc0d08b675438f35a166a87ea1fb9cee95d3bc655f063a3e141d43621e756c7f64ae1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b21f0f59cfdfb4ca8001d16206ee85cba2543988ea0c9049bc88697c33321ebaf445ba7996266a7784e3b50fd181f2e328565bf8b331e61a66979a8e5b2d2abe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e2538dabfb13b851b512d5bba8dcb3c992394eef8df45e7e5254085da73cec3c7b236d855f9679c57404e069b9cbb9d7be0aabb6e69e8dfa0da5c3f3c5b1ae3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-package-json", + "version": "2.10.0", + "bom-ref": "sort-package-json@2.10.0", + "author": "Keith Cirkel", + "description": "Sort an Object or package.json based on the well-known package.json keys", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-package-json@2.10.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-package-json/-/sort-package-json-2.10.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31879c7ef39b3302638c9b2487161fb8e003917a7564c3270850bcca1a7ef470ec93b1e1477dfa85dede881b3dea54d77e2aa650d23e59009e08c441865db9d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "detect-indent", + "version": "7.0.1", + "bom-ref": "detect-indent@7.0.1", + "author": "Sindre Sorhus", + "description": "Detect the indentation of code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-indent@7.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-indent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-indent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-indent/-/detect-indent-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "31ced0850f2cf9c2eb9d47d4fc98bde2f1bfafc336ea6f1ffbebf2adeb38668a236910e9675792221fc4a732cdc255aebf3499dd46c316ca6316f4c35dee9efe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/detect-indent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "get-stdin", + "version": "9.0.0", + "bom-ref": "get-stdin@9.0.0", + "author": "Sindre Sorhus", + "description": "Get stdin as a string or buffer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/get-stdin@9.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/get-stdin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/get-stdin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/get-stdin/-/get-stdin-9.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7552818df5a2b0b02271aac8d927fe26e044fc382157853334055ef7284426ecde44477726139313d7146894de49aefb7ec6d050ade970ea497cce7df9529968" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/get-stdin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git-hooks-list", + "version": "3.1.0", + "bom-ref": "git-hooks-list@3.1.0", + "author": "fisker Cheung", + "description": "List of Git hooks", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/git-hooks-list@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/fisker/git-hooks-list.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fisker/git-hooks-list/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/git-hooks-list/-/git-hooks-list-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2c5f15787791eeffb001b5ea7e04654d25ffd41251f50d6f10c47c240cf570483a197d3bfb3ca3dec01d0ef6238ffc679487d5b86823e2a05e8b52b784a1fe3c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/git-hooks-list" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sort-object-keys", + "version": "1.1.3", + "bom-ref": "sort-object-keys@1.1.3", + "author": "Keith Cirkel", + "description": "Sort an object's keys, including an optional key list", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/sort-object-keys@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/keithamus/sort-object-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/keithamus/sort-object-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sort-object-keys/-/sort-object-keys-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39e69bcaf95914ecf68a60f73e2639e6b781337a3407ca1845df7ab7d6a1bcc7b99a0f391e1610004e174261acb5d422123bea803308ce04ff9f3d97b420fca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-object-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-jsonc", + "version": "1.0.1", + "bom-ref": "tiny-jsonc@1.0.1", + "description": "An absurdly small JSONC parser.", + "purl": "pkg:npm/tiny-jsonc@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/fabiospampinato/jsonc-simple-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fabiospampinato/jsonc-simple-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tiny-jsonc/-/tiny-jsonc-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a4e810b1cef6bd0e88847c35ff962d0bd9c58a3cf10d62f8b1529ac5765dd83e2e1b6595210e7348f5852469caeffae206f74767c51e6636a6a80fa5210fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tiny-jsonc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "open", + "version": "10.1.0", + "bom-ref": "open@10.1.0", + "author": "Sindre Sorhus", + "description": "Open stuff like URLs, files, executables. Cross-platform.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/open@10.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/open.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/open#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/open/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/open/-/open-10.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9a791e435a8fe547b6c1df9a8af4c3dcd1ddfe567de8bbb48e07f4a7092d2cfb71e9c4d9887eedc9e191447b34cd7d2b6eb6a15cf9d79549db797c9a041b886b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open" + } + ] + }, + { + "type": "library", + "name": "default-browser", + "version": "5.2.1", + "bom-ref": "default-browser@5.2.1", + "author": "Sindre Sorhus", + "description": "Get the default browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser@5.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser/-/default-browser-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "598ff74d4304d31dca3d875147110926f5d11d5e0fc8fa14b31b596bbf25c08b7045044785dd94f713ac71a4ff6137fcb825c8023789385055121ffb16d0fc5e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser" + } + ] + }, + { + "type": "library", + "name": "bundle-name", + "version": "4.1.0", + "bom-ref": "bundle-name@4.1.0", + "author": "Sindre Sorhus", + "description": "Get bundle name from a bundle identifier (macOS): `com.apple.Safari` → `Safari`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/bundle-name@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/bundle-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/bundle-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/bundle-name/-/bundle-name-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b63c0ce5ec4c83a046448fa43664e7b4db2f7594b55fc045612ead9c9da1747d2457133afde559db1cbe16a4ad496bd89ad7c53032c8c6eae8ac7c0329f0f3e5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/bundle-name" + } + ] + }, + { + "type": "library", + "name": "run-applescript", + "version": "7.0.0", + "bom-ref": "run-applescript@7.0.0", + "author": "Sindre Sorhus", + "description": "Run AppleScript and get the result", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/run-applescript@7.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/run-applescript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/run-applescript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/run-applescript/-/run-applescript-7.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f5bcb8223f7d254aff3021415240ca2d62b71bd1d55e669b2b3f54e4c948008bafbb39223a271162cf1724bc57fb16a10fe98b8a20980ea17d74a020b7328fd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/run-applescript" + } + ] + }, + { + "type": "library", + "name": "default-browser-id", + "version": "5.0.0", + "bom-ref": "default-browser-id@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the bundle identifier of the default browser (macOS). Example: com.apple.Safari", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/default-browser-id@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/default-browser-id.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/default-browser-id/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/default-browser-id/-/default-browser-id-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03aa7fa6effa7f205c0354d1cff1aa5983d58a996b7ed716da0642f6aefd9e0342280791fd7de070475740797828d5d5fb7c20209d423e4250dc81ccea572cc8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/default-browser-id" + } + ] + }, + { + "type": "library", + "name": "define-lazy-prop", + "version": "3.0.0", + "bom-ref": "define-lazy-prop@3.0.0", + "author": "Sindre Sorhus", + "description": "Define a lazily evaluated property on an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/define-lazy-prop@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/define-lazy-prop.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/define-lazy-prop/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "37e31e5d8a2aaf7a4e827f317f244f44437b8076a42d88e1b07856193ddf58088be08900b74883c35e108a2126d9b137d1ce575f9ab416d000dc22b97fdfc152" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/define-lazy-prop" + } + ] + }, + { + "type": "library", + "name": "is-inside-container", + "version": "1.0.0", + "bom-ref": "is-inside-container@1.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a container (Docker/Podman)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-inside-container@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-inside-container.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-inside-container/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-inside-container/-/is-inside-container-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28860b08226085f1d9c6a8d8044eeb132d0e06e4dde710874bbb47560bc22e4c7b4ad2286b1c0d5b784200b80452315f79193e306fd0c66a7fbed113105ded44" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container" + } + ] + }, + { + "type": "library", + "name": "prompt-sync", + "version": "4.2.0", + "bom-ref": "prompt-sync@4.2.0", + "description": "a synchronous prompt for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/prompt-sync@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/heapwolf/prompt-sync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heapwolf/prompt-sync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/prompt-sync/-/prompt-sync-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "06e133cdce73a6d3f92ec815e4c6444e30da29259f72197953d2ee8aef122a9ee26560f9b596a53b1bcd719470bfe776a61345afcc656f198535c44a7c93b327" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync" + } + ] + }, + { + "type": "library", + "name": "lodash.truncate", + "version": "4.4.2", + "bom-ref": "lodash.truncate@4.4.2", + "author": "John-David Dalton", + "description": "The lodash method `_.truncate` exported as a module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lodash.truncate@4.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/lodash/lodash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://lodash.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lodash/lodash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8edb6645eedb46c7b9d8eb1620c0cb697c56a91026b4851c70043781aaef882a898da7d739f34c3b4c8c7cda5d0facdb19a4d4d0fe4dcfb7bb8004fa70a98947" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lodash.truncate" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.2.3", + "bom-ref": "tmp@0.2.3", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.2.3", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d90fb9bd8823c2e60d2962671ac688182a08127cbb1dc65f287f743fa086ea0aa2cb20ef48005d065a35f5cfd3594473e25eff167b1e320c2699b20130d18f3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tmp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "29.1.4", + "bom-ref": "ts-jest@29.1.4", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@29.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6221f00e14af0a222da0082c2ada0b142b9a903cc3b09d432c39d2a2e4da4e674e70ec08912cdb2d776e690e8ce4345586e642fcd61a699fe6b476d632ffd2e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "remapping", + "group": "@ampproject", + "version": "2.3.0", + "bom-ref": "@ampproject/remapping@2.3.0", + "author": "Justin Ridgewell", + "description": "Remap sequential sourcemaps through transformations to point at the original source code", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40ampproject/remapping@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/ampproject/remapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ampproject/remapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ampproject/remapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@ampproject/remapping/-/remapping-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df4899b403e0cfe2d3218a1e8afa98a3ce777f4da305849de6e1a71a9905574337c4eb7d68def77ab920600999538df1e157ea7272f15bd2a98374792c2e1863" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@ampproject/remapping" + } + ] + }, + { + "type": "library", + "name": "js-tokens", + "version": "4.0.0", + "bom-ref": "js-tokens@4.0.0", + "author": "Simon Lydell", + "description": "A regex that tokenizes JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-tokens@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/lydell/js-tokens.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lydell/js-tokens#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lydell/js-tokens/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "45d2547e5704ddc5332a232a420b02bb4e853eef5474824ed1b7986cf84737893a6a9809b627dca02b53f5b7313a9601b690f690233a49bce0e026aeb16fcf29" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-tokens" + } + ] + }, + { + "type": "library", + "name": "helper-compilation-targets", + "group": "@babel", + "version": "7.23.6", + "bom-ref": "@babel/helper-compilation-targets@7.23.6", + "author": "The Babel Team", + "description": "Helper functions on Babel compilation targets", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-compilation-targets@7.23.6#packages/babel-helper-compilation-targets", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-compilation-targets", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f49079e3c199a10566ceb160a7ca3b2b17609131a6eb1b3d0d6d28fcf8a6ef65038f3af939b510e99cd83ea03e83d3934b66c142872d2c9ae4cb444308059181" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets" + } + ] + }, + { + "type": "library", + "name": "compat-data", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/compat-data@7.24.4", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/compat-data@7.24.4#packages/babel-compat-data", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-compat-data", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be0f068a1d8c2cafa43a41c9a788011089326888b4d23816a2dd83f503a699f2c2f2320d48ece608bb5ae81bf3fc94810aa9de815d0bf348e1c64a25e4658d7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/compat-data" + } + ] + }, + { + "type": "library", + "name": "helper-validator-option", + "group": "@babel", + "version": "7.23.5", + "bom-ref": "@babel/helper-validator-option@7.23.5", + "author": "The Babel Team", + "description": "Validate plugin/preset options", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-validator-option@7.23.5#packages/babel-helper-validator-option", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-validator-option", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/babel/babel#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-validator-option/-/helper-validator-option-7.23.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f39b6d00e30bb2be775605e44db931f2803a6137d3e2aeff1f35d22c46268dc49324f30f42dbead410fbf41c9ea79c4c5186c64731290ec8d47f7772a79e082b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-validator-option" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "5.1.1", + "bom-ref": "lru-cache@5.1.1", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@5.1.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2a9340450037230bfe8d3034bad51555bae1f8996baf516fd1ee7a186cc014e5cdedd93f16f89a0d6f0b1e62b9d8395c1f858fda7ea023cbcdd5a7ac045828f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "3.1.1", + "bom-ref": "yallist@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6b850641a58f1f9f663975189c01b67b09dc412e22e05e374efdc9a0033eb365430264bd36c2bc1a90cc2eb0873e4b054fb8772ba4cea14367da96fb4685f1e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yallist" + } + ] + }, + { + "type": "library", + "name": "helper-module-transforms", + "group": "@babel", + "version": "7.23.3", + "bom-ref": "@babel/helper-module-transforms@7.23.3", + "author": "The Babel Team", + "description": "Babel helper functions for implementing ES6 module transformations", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-transforms@7.23.3#packages/babel-helper-module-transforms", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-transforms", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-transforms", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.23.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "edb06ce040fd3a6b3075f0f3a73e0ca56812ad5ec55e5737cc86a0bcb1634b91fe324ed29ebdb5bd0e90c2bb2808631f342e1ee0b40f76850b12de32933d1245" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-transforms" + } + ] + }, + { + "type": "library", + "name": "helper-environment-visitor", + "group": "@babel", + "version": "7.22.20", + "bom-ref": "@babel/helper-environment-visitor@7.22.20", + "author": "The Babel Team", + "description": "Helper visitor to only visit nodes in the current 'this' context", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-environment-visitor@7.22.20#packages/babel-helper-environment-visitor", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-environment-visitor", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-environment-visitor", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-environment-visitor/-/helper-environment-visitor-7.22.20.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cdf79d488cc585ab7f8058567c7b605af95e7349ea07d604215ae9bb08ebb8b9577d44a703c7090749a21cac2a0e743b777d9a2a8db1b7cf3fc59a6dc316df84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-environment-visitor" + } + ] + }, + { + "type": "library", + "name": "helper-module-imports", + "group": "@babel", + "version": "7.24.3", + "bom-ref": "@babel/helper-module-imports@7.24.3", + "author": "The Babel Team", + "description": "Babel helper functions for inserting module loads", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-module-imports@7.24.3#packages/babel-helper-module-imports", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-module-imports", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-module-imports", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.24.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "be229bd05f5fdacd01092db6412177d3ccfffb5616295ffbea6c2deb5341cd2e62ccccc33f076ad694ebcdff8b8b79e90565fd29d41b91e0add6348033b959aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-module-imports" + } + ] + }, + { + "type": "library", + "name": "helper-simple-access", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-simple-access@7.22.5", + "author": "The Babel Team", + "description": "Babel helper for ensuring that access to a given value is performed through simple accesses", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-simple-access@7.22.5#packages/babel-helper-simple-access", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-simple-access", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-simple-access", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f41fdf44fcaf818a46b7fbe58d2f5ecf3afa38aca599ee5644a7543e7d2b556d48bc9f13d01013a54e608ec56ff426c4b9e9228a43ea2301eda91ca247377e7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-simple-access" + } + ] + }, + { + "type": "library", + "name": "helper-split-export-declaration", + "group": "@babel", + "version": "7.22.6", + "bom-ref": "@babel/helper-split-export-declaration@7.22.6", + "author": "The Babel Team", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-split-export-declaration@7.22.6#packages/babel-helper-split-export-declaration", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-split-export-declaration", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-split-export-declaration", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.22.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "02c527c6e2e1458b22b0589a270be9d5017e2372a30f914ec6eb75e2afc6ce8bd47baa2b1cb7ac5b60bb77be789119b9de1e60aabcfab0597ab31738055b44fe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-split-export-declaration" + } + ] + }, + { + "type": "library", + "name": "helpers", + "group": "@babel", + "version": "7.24.4", + "bom-ref": "@babel/helpers@7.24.4", + "author": "The Babel Team", + "description": "Collection of helper functions used by Babel transforms.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helpers@7.24.4#packages/babel-helpers", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helpers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helpers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15ec1d9596d28b06951a5813d433c0343b821da0cc88ea3e0ff2036111588c73aebfaeb131227b7d0c30383c113403e400320eff3d44a05fe5d810969560010f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helpers" + } + ] + }, + { + "type": "library", + "name": "helper-function-name", + "group": "@babel", + "version": "7.23.0", + "bom-ref": "@babel/helper-function-name@7.23.0", + "author": "The Babel Team", + "description": "Helper function to change the property 'name' of every function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-function-name@7.23.0#packages/babel-helper-function-name", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-function-name", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-function-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.23.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "384ac4aacaf18d94c97226783a8f9ea19a9e5bd50888e72e60a449038640815f66c80fa93978619a97cd08a8c41ff6ae55f11854527acb54dce2bd1e200a6a8b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-function-name" + } + ] + }, + { + "type": "library", + "name": "helper-hoist-variables", + "group": "@babel", + "version": "7.22.5", + "bom-ref": "@babel/helper-hoist-variables@7.22.5", + "author": "The Babel Team", + "description": "Helper function to hoist variables", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-hoist-variables@7.22.5#packages/babel-helper-hoist-variables", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-hoist-variables", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-hoist-variables", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-hoist-variables/-/helper-hoist-variables-7.22.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c068e4f50655cef92703ac8a2145116fccd8de0ad709c399b7effb59ccbc3b6b9cb7186996650f90e76582836199d55e7b673dd895db7f5c6932d54d6dfa3147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-hoist-variables" + } + ] + }, + { + "type": "library", + "name": "helper-string-parser", + "group": "@babel", + "version": "7.24.1", + "bom-ref": "@babel/helper-string-parser@7.24.1", + "author": "The Babel Team", + "description": "A utility package to parse strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/helper-string-parser@7.24.1#packages/babel-helper-string-parser", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-helper-string-parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babel.dev/docs/en/next/babel-helper-string-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "da87d10a39e703dcbec24f1bf4801112ba1e50fd36287a78df53769a12a78b2db22880caa5bac7bfd797c26f1c05e59061c266cefe6a282bbae4fe3b78217b09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-string-parser" + } + ] + }, + { + "type": "library", + "name": "to-fast-properties", + "version": "2.0.0", + "bom-ref": "to-fast-properties@2.0.0", + "author": "Sindre Sorhus", + "description": "Force V8 to use fast properties for an object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/to-fast-properties@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/to-fast-properties.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/to-fast-properties/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fce68a2b4c58aecdc39b1458a8bff20dcf85c455156210e55cc8519afdf3f75e70d87175b67375a26077e788fc55418efe16d1cf20fa637b00eefec64bf71ea2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/to-fast-properties" + } + ] + }, + { + "type": "library", + "name": "gensync", + "version": "1.0.0-beta.2", + "bom-ref": "gensync@1.0.0-beta.2", + "author": "Logan Smyth", + "description": "Allows users to use generators in order to write common functions that can be both sync or async.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/gensync@1.0.0-beta.2", + "externalReferences": [ + { + "url": "git+https://github.com/loganfsmyth/gensync.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/loganfsmyth/gensync/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de137b35ab2462f3032d0639e609d6dcd43e99eb0401ea53aa583e5446e3ef3cea10c055361cdc19861ea85a3f4e5633e9e42215ca751dcb0264efa71a04bcce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/gensync" + } + ] + }, + { + "type": "library", + "name": "resolve-uri", + "group": "@jridgewell", + "version": "3.1.2", + "bom-ref": "@jridgewell/resolve-uri@3.1.2", + "author": "Justin Ridgewell", + "description": "Resolve a URI relative to an optional base URI", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/resolve-uri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/resolve-uri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6d12128022233f6d3fb5b5923d63048b9e1054f45913192e0fd9492fe508c542adc15240f305b54eb6f58ccb354455e8d42053359ff98690bd42f98a59da292b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jridgewell/resolve-uri" + } + ] + }, + { + "type": "library", + "name": "load-nyc-config", + "group": "@istanbuljs", + "version": "1.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0", + "description": "Utility function to load nyc configuration", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40istanbuljs/load-nyc-config@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/load-nyc-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/load-nyc-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5637874a5233a6ffcdc83dcdd18b877d738f0c88b1700d6ad9957df30b0ca9c6253e6bf69f761bda560ff5730496768555783903b60b4de2eee95f38b900e399" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "5.3.1", + "bom-ref": "camelcase@5.3.1", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@5.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f6f124c1d7bd27c164badd48ed944384ddd95d400a5a257664388d6e3057f37f7ad1b8f7a01da1deb3279ef98c50f96e92bd10d057a52b74e751891d79df026" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "test-exclude", + "version": "6.0.0", + "bom-ref": "test-exclude@6.0.0", + "author": "Ben Coe", + "description": "test for inclusion or exclusion of paths using globs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/test-exclude@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/istanbuljs/test-exclude.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/test-exclude/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7001963c8c8e1d4eb396683cf23c26ed54725e730dee257af0e1806d80e4fcc87fc42fe9cd53e542d63a9e0a081ffe7fb5c8ae8467ef11253c1ab1eb7310f9eb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude" + } + ] + }, + { + "type": "library", + "name": "babel__generator", + "group": "@types", + "version": "7.6.8", + "bom-ref": "@types/babel__generator@7.6.8", + "description": "TypeScript definitions for @babel/generator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__generator@7.6.8#types/babel__generator", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__generator", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__generator", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012b23fada440ec12216bd5aad6ae537a57799d7e344c66de8bb4afd5a7f92b7852e7af9407e7e0e1bc3e6720d6195f3c09bd7786abed398945dc03356ba96b7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__generator" + } + ] + }, + { + "type": "library", + "name": "babel__template", + "group": "@types", + "version": "7.4.4", + "bom-ref": "@types/babel__template@7.4.4", + "description": "TypeScript definitions for @babel/template", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/babel__template@7.4.4#types/babel__template", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git#types/babel__template", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/babel__template", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.4.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "87f354692c86e44cb1048a7c611c68e1131edbfa9082fca8c11c1533385884108e35b5bc3d4b20e2590532b86066151ee73dcbdcc88b0eebf227f09a3dad80f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/babel__template" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "29.6.3", + "bom-ref": "babel-preset-jest@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@29.6.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d01ddb87147ab27597259b51fd19621d30cf4609f5b0d1ce474c95b6afc8890172b8e563152fb0ba2a3f478812364c9898a989078c0666fd8d65a9e62a64e734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "29.6.3", + "bom-ref": "babel-plugin-jest-hoist@29.6.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@29.6.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/jestjs/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/jestjs/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jestjs/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-29.6.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "11201cfd126f193144cd1c0e4d3e3e94d0e4fc634732429b373b2f4f4a8a45f0f2c984ec931079ae75369e3203615c570811c7108d5cd18c07a1bdd6698ba33a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "ts-mocha", + "version": "10.0.0", + "bom-ref": "ts-mocha@10.0.0", + "author": "Piotr Witek", + "description": "Mocha thin wrapper that allows running TypeScript tests with TypeScript runtime (ts-node) to get rid of compilation complexity", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-mocha@10.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/piotrwitek/ts-mocha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/piotrwitek/ts-mocha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-mocha/-/ts-mocha-10.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5517e00cefa28ae24594d075f2dcce7f2a49db5c67db16ee6720ef26faa94db5a0900803d7b38d1abf2df9397cadc06d3817635e9e5efd193e777f5fed704747" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "buffer-from", + "version": "1.1.2", + "bom-ref": "buffer-from@1.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/buffer-from@1.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/LinusU/buffer-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/LinusU/buffer-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/LinusU/buffer-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "13e5d0091c126da6a20a1b6fea4e83c2073e6f1f81b3abee2891c7979928c7f05a29b8625f3a903b02b870edb6c84946a763829a3c15853dc79b18323c69c97d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-from" + } + ] + }, + { + "type": "library", + "name": "tsconfig-paths", + "version": "3.15.0", + "bom-ref": "tsconfig-paths@3.15.0", + "author": "Jonas Kello", + "description": "Load node modules according to tsconfig paths, in run-time or via API.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tsconfig-paths@3.15.0", + "externalReferences": [ + { + "url": "git+https://github.com/dividab/tsconfig-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dividab/tsconfig-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d80736460cc37bf727e3c1af39edccfa8f36a4415ec03dd43dbca85071dd29ab07c092a376ce1f2d759ffd4c799004c128ddb4a1a146bbe8db125a75a68b349a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json5", + "group": "@types", + "version": "0.0.29", + "bom-ref": "@types/json5@0.0.29", + "author": "Jason Swearingen", + "description": "TypeScript definitions for JSON5", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40types/json5@0.0.29", + "externalReferences": [ + { + "url": "git+https://github.com/DefinitelyTyped/DefinitelyTyped.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DefinitelyTyped/DefinitelyTyped/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7512e30961d8838a1a03bedcc4eeb8a0efbb2700b09c8ce464f76bac2ef58d0990b6584ce79ea9c0aa396d4ceabd99dd9156de14b2088bef530b8d09345e6135" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@types/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "source-map-support", + "group": "@cspotcode", + "version": "0.8.1", + "bom-ref": "@cspotcode/source-map-support@0.8.1", + "description": "Fixes stack traces for files with source maps", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40cspotcode/source-map-support@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/node-source-map-support.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/node-source-map-support/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "21c84d7fa74de2d1e8305227ffb384f0b599d7d63aabfebb0667fabe719112ff1149b0556fd2cf27111c9f0adcc17ea2c52bda886a2898052fbb8612c57ad583" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support" + } + ] + }, + { + "type": "library", + "name": "node10", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node10@1.0.11", + "description": "A base TSConfig for working with Node 10.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node10@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0dc4630c2ba32bf90293f7147bc5f3f194a99bc992de634da6d6be8c6080e944840df92d94dbe6d7e22e67d7937036cd938d411f0a471de5be37594a0b3e333b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node10" + } + ] + }, + { + "type": "library", + "name": "node12", + "group": "@tsconfig", + "version": "1.0.11", + "bom-ref": "@tsconfig/node12@1.0.11", + "description": "A base TSConfig for working with Node 12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node12@1.0.11#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "72a79fb91b21d76a56c86b08a0128903d96e16ede6471080f8e459bc0e24b4b4b322e094b56571188b978a01303b9ff2c1614c67640418a5af9191b5cc33136a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node12" + } + ] + }, + { + "type": "library", + "name": "node14", + "group": "@tsconfig", + "version": "1.0.3", + "bom-ref": "@tsconfig/node14@1.0.3", + "description": "A base TSConfig for working with Node 14.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node14@1.0.3#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cac4fc9a1762c562ba1f0de2d55d80791a99e567d78351b8de6aa86253369dceb7f3c16ae63717cabe6646ca9588bc7f18961da0bd1b7d70fc9e617e667fc8a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node14" + } + ] + }, + { + "type": "library", + "name": "node16", + "group": "@tsconfig", + "version": "1.0.4", + "bom-ref": "@tsconfig/node16@1.0.4", + "description": "A base TSConfig for working with Node 16.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tsconfig/node16@1.0.4#bases", + "externalReferences": [ + { + "url": "git+https://github.com/tsconfig/bases.git#bases", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/tsconfig/bases#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tsconfig/bases/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf1854cb827c9727b28a71fb033975a5d778dc6261647fed3f6c1e37c4e7b506e5398f80d176d3f03264d7fa023ee38eca0fc96bbe7bac6d028077160bc39f30" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@tsconfig/node16" + } + ] + }, + { + "type": "library", + "name": "acorn-walk", + "version": "8.3.2", + "bom-ref": "acorn-walk@8.3.2", + "description": "ECMAScript (ESTree) AST walker", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn-walk@8.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "723932bf83ad34221eaa11eb7d2f354165e80813c4c51fc9eb6a3212a7a9570f16690792aa95b6ba1b8b3e1d66f5e5a10ee3a8fe35175539627ef7ac396a7fe0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/acorn-walk" + } + ] + }, + { + "type": "library", + "name": "create-require", + "version": "1.1.1", + "bom-ref": "create-require@1.1.1", + "description": "Polyfill for Node.js module.createRequire (<= v12.2.0)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/create-require@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/nuxt-contrib/create-require.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nuxt-contrib/create-require/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "75c2855f78e7d0ca486978e2b2846f7b12095442b36aaef3dab64ac5ff8c4abf5391d9879ac5389b695c2e88eb8ff14797c9a4e55c4c99803e7ed4643ffde829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/create-require" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "4.0.2", + "bom-ref": "diff@4.0.2", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@4.0.2", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c966c4a480e013722f3f871cc53394e129834f4557e7afe9931edef262860771ce073067c5681043e600b0991bd2e6a9f56834c30aa6db48613546eae0d8ec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "v8-compile-cache-lib", + "version": "3.0.1", + "bom-ref": "v8-compile-cache-lib@3.0.1", + "author": "Andrew Bradley", + "description": "Require hook for automatic V8 compile cache persistence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/v8-compile-cache-lib@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/cspotcode/v8-compile-cache-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/v8-compile-cache-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c1aed88f25067cd667808fefb4ad141c037e9600c2c413c2ca55571a9d33bb9f45cf96a21ad3576aadc3848a2fd3adcca2b07e55fb9f2e1dc9945d8a7532b7c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/v8-compile-cache-lib" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "3.1.1", + "bom-ref": "yn@3.1.1", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "531e328065acbb673b8ac1567bc62ed5896e266a95871a8ad9c2d735003901c0b741f6c636933b7eed18f1bff3d7aa572e7171658bd685dddf84163d0cb982e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yn" + } + ] + }, + { + "type": "library", + "name": "tsimportlib", + "version": "0.0.5", + "bom-ref": "tsimportlib@0.0.5", + "author": "Andrew Bradley", + "purl": "pkg:npm/tsimportlib@0.0.5", + "externalReferences": [ + { + "url": "https://github.com/cspotcode/tsimportlib", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cspotcode/tsimportlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tsimportlib/-/tsimportlib-0.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9642ffc2dd80783f08fbed9d8794e45fcb912c58771262deba55094c334c5988a5f0b687b54b17e9ce61d7eb6b1d260cd4e9eb2b046b72448971e8ed8e14fad" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsimportlib" + } + ] + }, + { + "type": "library", + "name": "colors", + "group": "@colors", + "version": "1.6.0", + "bom-ref": "@colors/colors@1.6.0", + "author": "DABH", + "description": "get colors in your node.js console", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40colors/colors@1.6.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/DABH/colors.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/DABH/colors.js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/DABH/colors.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@colors/colors/-/colors-1.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "22bf803a26eaceb22c2fa6a3b77473dcbb2407b3a23151ea96d666b296d6fd326e4d5bb238c8ab56a0248df63a2484a22c783236a89c002f00c871c6ccd77f74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@colors/colors" + } + ] + }, + { + "type": "library", + "name": "diagnostics", + "group": "@dabh", + "version": "2.0.3", + "bom-ref": "@dabh/diagnostics@2.0.3", + "author": "Arnout Kazemier", + "description": "Tools for debugging your node.js modules and event loop", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40dabh/diagnostics@2.0.3", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/diagnostics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/diagnostics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@dabh/diagnostics/-/diagnostics-2.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "86b9503888bb8407f3b0caa519217256e72bc77f0efa3eb088639ffff1f679cbc812a60de000c1492da22cc879505c83ba708d9e25083e4feadeb885bf8e7144" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@dabh/diagnostics" + } + ] + }, + { + "type": "library", + "name": "colorspace", + "version": "1.1.4", + "bom-ref": "colorspace@1.1.4", + "author": "Arnout Kazemier", + "description": "Generate HEX colors for a given namespace.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/colorspace@1.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/colorspace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/colorspace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/colorspace/-/colorspace-1.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "060bca262b95bb58a00541769048d10995e897ac228866d8e62a4bfe854fc26d012fdb08a4c23333c20aeefc2ec48233397315dc4cb9c3ebf1866d2b47f4cdf3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace" + } + ] + }, + { + "type": "library", + "name": "text-hex", + "version": "1.0.0", + "bom-ref": "text-hex@1.0.0", + "author": "Arnout Kazemier", + "description": "Generate a hex color from the given text", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-hex@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/text-hex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/text-hex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/text-hex/-/text-hex-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bae546356ce0278ca145a3528ae6cf63b3a3212c38b30e04e54bf4c1b8e9f8ecdc6e6554febb13f2e8e07172619fdca9cec82be6f973a4fa8ff8c04129c1af6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/text-hex" + } + ] + }, + { + "type": "library", + "name": "enabled", + "version": "2.0.0", + "bom-ref": "enabled@2.0.0", + "author": "Arnout Kazemier", + "description": "Check if a certain debug flag is enabled.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/enabled@2.0.0", + "externalReferences": [ + { + "url": "git://github.com/3rd-Eden/enabled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/enabled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/enabled/-/enabled-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00aacdf7c92ec0eccc21d022cd7188f3a505068a36e822f6d5433beb7cb587f18c489e3f38753d936625b26069c92705a3fc1b2f35902413025b8f883b7ffe39" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/enabled" + } + ] + }, + { + "type": "library", + "name": "kuler", + "version": "2.0.0", + "bom-ref": "kuler@2.0.0", + "author": "Arnout Kazemier", + "description": "Color your terminal using CSS/hex color codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/kuler@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/kuler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/kuler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/kuler/-/kuler-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eaf671fb2a559999702da1d5c30d113bbece8353581353ccd80c70e258b4a2a78e44830ab7a652c7ccf9f6ecd82fccbdabd4b30f0b5bddaa1f7cb10c6daa3e0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/kuler" + } + ] + }, + { + "type": "library", + "name": "logform", + "version": "2.6.0", + "bom-ref": "logform@2.6.0", + "author": "Charlie Robbins", + "description": "An mutable object-based log format designed for chaining & objectMode streams.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/logform@2.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/logform.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/logform#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/logform/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/logform/-/logform-2.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d6e94778d3e9ea4fcb0fc1fdd68ed56050678398b504313b1e82b155b66218589d4b5463eb9a9ccb02f15fea557c03e840912345dbca72eb0ac0eba91c254e55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/logform" + } + ] + }, + { + "type": "library", + "name": "fecha", + "version": "4.2.3", + "bom-ref": "fecha@4.2.3", + "author": "Taylor Hakes", + "description": "Date formatting and parsing", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fecha@4.2.3", + "externalReferences": [ + { + "url": "git+https://taylorhakes@github.com/taylorhakes/fecha.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/taylorhakes/fecha", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/taylorhakes/fecha/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fecha/-/fecha-4.2.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "38fd88514e877982898b78b4cf8035f641cc4282d5b381dcf833eaab123687f0cf6474e6fef8ec7c2e8fd1be2308ccb5e178b32c1aaf9dd43e522943efbd3b27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fecha" + } + ] + }, + { + "type": "library", + "name": "safe-stable-stringify", + "version": "2.4.3", + "bom-ref": "safe-stable-stringify@2.4.3", + "author": "Ruben Bridgewater", + "description": "Deterministic and safely JSON.stringify to quickly serialize JavaScript objects", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-stable-stringify@2.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/BridgeAR/safe-stable-stringify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/BridgeAR/safe-stable-stringify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7b66c30365894f4c31b1e55de25b033f8fb738d5fa1e931741ad5984543b494f868ef3910a64a16c2325b6bb480df9188551eb39c3ed8fe2a198305d3dd643d6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/safe-stable-stringify" + } + ] + }, + { + "type": "library", + "name": "triple-beam", + "version": "1.4.1", + "bom-ref": "triple-beam@1.4.1", + "author": "Charlie Robbins", + "description": "Definitions of levels for logging purposes & shareable Symbol constants.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/triple-beam@1.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/winstonjs/triple-beam.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/triple-beam/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/triple-beam/-/triple-beam-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6996e056266b83540d706f8b50b6bb9e16692536522e6fe65e71d79db01b8e63796926b4cbb57ec2fbfafb859a06da48489cd384acbe3c83f173536ad4427d9a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/triple-beam" + } + ] + }, + { + "type": "library", + "name": "one-time", + "version": "1.0.0", + "bom-ref": "one-time@1.0.0", + "author": "Arnout Kazemier", + "description": "Run the supplied function exactly one time (once)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/one-time@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/one-time.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/one-time/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/one-time/-/one-time-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e435ce8912b0b9211c43f974906085e90de37000c5bf9b52991689724fceaa454570eceeb41d77e0a4527c5d310eb2f7f4c367ab16c705b51472364885381bda" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/one-time" + } + ] + }, + { + "type": "library", + "name": "fn.name", + "version": "1.1.0", + "bom-ref": "fn.name@1.1.0", + "author": "Arnout Kazemier", + "description": "Extract names from functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fn.name@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/3rd-Eden/fn.name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/3rd-Eden/fn.name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fn.name/-/fn.name-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1919e607980fc89a4085341d4994d2a7db9a3d2be5d3d2a861c310b6c07dad0a0e9b3b3d747e9f7de71c1fe67e72fe8febc1eee5b0ba263461e0087f98748d47" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fn.name" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.3.0", + "bom-ref": "string_decoder@1.3.0", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "864457f14d568c915df0bb03276c90ff0596c5aa2912c0015355df90cf00fa3d3ef392401a9a6dd7a72bd56860e8a21b6f8a2453a32a97a04e8febaea7fc0a78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "stack-trace", + "version": "0.0.10", + "bom-ref": "stack-trace@0.0.10", + "author": "Felix Geisendörfer", + "description": "Get v8 stack traces as an array of CallSite objects.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/stack-trace@0.0.10", + "externalReferences": [ + { + "url": "git://github.com/felixge/node-stack-trace.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/felixge/node-stack-trace/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/stack-trace/-/stack-trace-0.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "286cda85cee9b942a4cf232df88a807a9f9354d6ca3fe9362e6c21b9bdfd9b502c4d291a0eeb71e7a6830a8f872c3cdffc3dba0481d32563624c6d4a0098900a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-trace" + } + ] + }, + { + "type": "library", + "name": "winston-transport", + "version": "4.7.0", + "bom-ref": "winston-transport@4.7.0", + "author": "Charlie Robbins", + "description": "Base stream implementations for winston@3 and up.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/winston-transport@4.7.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/winstonjs/winston-transport.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/winstonjs/winston-transport/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/winston-transport/-/winston-transport-4.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a3063eb92b923b75e9f37abd88616ebed9b34856a2c60c7a83c373b0f0e861faf756fabbf8319e9e883bc7a0a85f2456766aec8df1bc9789e0c327de9588e36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/winston-transport" + } + ] + }, + { + "type": "library", + "name": "xlsx-populate", + "version": "1.21.0", + "bom-ref": "xlsx-populate@1.21.0", + "author": "Dave T. Johnson", + "description": "Excel XLSX parser/generator written in JavaScript with Node.js and browser support, jQuery/d3-style method chaining, and a focus on keeping existing workbook features and styles in tact.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xlsx-populate@1.21.0", + "externalReferences": [ + { + "url": "git+https://github.com/dtjohnson/xlsx-populate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dtjohnson/xlsx-populate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xlsx-populate/-/xlsx-populate-1.21.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2fd869bc05e857a3a2d4eca4fcd364285d33e4618d522a4e55f20fd4b98667341dc9cd7aae77f3fdf4fc6bdb25de2b2b7eb0a9426ad9a2773ea340d89ed6147" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate" + } + ] + }, + { + "type": "library", + "name": "cfb", + "version": "1.2.2", + "bom-ref": "cfb@1.2.2", + "author": "sheetjs", + "description": "Compound File Binary File Format extractor", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/cfb@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-cfb.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-cfb/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "29f75466c48ec35f7f39b1166acbc13ff01ce2b799bc019ab9986ce92fe0a8d857848edc2b0be51fbba58fe74e1189dc6b86e6e121a8f02d5b4c042f9d38e040" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/cfb" + } + ] + }, + { + "type": "library", + "name": "adler-32", + "version": "1.3.1", + "bom-ref": "adler-32@1.3.1", + "author": "sheetjs", + "description": "Pure-JS ADLER-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/adler-32@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-adler32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://sheetjs.com/opensource", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-adler32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca7678c3f9d452fe6baec47c5141a87b5542f61663e95e6153d430d4794c0c9184270e52ed37d312b5938cccace8ceefaf461670faacdea02be2cb349c37cff8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/adler-32" + } + ] + }, + { + "type": "library", + "name": "crc-32", + "version": "1.2.2", + "bom-ref": "crc-32@1.2.2", + "author": "sheetjs", + "description": "Pure-JS CRC-32", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/crc-32@1.2.2", + "externalReferences": [ + { + "url": "git://github.com/SheetJS/js-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://sheetjs.com/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/SheetJS/js-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "44e9b308aad39cec326cf709029000e960568a3db71d57c654d2aaaab669bb264e1ea2b60b01d2be91aecadfd434dbda22311df17e48146a78321f887b520725" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/crc-32" + } + ] + }, + { + "type": "library", + "name": "jszip", + "version": "3.10.1", + "bom-ref": "jszip@3.10.1", + "author": "Stuart Knightley", + "description": "Create, read and edit .zip files with JavaScript http://stuartk.com/jszip", + "licenses": [ + { + "expression": "(MIT OR GPL-3.0-or-later)" + } + ], + "purl": "pkg:npm/jszip@3.10.1", + "externalReferences": [ + { + "url": "git+https://github.com/Stuk/jszip.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Stuk/jszip#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Stuk/jszip/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jszip/-/jszip-3.10.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c570ef79cc93a462eba85aef92b512a31c5f248e401fb53ccf1c6d55c969b14b4c0aae09436f742d8f005b973b1a09ebfd8fe82be6d031ba8adaa9ad937a4de2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip" + } + ] + }, + { + "type": "library", + "name": "lie", + "version": "3.3.0", + "bom-ref": "lie@3.3.0", + "description": "A basic but performant promise implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lie@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/lie.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/lie/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lie/-/lie-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51a88c27379646512e8f302ec392e8918d4be5e70d41864a7e6c99f4bef00c76ffa797ad29ac5786884172bc341186f2f86fcd039daf452378377f5dc47008c1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/lie" + } + ] + }, + { + "type": "library", + "name": "immediate", + "version": "3.0.6", + "bom-ref": "immediate@3.0.6", + "description": "A cross browser microtask library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/immediate@3.0.6", + "externalReferences": [ + { + "url": "git://github.com/calvinmetcalf/immediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/immediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5d7385b72a838cd0c043155f631b85ee0f4897f21b5a69a5420d8c60a387f04c484f5aa0eb1738cf24b71da10401382cd5bb5fcf1ab5e5c894898ee08d25d119" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/immediate" + } + ] + }, + { + "type": "library", + "name": "pako", + "version": "1.0.11", + "bom-ref": "pako@1.0.11", + "description": "zlib port to javascript - fast, modularized, with browser support", + "licenses": [ + { + "expression": "(MIT AND Zlib)" + } + ], + "purl": "pkg:npm/pako@1.0.11", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/pako.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/pako", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/pako/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e212c1f0fcb8cd971ee6ce3277d5f3a29ab056fff218d855d4197c353982ab5efadc778adbe130553bfe95e19e2f5dc39e1db07dbaa8c153d70883b4cf8b5a63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pako" + } + ] + }, + { + "type": "library", + "name": "core-util-is", + "version": "1.0.3", + "bom-ref": "core-util-is@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "The `util.is*` functions introduced in Node v0.12.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/core-util-is@1.0.3", + "externalReferences": [ + { + "url": "git://github.com/isaacs/core-util-is.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/core-util-is#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/core-util-is/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "65006f8b50dca49e060ea6a78ee719d878f7c043b9a590d2f3d0566e472bbddc64b09a2bc140c365a997f65745929f5ac369660432e090e6c40380d6349f4561" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/core-util-is" + } + ] + }, + { + "type": "library", + "name": "isarray", + "version": "1.0.0", + "bom-ref": "isarray@1.0.0", + "author": "Julian Gruber", + "description": "Array#isArray for older browsers", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/isarray@1.0.0", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/isarray.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/isarray", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/isarray/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54b82121634ce842d0ce8ef3c26720d0d99357258a623bc878cf37ca3a74c110d39949eb33aefc7d06dc281a3a9f6089105d2cce81bfff2b60f932a56bcf402d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/isarray" + } + ] + }, + { + "type": "library", + "name": "process-nextick-args", + "version": "2.0.1", + "bom-ref": "process-nextick-args@2.0.1", + "description": "process.nextTick but always with args", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/process-nextick-args@2.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/calvinmetcalf/process-nextick-args.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/calvinmetcalf/process-nextick-args/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "de8b943a9421b60adb39ad7b27bfaec4e4e92136166863fbfc0868477f80fbfd5ef6c92bcde9468bf757cc4632bdbc6e6c417a5a7db2a6c7132a22891459f56a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/process-nextick-args" + } + ] + }, + { + "type": "library", + "name": "setimmediate", + "version": "1.0.5", + "bom-ref": "setimmediate@1.0.5", + "author": "YuzuJS", + "description": "A shim for the setImmediate efficient script yielding API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/setimmediate@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/YuzuJS/setImmediate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/YuzuJS/setImmediate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3004c9759a7cb0ba8397febc2df4266cff3328f2d0355e81219a0882bb1c14343e46cbcafc1c5e0d03a0cb128aa21d32ffc87706a5459c2a90fe077eade8885c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/setimmediate" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.2.1", + "bom-ref": "sax@1.2.1", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.2.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d9adcba2f1d33a99bb355e723b23bc207aa056c7cae3e52ec92ad753c617912457ee4ea1095f5bdc7ae4282af79cca608fed1b9a871a2495a9be9d6873b64" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "xmlbuilder", + "version": "11.0.1", + "bom-ref": "xmlbuilder@11.0.1", + "author": "Ozgur Ozcitak", + "description": "An XML builder for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/xmlbuilder@11.0.1", + "externalReferences": [ + { + "url": "git://github.com/oozcitak/xmlbuilder-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/oozcitak/xmlbuilder-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7c396c23f905131ee02ef6de71cd3fa212c6e747ee810a7caf21f3313b96f6f49ad462745d858a9e1b14c7ba227b71bdf3eaf9e9a4d0214078921b78d91dc9bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xmlbuilder" + } + ] + }, + { + "type": "library", + "name": "zip-lib", + "version": "1.0.4", + "bom-ref": "zip-lib@1.0.4", + "author": "fpsqdb", + "description": "zip and unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/zip-lib@1.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/fpsqdb/zip-lib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fpsqdb/zip-lib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/zip-lib/-/zip-lib-1.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b5cc0c2d4b13fddc60110330c685add0148fdd054af6f57faf0ece46452f1ba4045bc1a06550d3873844f050de44e0f4beb306f500c52eb789f5e4ce61ce7a4f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/zip-lib" + } + ] + }, + { + "type": "library", + "name": "yauzl", + "version": "3.1.3", + "bom-ref": "yauzl@3.1.3", + "author": "Josh Wolfe", + "description": "yet another unzip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yauzl@3.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yauzl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yauzl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yauzl/-/yauzl-3.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "24209d9a52495afecbd2afcaca539e93245a52b744a14c5691655c828ae8b1344e0855a24bda7634d3c4f586fdd5a93b6f53794b1019125896a6ca5b65c722bf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yauzl" + } + ] + }, + { + "type": "library", + "name": "buffer-crc32", + "version": "0.2.13", + "bom-ref": "buffer-crc32@0.2.13", + "author": "Brian J. Brennan", + "description": "A pure javascript CRC32 algorithm that plays nice with binary data", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/brianloveswords/buffer-crc32/raw/master/LICENSE" + } + } + ], + "purl": "pkg:npm/buffer-crc32@0.2.13", + "externalReferences": [ + { + "url": "git://github.com/brianloveswords/buffer-crc32.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/brianloveswords/buffer-crc32/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54ef47b7ffa9dd237b48a5aa72b804ce319b4522584f1f90d694d00b4c2b5aa1f1d2fa49ada43a1ad1f1f2dbdc835ae52b56f2854e6071cc603a08fb0744c391" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/buffer-crc32" + } + ] + }, + { + "type": "library", + "name": "pend", + "version": "1.2.0", + "bom-ref": "pend@1.2.0", + "author": "Andrew Kelley", + "description": "dead-simple optimistic async helper", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pend@1.2.0", + "externalReferences": [ + { + "url": "git://github.com/andrewrk/node-pend.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andrewrk/node-pend#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andrewrk/node-pend/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1776acbf8d94b97721773b7ec57a9f5b538695505efa6c5ada6a88d29839c801d93ef16663763a76b49ffc643503ce9681610df4ace1fd6ae029aea219c1d72e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pend" + } + ] + }, + { + "type": "library", + "name": "yazl", + "version": "2.5.1", + "bom-ref": "yazl@2.5.1", + "author": "Josh Wolfe", + "description": "yet another zip library for node", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yazl@2.5.1", + "externalReferences": [ + { + "url": "git+https://github.com/thejoshwolfe/yazl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thejoshwolfe/yazl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yazl/-/yazl-2.5.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6110d8b63cb8879c76fa401568b7e7499da019d31a2c8fba777d697ece7223043967308d8fb19089677d3a04f4c539a1dfe6a743108f31e6a16b48e04de6faf" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yazl" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-config-service/node_modules/@aws-sdk/token-providers" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-browser/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/ie11-detection/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha256-js/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/supports-web-crypto/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/util@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/util/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.590.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df208b3e3aba5857c3a5d5092a4fe04b3e1e00f0d38d59275dabde30f8b64285410ac86778e9c9b15d7ab8d2a5a551757eb4c7aeb0d17ca6266da561ea7141bd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso-oidc" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.590.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7f8475bf52d29f8b8b619e6a8f80f22fa829ecf5d7cc9789b26dac7a17a2257fb9dcb485e4bed74839d056d5f5a7d4debefd21a766145944e0e906302154ae1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sts" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.588.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.588.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.588.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5736fbd71ee3a67e8a289df96de20b522f3db7c8a397aff42062e7819d341f52688f3fdfe7fc30972ec740fa73db68085d00acc7abb0dfe0a7c7a4e7b7bdb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/core" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.590.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2dfc98d1685e86c6ac3435d4fddd5357beab59d127b79997c975e4a529bd909efe13ae75bc508bf7a942b09acc3fe04585767d3c9ccdd2e5673079659f0385" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-node" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.587.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4b20e898df883abca02ee733886eff9ce1e48d45c44b9a07e53ee9f006e83bca1a90c409767b9d35789859389c4163b9d91e7553a091dbbadc30f4c678c79d60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/middleware-user-agent" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.587.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f7723b20f66dba5650a112be3b6d082786b5b325b060fce83b681cdeffbf18d65f9593d5dd0257b956c89b4a7106cbb49ff9b328650aa9238b3c868dd3df0771" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/region-config-resolver" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.587.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d471ba126f30416a8a7115ba9b7e7c9aa79b4553692fc5ebac4a13e089fbc6a90a92662d1d135560fea5726890879a59fdcfc55eef1d49c86e1485b212da9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-endpoints" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.587.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e797e0d47bf6ef9db1040c73f789526b3ad1371db14904f82c0fabc9fa697ff88624d44ab8f63106f841d974d4cfcf74831b491ba76fbbbb8d4c29824747f89" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/util-user-agent-node" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.587.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f283fe4a144088936939a3cc275448a7895f3ac959219f99332135327663460a45dd0451cc1d1c7a865790d5bab02476c1b24caef276d86a6cdcc329a61b09b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-env" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.587.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4aed524565510ae4757b7da8c57dc2d55e1ce61a4f376d1661c45f75caf6c17c07a92bf2b390eb9e6b820be2681274bfceddda7542613e5893aa97ca81274cac" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-http" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.590.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63970572200adfc548bd181978d0fb1ef14d477dad846b506fc5e8a7a70c9f7dc50bbf2ec1c448bbd1dcf7af7d5d3725099ab3e3e5e5d5653e759fab9c59f600" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-ini" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.587.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "578c53de20aa905f2e2fa402e20a81260ff66ac77f75a9acc0fd61f4709fa9396598f5b32264bef160f75638132f0e5bd0a6d3cbe65d52129cd300e7cb3933c6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-process" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.590.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bfed23fc8fa37bda247f05ec8262e9a66c0813e4ee329e56a8bcfbafb3c7cfd2a3ccbc8a68a4c3bdf965143fbca0fa41aa798e5a227da9318f92b7e107b6bf7d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-sso" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.587.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5ea231fc8d8f1bb932bb0dd68c03fdc0a971cbc22f149c01f1ab0e153d713c5a157d960a2288231bda0b3f962246d7ef0e4588ced1e683932556fdc77490c647" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/credential-provider-web-identity" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.590.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.590.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.590.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "eb16c2ea841524a0514f25f24770b5e64b14b0f3b25b8a7eb828fb76529858626f878bc64d5f0a859292e77a0f1bcb787f5f8e3095a3af9c0ab97468685b2685" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/client-sso" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.587.0", + "bom-ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.587.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.587.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "50baa16e72f2d6198935172e9003415899ae9b705b8d79eeacb3d2157a06755d259576251b9e52cc895ad9562a76f7901048e6b01b9365d16f5c0b4da664b966" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-securityhub/node_modules/@aws-sdk/token-providers" + } + ] + }, + { + "type": "library", + "name": "axios", + "version": "0.21.4", + "bom-ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "author": "Matt Zabriskie", + "description": "Promise based HTTP client for the browser and node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/axios@0.21.4", + "externalReferences": [ + { + "url": "git+https://github.com/axios/axios.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://axios-http.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/axios/axios/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bade6f7b0922bbc8e318176aa4ce385f18ee0a3abd2c029e1d59a855f1d5cf2f1e1e0c71abc49b01540da2f0c0f26562d3990fd046bf9ff5337121dc4c941f36" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/emass_client/node_modules/axios" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "1.1.3", + "bom-ref": "log-symbols@1.0.2|chalk@1.1.3", + "description": "Terminal string styling done right. Much color.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@1.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "53795154b31296c09f8ea60f6cbc95bf5d4cf423d6e08ef6f1de9308a300389b9e11e07dffca3e792b0c9f13c90fe43e2bdd3db1d11283b0beb489281faa27d4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "2.2.1", + "bom-ref": "log-symbols@1.0.2|ansi-styles@2.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@2.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "92609ebc582146258cec7079cd33d42e5e2bf5b5454968f3eb6321aa2cc3194aead8d5ae34c432bafe2d1c7a0a247b3af4cfcc17ae2511c1dd608a1cadd59060" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "3.0.1", + "bom-ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@3.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "561ba64926c1a834cff29d992ca8f8d148c1095e3ebfc6d4484a546f82a34605a4f696ea185e111058fa2846a089d6f67ff33a0330b41261720cd19ac3d382ce" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "log-symbols@1.0.2|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "2.0.0", + "bom-ref": "log-symbols@1.0.2|supports-color@2.0.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "28a355b5dea909880f20a538729dbbdf71d6602a6995085d7592c152bc9a007a2eef6df1f854734390dff36e058fe232cae8904d1a2e6f84a72057c872ba7bd2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/log-symbols/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "2.1.1", + "bom-ref": "has-ansi@2.0.0|ansi-regex@2.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@2.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c81a74e9768f84dfea42c8096e66fb440f9a79c02a8b75ecc2ca13d9cca3dcc6f169944b788be5bb38e3422a0799153dfecb935965f38e4bf05d71a9e6d4c60" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/has-ansi/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "chokidar@3.5.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chokidar/node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/fast-glob/node_modules/glob-parent" + } + ] + }, + { + "type": "library", + "name": "lilconfig", + "version": "3.1.1", + "bom-ref": "postcss-load-config@4.0.2|lilconfig@3.1.1", + "author": "antonk52", + "description": "A zero-dependency alternative to cosmiconfig", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/lilconfig@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/antonk52/lilconfig.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/antonk52/lilconfig#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/antonk52/lilconfig/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3b5f297fb9f2bc74dc92e9cf5825755d4357535a62bb4d72d9bec04c9d29a6452493ca1ca95581ad88c9042c070e30ff65671fcab0343f880a8735868b910835" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/postcss-load-config/node_modules/lilconfig" + } + ] + }, + { + "type": "library", + "name": "arg", + "version": "4.1.3", + "bom-ref": "ts-node@10.9.2|arg@4.1.3", + "author": "Josh Junon", + "description": "Another simple argument parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arg@4.1.3", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/arg#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e7c4bd403a86d17c76ed8c0f4adf5f2718af8d8978df6602c1f0cc7d9fbbd5102a52b65e7fb2eb2906772c72cec024b814b341a653f9df7671f3de5278e087bc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-node/node_modules/arg" + } + ] + }, + { + "type": "library", + "name": "commander", + "version": "4.1.1", + "bom-ref": "sucrase@3.35.0|commander@4.1.1", + "author": "TJ Holowaychuk", + "description": "the complete solution for node.js command-line programs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/commander@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/tj/commander.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tj/commander.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tj/commander.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34e2a6f31864cc08f3171f01dafe4e0074febb9a5141cd9409ad95abd8d82ffdf5a36c22f66c4103b2c816cdec5795520b8f73ea91217db3142ef4a12a3dba58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/commander" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "sucrase@3.35.0|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "sucrase@3.35.0|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sucrase/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "foreground-child@3.1.1|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/foreground-child/node_modules/signal-exit" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1e72ce091def8dc63c6dea0d2ed723679fe7c67d9a7e6304ea586b0eb79ba24a8c6a9f976de5bc9fd4d7a4f0cea9d18ae6a708de84f418a4d6eb00bb10c895a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/string-width" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2f5f03689b17494936fb8da9bfc98bb398c94f686a164144e23db5c0e9a06d4aac67684bef636c514efce60f515e0a37b3464d815978d93887a7766d3affd5ca" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/emoji-regex" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8aae9e55523ae274104d162ad8ab44836776b94ecb125853270b07e18cc81d9b21c658199acff021ce15a03413946fc8bd522b04a1b4e82ad99e9d2abfb86471" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9f933ce797ca6f64ac7cc222145a15ac0047242f10b47c15c7e98758fdd0704a811d889e9e3e5d1d28236f1b42d161195d8b78c1c0faceb4049433e116e6607c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b22ed0588eb350cab9e9b11216f6a0b66ccc7463ada317d1f927b3d753286df73bb66f9591472493d6d6d9479f7d319551b3a4b31992c34000da0b3c83bd4d09" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/wrap-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6cdefdf2015f417faf8b0dd1ef2ac6591aa7acdda84641245238e5e09367e04f06c716e3b46dc56eb108218de5f3f86bc14c0878266f8b842e3933f8304ad5ba" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@isaacs/cliui/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.0", + "bom-ref": "path-scurry@1.10.2|lru-cache@10.2.0", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d9b20cf31f9501fe894f86ca0258d2d6a51680cb2a6513c6252e8549a84830f56f72d70d872569ec026eeeabb1396f63c24af205178a658e6d639258bf69ffed" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "path-scurry@1.10.2|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/path-scurry/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "tailwindcss", + "version": "3.3.0", + "bom-ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "description": "A utility-first CSS framework for rapidly building custom user interfaces.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tailwindcss@3.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/tailwindlabs/tailwindcss.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://tailwindcss.com", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tailwindlabs/tailwindcss/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "84e5e5171f98724949f245e20807e4fc5332af83e6f5c938efb1b49bfbacdb7e3856e8f7e79229a040c1e5498602c4a94c19abfb86618f35b4e09b855e46ff7f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/tailwindcss" + } + ] + }, + { + "type": "library", + "name": "postcss-import", + "version": "14.1.0", + "bom-ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "author": "Maxime Thirouin", + "description": "PostCSS plugin to import CSS files", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-import@14.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-import.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-import#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-import/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-import/-/postcss-import-14.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7e5c08f95826e1212539b1553e94c84fb494ed1dea9362fb3f276e31ca2489a54ab96bfd77f53e1a6fd001df0d0cbbb291359391cae339e0f63e9d6b31e0531b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-import" + } + ] + }, + { + "type": "library", + "name": "postcss-load-config", + "version": "3.1.4", + "bom-ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "author": "Michael Ciniawky", + "description": "Autoload Config for PostCSS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-load-config@3.1.4", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-load-config.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-load-config/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-3.1.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e8388ce04eefe1ca13138bb303c53ffd686d3f0ca18a29b77b28c43050a7529cdbae42bdc091e02834f6991f876ed4ab77f36e6d56984cea52a63525f0d41e46" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-load-config" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "tw-elements@1.1.0|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "postcss-nested", + "version": "6.0.0", + "bom-ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "author": "Andrey Sitnik", + "description": "PostCSS plugin to unwrap nested rules like how Sass does it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-nested@6.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-nested.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-nested#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-nested/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d0391a9aaacf7269010ec2e7faf40322bb6449b364bf9003fccdf6db24a8f64a85902218925ca6db11265a4c28f98dffa99a37e2dcc43cd530e32ef230276fe7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tw-elements/node_modules/postcss-nested" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "express@4.19.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "express@4.19.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/express/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "3.21.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "author": "Amit Gupta", + "description": "Validate XML or Parse XML to JS/JSON very fast without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@3.21.1", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1531558d8a013994c97a4894b1ac06b12615f502f403ecc3602463ef2df820ee8983ed8831812d41af9b6e272da5da55f1d1f15f2c2a53b0b48110c4385b4116" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/fast-xml-parser" + } + ] + }, + { + "type": "library", + "name": "htmlparser2", + "version": "7.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "author": "Felix Boehm", + "description": "Fast & forgiving HTML/XML parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/htmlparser2@7.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/htmlparser2.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/htmlparser2#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/htmlparser2/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1fb308980e0c4ba730ee76f2511b4b3ced539acec2e47eb4d8b4444eff79cf53313bfec23fbac355139e85461e60151810e37de0d5d70c43e666eabe857e2ca2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/htmlparser2" + } + ] + }, + { + "type": "library", + "name": "domhandler", + "version": "4.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "author": "Felix Boehm", + "description": "Handler for htmlparser2 that turns pages into a dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domhandler@4.3.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/domhandler.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domhandler#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domhandler/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1abc28c5837eb969733bcba1517465d0ffa41c4e06b553df63354b714c4f2fb28d7472a3ebabef9618b07881ea6185d6970f93f222cca78d8b9baee0870e1631" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domhandler" + } + ] + }, + { + "type": "library", + "name": "domutils", + "version": "2.8.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "author": "Felix Boehm", + "description": "Utilities for working with htmlparser2's dom", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/domutils@2.8.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/domutils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/domutils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/domutils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de828e87e9ef63392088698e0a1b06299811fa0f8f1d55c740525fd3f7d1605d656d9620a5344f505dd24cf678d67d8a48ca8076c4c8ac7c041e87d4bde1dc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/domutils" + } + ] + }, + { + "type": "library", + "name": "dom-serializer", + "version": "1.4.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "author": "Felix Boehm", + "description": "render domhandler DOM nodes to a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dom-serializer@1.4.1", + "externalReferences": [ + { + "url": "git://github.com/cheeriojs/dom-renderer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/cheeriojs/dom-renderer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "547c01dca7eb70e3a47a5106d9939fc6a2d975f92297c3ed262e0ff0dd8c317b9c66adb22e9ef90a5562525395c32a071038d8538df702afb9cd63fad7e4466a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "3.0.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@3.0.1", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5a2c81aa8a26af031d146d5ed24aaf01261f9e56f4969f0ce68e45c36385ab584d671c5c364f089345e6ecbc73061ba2767641fd4b41a950a0533de404e3f9d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest@28.1.3#packages/jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest/-/jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "378193e689fc5246601f43b92d46af3115751031213532f42847d198321e647495ee9d9780ba18f6df550d480bea8fb27dd8181d5c6ecfcd46f2807d546e6ec8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/core@28.1.3#packages/jest-core", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/core/-/core-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "088281ae568a3b303b606d7d044a82c3748b22c1308d991e2737f96dda285675b86c7e5c92da9edc95fe1b6615d5a2b9bcff0df676b5206585cd8693a7a93a34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/core" + } + ] + }, + { + "type": "library", + "name": "console", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/console@28.1.3#packages/jest-console", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-console", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/console/-/console-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "40f0243f913029d2bf6f122be82d48e15b34ae6da71e200dce3fd9e57d89424ad9a3a22abc2e25759f4af79b45d0776276103c068e9e8314b35053d829c1172f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/console" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/types@28.1.3#packages/jest-types", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/types/-/types-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4728e2c8c519acacff73ece53053b5a66ef40dc225493f007964e4a147597af7b0e38c1c359407b0454e88256d8159e51450fcd853da5f2732b39f1c7f69ae55" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/types" + } + ] + }, + { + "type": "library", + "name": "jest-message-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-message-util@28.1.3#packages/jest-message-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-message-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3c5767f487b06ede7be7328f7f5dbce87b7d10fa099984fb3f4918f9189b7986765ed3abe77a432c41684d65db7758782621a25a94c10bce1f73cc4c5d031bee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-message-util" + } + ] + }, + { + "type": "library", + "name": "jest-util", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-util@28.1.3#packages/jest-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-util/-/jest-util-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5dda9fa47c29712464a3f0b7e6e2d814cd9e991025b4820a66227d7809a18ec8f40aa64c6b4a7589bd11e5f588a86867d5ad74dc379b4dba6a21a3f5a8243ab5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-util" + } + ] + }, + { + "type": "library", + "name": "reporters", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "description": "Jest's reporters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/reporters@28.1.3#packages/jest-reporters", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-reporters", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/reporters/-/reporters-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "26e032ef093141954d53f57a83dc4acc2182e4b557c7d14370004ab125e9e4c88a3c4136d78e1afef5d3103a32ce352964a7d5c29d3c5aa83903859f4cc0338e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/reporters" + } + ] + }, + { + "type": "library", + "name": "test-result", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-result@28.1.3#packages/jest-test-result", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-result", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-result/-/test-result-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "919024c67484f85a84f188d6f2036ea159240bd23b4b5aa67a797cb0670338bae8a4048ff8191c18ac215e8caa42e18e19e618d32fe2c63addfe2111a445c736" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-result" + } + ] + }, + { + "type": "library", + "name": "transform", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/transform@28.1.3#packages/jest-transform", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-transform", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/transform/-/transform-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bb9753e5d8bea0523a85f70b38719301f994c4546b8cafaf9da3f4924568c3d31dfcced5fccc6a40c3b3fd5576e5464ef29cde03d3e37d3a4ebba043bb048f40" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/transform" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "jest-worker", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-worker@28.1.3#packages/jest-worker", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-worker", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-worker/-/jest-worker-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0aa440db6d1857fea30a8f155af02dd4a2b1e9e7a4d5520730f78b11ba5c7d27e411e5b204da69ca733fa3aabe5a6c3eb0e868b369a5df8c196d25f71b5dfffe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-worker" + } + ] + }, + { + "type": "library", + "name": "convert-source-map", + "version": "1.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "author": "Thorsten Lorenz", + "description": "Converts a source-map from/to different formats and allows adding/changing properties.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/convert-source-map@1.9.0", + "externalReferences": [ + { + "url": "git://github.com/thlorenz/convert-source-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/thlorenz/convert-source-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "012141ba9d0ccf5bb28888c035a9f58f32d06a68bdcf53e86126428a2616d857333db7a75dce3915974164bcce4feafafa2722b8432876d982b62fa18da024d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/convert-source-map" + } + ] + }, + { + "type": "library", + "name": "jest-haste-map", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-haste-map@28.1.3#packages/jest-haste-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-haste-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dd2f914160d771c5c32925a79076bf74fc2dfb6ab003c089cd1eb5c37168602be8a373e7f2dbc6732b26305d018f4117e5162f008d8422f0b9ece9a8b5f76d28" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-haste-map" + } + ] + }, + { + "type": "library", + "name": "jest-regex-util", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-regex-util@28.0.2#packages/jest-regex-util", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-regex-util", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e2cd08832348cb4cbd14af9c8e8558a316a64fb65ea3b321cea446c7b6036266909f5c2e718f6ba2d886901cf370c5d3b63ac200ffdfedff84d05efe7f13cd77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-regex-util" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "jest-changed-files", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-changed-files@28.1.3#packages/jest-changed-files", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-changed-files", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7ac68e7d45895e4da77d9b7d48fc82f2003590d7dd28b9105b2cec325aaaf26b184a534a7e66717d18199f809de0c195505fbbbfa741b347794ce00a6bb88888" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-changed-files" + } + ] + }, + { + "type": "library", + "name": "jest-config", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-config@28.1.3#packages/jest-config", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-config/-/jest-config-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "306dc836307227427802c3419bb4f786cbb1290a85222468fc052a6f5abd2d1288e5453a01aafd2476ebf48be7d535707d40fd2a2ad1a0cfd3eaef1795c40f1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-config" + } + ] + }, + { + "type": "library", + "name": "test-sequencer", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/test-sequencer@28.1.3#packages/jest-test-sequencer", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-test-sequencer", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "34830f12aa9ae7d3169c38b592f5d7a586eab1f426489b086e777ce667551a48837d0f564104d738bb2f21251fa279a7053fb0f395848277828a01047470c5c7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/test-sequencer" + } + ] + }, + { + "type": "library", + "name": "babel-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "description": "Jest plugin to use babel for transformation.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-jest@28.1.3#packages/babel-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-jest/-/babel-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a951a3ce116324ddc597d0cfec3ef0871c27bd7cc1406bff615c480a3fc9c57cd97f8e51a413db9cabd36a9191972c376e089612d14bd294f5300b44beac7e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-jest" + } + ] + }, + { + "type": "library", + "name": "jest-circus", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-circus@28.1.3#packages/jest-circus", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-circus", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-circus/-/jest-circus-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "719f9e4b9cdcefd301c2df88850862129d0e78175da5cd67f0c068d67301f00ee83cc2843be4ab7bec0768b25ec50523f586bff0d3816344444948188c1e9fa3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-circus" + } + ] + }, + { + "type": "library", + "name": "environment", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/environment@28.1.3#packages/jest-environment", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/environment/-/environment-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d5b7f8d1c3054c490ac847f9f3947d233d566b20e31e81eabedb345c5604ab228cddc1560e978ca2a28a4c017d2d261032874f52587c14aa6da0cd9870c5805c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/environment" + } + ] + }, + { + "type": "library", + "name": "expect", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect@28.1.3#packages/jest-expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "97373c0a951b4a813876a4f453e835a8e0d08c14473e908f5e2b2c5c3e264bdfac5907669a9789f73487d6b4b51c492bb0c3747dbee72ab27d822011d5ddf007" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect" + } + ] + }, + { + "type": "library", + "name": "expect", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/expect@28.1.3#packages/expect", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/expect/-/expect-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "784874c67f0796cb8e07116022cb3eda65fce55012e10cb739292357bae5056963b40e28587dfb825546c8e65266f12b0d3ff2072c1974f1b0097b93bd21bce6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/expect" + } + ] + }, + { + "type": "library", + "name": "jest-snapshot", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-snapshot@28.1.3#packages/jest-snapshot", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-snapshot", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e25ccc82d88d95cdc353ff2565f9aac4ddc0603e8618b6e5fbbdab741a57bdc57ec215fb983ad113390f769d919e67c8896060d586ee15291776e17625c69f26" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-snapshot" + } + ] + }, + { + "type": "library", + "name": "dedent", + "version": "0.7.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "author": "Desmond Brand", + "description": "An ES6 string tag that strips indentation from multi-line strings", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/dedent@0.7.0", + "externalReferences": [ + { + "url": "git://github.com/dmnd/dedent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dmnd/dedent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dmnd/dedent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "43a7ca50faa7007032862520154ec15332e2bf491df2c687f5a97bb67bb943fa248fa767ba9c724e01480635732404dd7c8026f4d02cbd73738da29af9bc55c8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dedent" + } + ] + }, + { + "type": "library", + "name": "jest-each", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "author": "Matt Phillips", + "description": "Parameterised tests for Jest", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-each@28.1.3#packages/jest-each", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-each", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-each/-/jest-each-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6ab4f5cf8b20db2001539ba880e6d53ef4a548c4250c0e3ca30c74ec10cf0226ac5b4c98a581d83a8e071cbcfdab4055cc3554e2120b163cc9c344a8f5a08bfe" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-each" + } + ] + }, + { + "type": "library", + "name": "jest-get-type", + "version": "28.0.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "description": "A utility function to get the type of a value", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-get-type@28.0.2#packages/jest-get-type", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-get-type", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-28.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8a88f6c3dfc3c526077ce9b994928275c0263c9cd05e66ccfd4ae5deb865821acfbd3dedb7eedaffea1773d6b390a98bbe88978ed57cddb116aa2fafb399e53c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-get-type" + } + ] + }, + { + "type": "library", + "name": "pretty-format", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "author": "James Kyle", + "description": "Stringify any JavaScript value.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/pretty-format@28.1.3#packages/pretty-format", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/pretty-format", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/pretty-format/-/pretty-format-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f2015bfd3a343a6c4747df994dbd780dfdaf371746097f20d71586513a94c394e266f7107f9b0728e6dde5470fc8b2f2a303700c03131775d6386d41ea6c65d5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/pretty-format" + } + ] + }, + { + "type": "library", + "name": "jest-matcher-utils", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "description": "A set of utility functions for expect and related packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-matcher-utils@28.1.3#packages/jest-matcher-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-matcher-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "910789eea1de98a7dbccaa068c71eb44a1fa6ad831324f049e493688f4375f03baa04fca603f253183b388291e481f46e1a74f3389d1d4313c4dfe497961fa07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-matcher-utils" + } + ] + }, + { + "type": "library", + "name": "jest-runtime", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runtime@28.1.3#packages/jest-runtime", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runtime", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "354fbcf3549c05040b7352471b9789194ed48b790b2ab9b008f3ed62c26d072922c6b3363a15509693261562633320df7641a004c3635c2181fde6f3b2034643" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runtime" + } + ] + }, + { + "type": "library", + "name": "jest-environment-node", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-environment-node@28.1.3#packages/jest-environment-node", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-environment-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba03fa5ce844a6300484662fa795e3f7cf67b39701d4ae99763058b92df4ba64f80901044dac5288f719fc4d64164b57e0692b70ce2abb4ec82250d85f5829f8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-environment-node" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/fake-timers@28.1.3#packages/jest-fake-timers", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-fake-timers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ffc0e90bd8f387bf9da1fa89393a3ff580e1bd1d2cb07683ed16c44252694220b5cd9f97885a67277770c88969499e91af42d99a8ea04ff79122d048a6c5f2f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/fake-timers" + } + ] + }, + { + "type": "library", + "name": "jest-mock", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-mock@28.1.3#packages/jest-mock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-mock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-mock/-/jest-mock-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a372768ebe9d30c598547e0b87f34a9835dda2caec2608b802f892f285cbba3723a423016f514cb1b9439ce5ca64a7d28872f162e6f5792d081ee457b22a3d78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-mock" + } + ] + }, + { + "type": "library", + "name": "jest-resolve", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve@28.1.3#packages/jest-resolve", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6755b7b538c4e9068d23dd2aa3f049a5f9efa71b5a153170e420e0c29c84fcacfc53fd3a3751e37f889af6ab94842877f6a206585d59bb1162062250c1211829" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve" + } + ] + }, + { + "type": "library", + "name": "jest-runner", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-runner@28.1.3#packages/jest-runner", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-runner", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-runner/-/jest-runner-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a4330e03ff451277ad8e54ed281208e7db74ccf9825ad94d96bb9cf3f71b1007533158a0ce96b9f290fc6732c374b6726595f2cf8a71d391aeb5bb44216b104" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-runner" + } + ] + }, + { + "type": "library", + "name": "jest-validate", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-validate@28.1.3#packages/jest-validate", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-validate", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-validate/-/jest-validate-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4996ce181584b1a4f104608ea6c45695796f364bd3918d17c517e1ef3626bddf2e2f9433ca0d021c05e25ca44e7e587cd35aae03afbf0ec4f83830ed84e0bf38" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-validate" + } + ] + }, + { + "type": "library", + "name": "jest-resolve-dependencies", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-resolve-dependencies@28.1.3#packages/jest-resolve-dependencies", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-resolve-dependencies", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9ad103b64345f342834fa2e31b09cec1bedb1e9bc7908153cd9309fd2e74be4769fc0da5433cbfd4d609e00b42d39754585c9534b896b604c0b60db4df16b1c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-resolve-dependencies" + } + ] + }, + { + "type": "library", + "name": "resolve.exports", + "version": "1.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "author": "Luke Edwards", + "description": "A tiny (813b), correct, general-purpose, and configurable \"exports\" resolver without file-system reliance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve.exports@1.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/lukeed/resolve.exports.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/lukeed/resolve.exports/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve.exports/-/resolve.exports-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fcdb691cd0cdee35a101a43d06f054619e984d7b110607ea58558fec16416a83093bf2371b9385cef4ee58d9590b768f8e29ecd45f9336b2cab066c7e2b7ec45" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/resolve.exports" + } + ] + }, + { + "type": "library", + "name": "emittery", + "version": "0.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "author": "Sindre Sorhus", + "description": "Simple and modern async event emitter", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emittery@0.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/emittery.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/emittery#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/emittery/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/emittery/-/emittery-0.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6884ea3b09cb6a7a472cd5d924435b3a08d405e1e8703fb1b1226636b8e8bca056e476d2a56dddd69125b3b18540f5165e2c06f7ed0fe06b477c4a82ff833423" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/emittery" + } + ] + }, + { + "type": "library", + "name": "jest-docblock", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-docblock@28.1.1#packages/jest-docblock", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-docblock", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "df06b2055362398c7473001b97daf09b990a14ff321c7dddfdf90468bd3634f4e40e88cfb6178607b1d9485638c335fe0f1cabbe15f3d0a482564b260a49c2b8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-docblock" + } + ] + }, + { + "type": "library", + "name": "jest-leak-detector", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-leak-detector@28.1.3#packages/jest-leak-detector", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-leak-detector", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58554986742c88ab43128e651b698cd2fe344169c133eccc7471f226cf00599ec9d106494b9f4cb3229e2475a1a416411f7d92e3c14e56f1b23854f58740e5a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-leak-detector" + } + ] + }, + { + "type": "library", + "name": "jest-watcher", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-watcher@28.1.3#packages/jest-watcher", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-watcher", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b78a9caa3f61cdefa3be214f50ddd802d0047859ebfdacc84d740430045fe5c330298d923014670904d72e2c53976d0e47a98b87d28b32b8152602484b29bed6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-watcher" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "9.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@9.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "04f4b8ca7256fe8f763d4478c20ae2cf651de60a524f9bf3e8641f322c440cad19f19094bf633b4a404bca41f9e93fbe5ecfbc967f734c66cebcd1887b4dbf8f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/fake-timers" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "1.8.6", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@1.8.6", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2b2f9790092a3d94a6dcd2c17949e0efb101425ddc99e2612136861dd607f248d507e6ae9f74b85c146d8b6cedd7b9adb7498850388dc587a8266e9dad5bc125" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinonjs/commons" + } + ] + }, + { + "type": "library", + "name": "globals", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/globals@28.1.3#packages/jest-globals", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-globals", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/globals/-/globals-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5c55383f8a61cabc825eed696dca8c3b419241c61ed48b1a958083cd137285eb727b2c4c708c5ad75a8f343a5534b7ab7ad22d36a126618427d54633ff9c7534" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/globals" + } + ] + }, + { + "type": "library", + "name": "source-map", + "group": "@jest", + "version": "28.1.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/source-map@28.1.2#packages/jest-source-map", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-source-map", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/source-map/-/source-map-28.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "715f0bc7705e4ad25bf22a4f1e7a95c3f20cd9508c58eddcad6673628752224c579d1717262a42771d4908ad0ae4cb09268b994131fbde6cdfe2f83145a1fdc3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/source-map" + } + ] + }, + { + "type": "library", + "name": "expect-utils", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/expect-utils@28.1.3#packages/expect-utils", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/expect-utils", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c2f6e2f4b52b1c92e7dcd9435bac05da1bc832d77825497640d56b8eaf880521e2ae07eb477a3d46756dc7374418eda7f49c885b01e72df6f2e4acea04683660" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/expect-utils" + } + ] + }, + { + "type": "library", + "name": "jest-diff", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-diff@28.1.3#packages/jest-diff", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-diff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-diff/-/jest-diff-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f11a8fd41fce5f38e34d692a317ebb8aa830055251802c8a0f72fd9eafba66a24c76f8c4f1180792da99ea336b91d313f9d26e60d237ae1429c5acfb76b2477f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-diff" + } + ] + }, + { + "type": "library", + "name": "diff-sequences", + "version": "28.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "description": "Compare items in two sequences to find a longest common subsequence", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/diff-sequences@28.1.1#packages/diff-sequences", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/diff-sequences", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-28.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "154d2215a1ff136ddaf9aef5f25f106bfd7d6c5f69d3a9201342a2a4c38c69dc1add28e768494accf6940b4be789bb3afc1ffd9e2f7bb3ad6671e8e4f16d5f43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/diff-sequences" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "schemas", + "group": "@jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jest/schemas@28.1.3#packages/jest-schemas", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-schemas", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jest/schemas/-/schemas-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fe5fd55ac76dfda057823b212d6385c85b77215758ca9bb9cb65a7dab38ed6e9fa9e4a889fc48b5f38083185c5c98b11583c85e44b6198a24c21d26f934f20ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@jest/schemas" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "typebox", + "group": "@sinclair", + "version": "0.24.51", + "bom-ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51", + "author": "sinclairzx81", + "description": "JSONSchema Type Builder with Static Type Resolution for TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40sinclair/typebox@0.24.51", + "externalReferences": [ + { + "url": "git+https://github.com/sinclairzx81/typebox.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinclairzx81/typebox/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.24.51.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d4fd4e44e9bfaddb9b3f96850d265020b534beb2c22787ef1ede84a2a1c433ed83fc6e4c2b76c86b299428b8adf09b3d81b9ece54c899e43ff4d944e2f0e2d50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/@sinclair/typebox" + } + ] + }, + { + "type": "library", + "name": "jest-cli", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "description": "Delightful JavaScript Testing.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jest-cli@28.1.3#packages/jest-cli", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/jest-cli", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://jestjs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jest-cli/-/jest-cli-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae863792faefe7b0339f5c8f81d4de6cf017bdd476c5f7b368a298cd5c59e88b7fe4d0b1cc9ca6ead508e4fd7391d5a17d4624c4423db9959c41d6852e8f2625" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/jest-cli" + } + ] + }, + { + "type": "library", + "name": "ts-jest", + "version": "28.0.8", + "bom-ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "author": "Kulshekhar Kabra", + "description": "A Jest transformer with source map support that lets you use Jest to test projects written in TypeScript", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-jest@28.0.8", + "externalReferences": [ + { + "url": "git+https://github.com/kulshekhar/ts-jest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://kulshekhar.github.io/ts-jest", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kulshekhar/ts-jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-jest/-/ts-jest-28.0.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e45686d255e644fcc0a62c7ca051bc44a8c0cf87a1b66f3230a393cb91d7ddf63a5bc926bceae6718d212831255b9d85268bfe7258546eb280aa87e78f89974e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/ts-jest" + } + ] + }, + { + "type": "library", + "name": "babel-preset-jest", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-preset-jest@28.1.3#packages/babel-preset-jest", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-preset-jest", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2fe7eea49be55801db41f9fbe1ca0d5f7cdfeb42d7309b1eccdbefc7c78887b88e47596e275a68c5881093517c3d8b4dabfe903830c70aab129d3152582e3dd4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-preset-jest" + } + ] + }, + { + "type": "library", + "name": "babel-plugin-jest-hoist", + "version": "28.1.3", + "bom-ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/babel-plugin-jest-hoist@28.1.3#packages/babel-plugin-jest-hoist", + "externalReferences": [ + { + "url": "git+https://github.com/facebook/jest.git#packages/babel-plugin-jest-hoist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/facebook/jest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/facebook/jest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-28.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "62cded50a0267e79115293dda5af7c798ac04749d5fac4855196441ae43611b15dd72e1238bb43e500cd1c0abe6dbf5af9b6d7bd8402e1bf880ff4c720c714e9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/babel-plugin-jest-hoist" + } + ] + }, + { + "type": "library", + "name": "typescript", + "version": "4.9.5", + "bom-ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "author": "Microsoft Corp.", + "description": "TypeScript is a language for application scale JavaScript development", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/typescript@4.9.5", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/TypeScript.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d455e4f44d879be433650ef3f8c7098872f8356d45d84cccbbd36af62df301a1aa89b69fa98c02554e96c9602ec90451cce971a2ef31652c972c437ca0a8f6e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/typescript" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "yaml", + "version": "1.10.2", + "bom-ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2", + "author": "Eemeli Aro", + "description": "JavaScript parser and stringifier for YAML", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yaml@1.10.2", + "externalReferences": [ + { + "url": "git+https://github.com/eemeli/yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eemeli.org/yaml/v1/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eemeli/yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "af7bd7c84ad109827bc20dbccaf058e554a8005f19be5716f7f07053312d52c8ef5ff0cab36e1d224bb08edba9af02491ec6f251b2c0a5ea584d1d41378b87ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/yaml" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "chalk@4.1.2|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/chalk/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "glob@7.2.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "glob@7.2.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/glob/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/core@7.24.4|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/core/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/istanbul-lib-report/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/supports-hyperlinks/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "istanbul-lib-instrument", + "version": "5.2.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "author": "Krishnan Anantheswaran", + "description": "Core istanbul API for JS code coverage", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/istanbul-lib-instrument@5.2.1#packages/istanbul-lib-instrument", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/istanbuljs/istanbuljs.git#packages/istanbul-lib-instrument", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://istanbul.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/istanbuljs/istanbuljs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-5.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a73aada77d672effd714ecd71aebe109bf2a863993568e6f8d5935f571380919525b3d0aa1e2776f0f57b00ee73a9f5805fe2a1e3c01c640f329c304fc9dbd62" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/istanbul-lib-instrument" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/babel-plugin-istanbul/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "2.0.0", + "bom-ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "529cdc2c25e895459c36ee47b5530761d5c98c0ae3b05f42d1a367aae658638b96fd5bb49a2cb96285af6d5df8e476ae56f700527a51ba130c72a4dc18e636fb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/stack-utils/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "2.5.2", + "bom-ref": "@babel/generator@7.24.4|jsesc@2.5.2", + "author": "Mathias Bynens", + "description": "Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsesc@2.5.2", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "398bbb5c4ce39024370b93ecdd0219b107cda6aa09c99640f7dc1df5a59dd39342b42e6958e91284ada690be875d047afc2cb695b35d3e5641a6e4075c4eb780" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/generator/node_modules/jsesc" + } + ] + }, + { + "type": "library", + "name": "globals", + "version": "11.12.0", + "bom-ref": "@babel/traverse@7.24.1|globals@11.12.0", + "author": "Sindre Sorhus", + "description": "Global identifiers from different JavaScript environments", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globals@11.12.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globals.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globals#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globals/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "58e069fc410652222c252a7bc1cbffcba30efa557d5289dc5aac6e15f9bc781c3358d8327c177a1b3f8878a43d8c29b28681fdf60d793374fe41a5471638b354" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/traverse/node_modules/globals" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "yargs@17.7.2|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.12", + "bom-ref": "js-beautify@1.15.1|glob@10.3.12", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.12", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-10.3.12.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4c236ff2f27ec73e108aa4e97ce240ec7bd8bfeb4d2111ca7d45b0feafafda376037879bcfe298f6d1b1e49e2b1cfd28f3898d3fe0291fae87457f2eb372a1aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/glob" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.0.4", + "bom-ref": "js-beautify@1.15.1|minipass@7.0.4", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d8a1f2cce436a6f76efdadd916cea1e8cd4a38c9b8dd6660ac0c778fcb957f3db05c54c892651f7b826032e396aa8bc08ad651b6102777e7a154f3a6af7f051" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/js-beautify/node_modules/minipass" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.1", + "bom-ref": "editorconfig@1.0.4|minimatch@9.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d235a12690ff31d84f5f03ee8919026df61f48aa76aa79f678e736efda88edffa8b25fe5fa9aca4abbe1835e7bcd262fc7fd679a09f636a753ea4d99ef3487f7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/editorconfig/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/core@3.26.9|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/core@3.26.9|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@oclif/core@3.26.9|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@oclif/core@3.26.9|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/core/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "is-arrayish", + "version": "0.3.2", + "bom-ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2", + "author": "Qix", + "description": "Determines if an object can be used as an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-arrayish@0.3.2", + "externalReferences": [ + { + "url": "git+https://github.com/qix-/node-is-arrayish.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/qix-/node-is-arrayish/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.3.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "79546a0af56565bbb0dc6acceb7a2f352340780d4ad7a91a47f2d163ff76c34cf1439ff5633c1b9545fae768b85ecf51c001a35bd77dcba5fcf2df0e68025f59" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/simple-swizzle/node_modules/is-arrayish" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "jake@10.8.7|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "jake@10.8.7|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jake/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.1.6", + "bom-ref": "filelist@1.0.4|minimatch@5.1.6", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.1.6", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "94ac15ff56eba46ea6054147b5becd526b400426f65996669b6c0d88e0398406fc55d092e01dddb4c5b2bdca1589c730016fc23844635cbb74ccfd735d4376ea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/filelist/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.13", + "bom-ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.13", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.13.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ba0f02654089a6181eb5265581de07420c9ec256151861b52c87855c6c63818b2367f7f92379d20a3ef1a403040ea8d50ff970992ba3b55c1aeedbc480b1880b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-9.4.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54bfa536b128217c30d5ca0b3ce9a21262bfd2c1a2824a3908ec48d3d2b31dcd9525726c437ed4690fbcaaebb18c3780efe2a72c64d647239748b2d1d966f88f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-help/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/debug/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-package-arg/-/npm-package-arg-11.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "206374200c26843270cb5dd673c93ee0f11b4cf86926732d7d1e7765b3b28e4be611c2d2e270b0a7a9af3168d2e6c5237a25b79a9c7a7079ae84a12ef5799c43" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-package-arg" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83cf8e9d4fcbdaffb0ca254af83e5f037e09ec41fc8d9f030e5bf085108cc66323ed4081bf188ed6619e37edfa25720a178cdebd4e2444177c955806f6f2de94" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/proc-log" + } + ] + }, + { + "type": "library", + "name": "npm-run-path", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "author": "Sindre Sorhus", + "description": "Get your PATH prepended with locally installed binaries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/npm-run-path@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/npm-run-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/npm-run-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a69c13b62259ab43bf6a2d33ef27ee76d069588a3133cc84ea71e2d57e3b785476116391a9f6eee829cf94db2378debcdde4f4a86e87fcfc9ff5f09cbe39e79d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path" + } + ] + }, + { + "type": "library", + "name": "object-treeify", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "author": "Lukas Siemon", + "description": "Stringify Object as tree structure", + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "MIT", + "url": "https://github.com/blackflux/object-treeify/blob/master/LICENSE" + } + } + ], + "purl": "pkg:npm/object-treeify@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/blackflux/object-treeify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/blackflux/object-treeify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/blackflux/object-treeify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/object-treeify/-/object-treeify-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "63ab60e6b1dfb1e7d291f2ae8efd92c07ba522744ecbfac22f9178c3440e5b1badf009f16317f46263614e1f7965fcb1a6cb9da3aeaeaa4bb1d000859f231281" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/object-treeify" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a5698c846f4ec33f16022a12b3a65096049b6fc5971932b2fee1492b4d22471cfc99538998613bf7a9a39eefb1fb10e0cb492a2901414073a5bc538caabec72" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2e907fe7807eff627986a43b8a66477dd537d4e96042ac7b6627159649bd93383dff0f0628b11c15f265fedec30840ee78ec81003eb3082c133ba173b3436811" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/isexe" + } + ] + }, + { + "type": "library", + "name": "yarn", + "version": "1.22.22", + "bom-ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22", + "description": "📦🐈 Fast, reliable, and secure dependency management.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/yarn@1.22.22", + "externalReferences": [ + { + "url": "git+https://github.com/yarnpkg/yarn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yarnpkg/yarn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yarnpkg/yarn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yarn/-/yarn-1.22.22.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/yarn" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "hosted-git-info@7.0.2|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f61a77569dbf845414888c0aa3c5c2785567ae0f0f9374d834f211eed2400ca8b961f705eef11a2bb6af1474e54b2de438a61a25069a95f128e98b9775c78139" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/hosted-git-info/node_modules/lru-cache" + } + ] + }, + { + "type": "library", + "name": "string-locale-compare", + "group": "@isaacs", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "author": "Isaac Z. Schlueter", + "description": "Compare strings with Intl.Collator if available, falling back to String.localeCompare otherwise", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/string-locale-compare@1.1.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/string-locale-compare.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/string-locale-compare.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/string-locale-compare/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/string-locale-compare" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arborist", + "group": "@npmcli", + "version": "7.5.2", + "bom-ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "author": "GitHub Inc.", + "description": "Manage node_modules trees", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/arborist@7.5.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/arborist", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/arborist", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/arborist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs", + "group": "@npmcli", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "author": "GitHub Inc.", + "description": "filesystem utilities for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/fs@3.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "installed-package-contents", + "group": "@npmcli", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "author": "GitHub Inc.", + "description": "Get the list of files installed in a package in node_modules, including bundled dependencies", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/installed-package-contents@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/installed-package-contents.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/installed-package-contents.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/installed-package-contents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/installed-package-contents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/installed-package-contents" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-bundled", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-bundled@3.0.1", + "author": "GitHub Inc.", + "description": "list things in node_modules that are bundledDependencies, or transitive dependencies thereof", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-bundled@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-bundled.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-bundled.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-bundled#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-bundled/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-bundled" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-normalize-package-bin", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "author": "GitHub Inc.", + "description": "Turn any flavor of allowable package.json bin into a normalized object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-normalize-package-bin@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-normalize-package-bin.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-normalize-package-bin.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-normalize-package-bin/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-normalize-package-bin" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "map-workspaces", + "group": "@npmcli", + "version": "3.0.6", + "bom-ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "author": "GitHub Inc.", + "description": "Retrieves a name:pathname Map for a given workspaces config", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/map-workspaces@3.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/map-workspaces.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/map-workspaces.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/map-workspaces#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/map-workspaces/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/map-workspaces" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "metavuln-calculator", + "group": "@npmcli", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "author": "GitHub Inc.", + "description": "Calculate meta-vulnerabilities from package security advisories", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/metavuln-calculator@7.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/metavuln-calculator.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/metavuln-calculator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/metavuln-calculator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/metavuln-calculator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cacache", + "version": "18.0.3", + "bom-ref": "npm@10.8.0|cacache@18.0.3", + "author": "GitHub Inc.", + "description": "Fast, fault-tolerant, cross-platform, disk-based, data-agnostic, content-addressable cache.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cacache@18.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cacache.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cacache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cacache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cacache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cacache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-parse-even-better-errors", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "author": "GitHub Inc.", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-even-better-errors@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/json-parse-even-better-errors.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/json-parse-even-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/json-parse-even-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-parse-even-better-errors" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "pacote", + "version": "18.0.6", + "bom-ref": "npm@10.8.0|pacote@18.0.6", + "author": "GitHub Inc.", + "description": "JavaScript package downloader", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/pacote@18.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/pacote.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/pacote.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/pacote#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/pacote/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/pacote" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|proc-log@4.2.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "7.6.2", + "bom-ref": "npm@10.8.0|semver@7.6.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@7.6.2?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/semver" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "name-from-folder", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "author": "GitHub Inc.", + "description": "Get the package name from a folder path", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/name-from-folder@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/name-from-folder.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/name-from-folder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/name-from-folder#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/name-from-folder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/name-from-folder" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "group": "@npmcli", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "author": "GitHub Inc.", + "description": "Tools for dealing with node-gyp packages", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/node-gyp@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-gyp.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "package-json", + "group": "@npmcli", + "version": "5.1.0", + "bom-ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "author": "GitHub Inc.", + "description": "Programmatic API to update package.json", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/package-json@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "query", + "group": "@npmcli", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|@npmcli/query@3.1.0", + "author": "GitHub Inc.", + "description": "npm query parser and tools", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/query@3.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/query.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/query.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/query#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/query/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/query" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "postcss-selector-parser", + "version": "6.0.16", + "bom-ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/postcss-selector-parser@6.0.16?vcs_url=git%2Bhttps%3A//github.com/postcss/postcss-selector-parser.git", + "externalReferences": [ + { + "url": "git+https://github.com/postcss/postcss-selector-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/postcss/postcss-selector-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/postcss-selector-parser" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cssesc", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|cssesc@3.0.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping CSS strings and identifiers while generating the shortest possible ASCII-only output.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cssesc@3.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/cssesc.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/cssesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/cssesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/cssesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cssesc" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-deprecate", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|util-deprecate@1.0.2", + "author": "Nathan Rajlich", + "description": "The Node.js `util.deprecate()` function with browser support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/util-deprecate@1.0.2?vcs_url=git%3A//github.com/TooTallNate/util-deprecate.git", + "externalReferences": [ + { + "url": "git://github.com/TooTallNate/util-deprecate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/util-deprecate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/util-deprecate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "redact", + "group": "@npmcli", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@npmcli/redact@2.0.0", + "author": "GitHub Inc.", + "description": "Redact sensitive npm information from output", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/redact@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/redact.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/redact.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/redact#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/redact/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/redact" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "run-script", + "group": "@npmcli", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "author": "GitHub Inc.", + "description": "Run a lifecycle script for a package (descendant of npm-lifecycle)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/run-script@8.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/run-script.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/run-script.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/run-script#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/run-script/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/run-script" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bin-links", + "version": "4.0.4", + "bom-ref": "npm@10.8.0|bin-links@4.0.4", + "author": "GitHub Inc.", + "description": "JavaScript package binary linker", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/bin-links@4.0.4?vcs_url=git%2Bhttps%3A//github.com/npm/bin-links.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/bin-links.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/bin-links#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/bin-links/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/bin-links" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cmd-shim", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|cmd-shim@6.0.3", + "author": "GitHub Inc.", + "description": "Used in npm for command line application support", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cmd-shim@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-cmd-shim", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|read-cmd-shim@4.0.0", + "author": "GitHub Inc.", + "description": "Figure out what a cmd-shim is pointing at. This acts as the equivalent of fs.readlink.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-cmd-shim@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/read-cmd-shim.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-cmd-shim.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-cmd-shim/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-cmd-shim" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "write-file-atomic", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|write-file-atomic@5.0.1", + "author": "GitHub Inc.", + "description": "Write files in an atomic fashion w/configurable ownership", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/write-file-atomic@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/write-file-atomic.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/write-file-atomic.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/write-file-atomic", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/write-file-atomic/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/write-file-atomic" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "common-ancestor-path", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|common-ancestor-path@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Find the common ancestor of 2 or more paths on Windows or Unix", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/common-ancestor-path@1.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/common-ancestor-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/common-ancestor-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/common-ancestor-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/common-ancestor-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|hosted-git-info@7.0.2", + "author": "GitHub Inc.", + "description": "Provides metadata and conversions from repository urls for GitHub, Bitbucket and GitLab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-stringify-nice", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|json-stringify-nice@1.1.4", + "author": "Isaac Z. Schlueter", + "description": "Stringify an object sorting scalars before objects, and defaulting to 2-space indent", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/json-stringify-nice@1.1.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/json-stringify-nice.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/json-stringify-nice.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/json-stringify-nice/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/json-stringify-nice" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "lru-cache", + "version": "10.2.2", + "bom-ref": "npm@10.8.0|lru-cache@10.2.2", + "author": "Isaac Z. Schlueter", + "description": "A cache object that deletes the least-recently-used items.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/lru-cache@10.2.2?vcs_url=git%3A//github.com/isaacs/node-lru-cache.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-lru-cache.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-lru-cache/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/lru-cache" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "9.0.4", + "bom-ref": "npm@10.8.0|minimatch@9.0.4", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@9.0.4?vcs_url=git%3A//github.com/isaacs/minimatch.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "nopt", + "version": "7.2.1", + "bom-ref": "npm@10.8.0|nopt@7.2.1", + "author": "GitHub Inc.", + "description": "Option parsing for Node, supporting types, shorthands, etc. Used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/nopt@7.2.1?vcs_url=git%2Bhttps%3A//github.com/npm/nopt.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/nopt.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/nopt#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/nopt/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/nopt" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-install-checks", + "version": "6.3.0", + "bom-ref": "npm@10.8.0|npm-install-checks@6.3.0", + "author": "GitHub Inc.", + "description": "Check the engines and platform fields in package.json", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-install-checks@6.3.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-install-checks.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-install-checks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-install-checks#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-install-checks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-install-checks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-package-arg", + "version": "11.0.2", + "bom-ref": "npm@10.8.0|npm-package-arg@11.0.2", + "author": "GitHub Inc.", + "description": "Parse the things that can be arguments to `npm install`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-package-arg@11.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-package-arg.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-package-arg.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-package-arg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-package-arg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-package-arg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-pick-manifest", + "version": "9.0.1", + "bom-ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "author": "GitHub Inc.", + "description": "Resolves a matching manifest from a package metadata document according to standard npm semver resolution rules.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-pick-manifest@9.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-pick-manifest.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-pick-manifest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-pick-manifest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-pick-manifest" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-registry-fetch", + "version": "17.0.1", + "bom-ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "author": "GitHub Inc.", + "description": "Fetch-based http client for use with npm registry APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-registry-fetch@17.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-registry-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-registry-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-registry-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-registry-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-conflict-json", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "author": "GitHub Inc.", + "description": "Parse a JSON string that has git merge conflicts, resolving if possible", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/parse-conflict-json@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/parse-conflict-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/parse-conflict-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/parse-conflict-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/parse-conflict-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proggy", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|proggy@2.0.0", + "author": "GitHub Inc.", + "description": "Progress bar updates at a distance", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proggy@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proggy.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proggy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proggy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proggy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/proggy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-all-reject-late", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-all-reject-late@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like Promise.all, but save rejections until all promises are resolved", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-all-reject-late@1.0.1", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-all-reject-late" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-call-limit", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|promise-call-limit@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Call an array of promise-returning functions, restricting concurrency to a specified limit.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-call-limit@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/promise-call-limit.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/promise-call-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/promise-call-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-call-limit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read-package-json-fast", + "version": "3.0.2", + "bom-ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "author": "GitHub Inc.", + "description": "Like read-package-json, but faster", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read-package-json-fast@3.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/read-package-json-fast.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read-package-json-fast.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read-package-json-fast/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read-package-json-fast" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ssri", + "version": "10.0.6", + "bom-ref": "npm@10.8.0|ssri@10.0.6", + "author": "GitHub Inc.", + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ssri.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ssri#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ssri/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ssri" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "treeverse", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|treeverse@3.0.0", + "author": "GitHub Inc.", + "description": "Walk any kind of tree structure depth- or breadth-first. Supports promises and advanced map-reduce operations with a very small API.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/treeverse@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/treeverse.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/treeverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/treeverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/treeverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/treeverse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "walk-up-path", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|walk-up-path@3.0.1", + "author": "Isaac Z. Schlueter", + "description": "Given a path string, return a generator that walks up the path, emitting each dirname.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/walk-up-path@3.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/walk-up-path.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/walk-up-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/walk-up-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/walk-up-path" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config", + "group": "@npmcli", + "version": "8.3.2", + "bom-ref": "npm@10.8.0|@npmcli/config@8.3.2", + "author": "GitHub Inc.", + "description": "Configuration management for the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/config@8.3.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/config", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/config", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/config" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|ci-info@4.0.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@4.0.0?vcs_url=git%2Bhttps%3A//github.com/watson/ci-info.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ini", + "version": "4.1.2", + "bom-ref": "npm@10.8.0|ini@4.1.2", + "author": "GitHub Inc.", + "description": "An ini encoder/decoder for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ini@4.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/ini.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ini.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ini#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ini/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ini" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "10.3.15", + "bom-ref": "npm@10.8.0|glob@10.3.15", + "author": "Isaac Z. Schlueter", + "description": "the most correct and second fastest glob implementation in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@10.3.15?vcs_url=git%3A//github.com/isaacs/node-glob.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/glob" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "git", + "group": "@npmcli", + "version": "5.0.7", + "bom-ref": "npm@10.8.0|@npmcli/git@5.0.7", + "author": "GitHub Inc.", + "description": "a util for spawning git from npm CLI contexts", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/git@5.0.7?vcs_url=git%2Bhttps%3A//github.com/npm/git.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/git.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/git#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/git/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/git" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-spawn", + "group": "@npmcli", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "author": "GitHub Inc.", + "description": "spawn processes the way the npm cli likes to do", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/promise-spawn@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promise-spawn.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promise-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promise-spawn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promise-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/promise-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-inflight", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|promise-inflight@1.0.1", + "author": "Rebecca Turner", + "description": "One promise for multiple requests in flight to avoid async duplication", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promise-inflight@1.0.1?vcs_url=git%2Bhttps%3A//github.com/iarna/promise-inflight.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/promise-inflight.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/promise-inflight#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/promise-inflight/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-inflight" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promise-retry", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|promise-retry@2.0.1", + "author": "IndigoUnited", + "description": "Retries a function that returns a promise, leveraging the power of the retry module.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/promise-retry@2.0.1?vcs_url=git%3A//github.com/IndigoUnited/node-promise-retry.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/node-promise-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/node-promise-retry/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promise-retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|which@4.0.0", + "author": "GitHub Inc.", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-which.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|normalize-package-data@6.0.1", + "author": "GitHub Inc.", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@6.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/normalize-package-data.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "node-gyp", + "version": "10.1.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0", + "author": "Nathan Rajlich", + "description": "Node.js native addon build tool", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/node-gyp@10.1.0?vcs_url=git%3A//github.com/nodejs/node-gyp.git", + "externalReferences": [ + { + "url": "git://github.com/nodejs/node-gyp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/node-gyp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/node-gyp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf", + "group": "@sigstore", + "version": "2.3.3", + "bom-ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "author": "bdehamer@github.com", + "description": "Client for the Sigstore TUF repository", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/tuf@2.3.3?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/tuf#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/tuf" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "protobuf-specs", + "group": "@sigstore", + "version": "0.3.2", + "bom-ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/protobuf-specs@0.3.2?vcs_url=git%2Bhttps%3A//github.com/sigstore/protobuf-specs.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/protobuf-specs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/protobuf-specs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/protobuf-specs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tuf-js", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|tuf-js@2.2.1", + "author": "bdehamer@github.com", + "description": "JavaScript implementation of The Update Framework (TUF)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tuf-js@2.2.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tuf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "models", + "group": "@tufjs", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|@tufjs/models@2.0.1", + "author": "bdehamer@github.com", + "description": "TUF metadata models", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/models@2.0.1?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/models#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/models" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "canonical-json", + "group": "@tufjs", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "author": "bdehamer@github.com", + "description": "OLPC JSON canonicalization", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40tufjs/canonical-json@2.0.0?vcs_url=git%2Bhttps%3A//github.com/theupdateframework/tuf-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/theupdateframework/tuf-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/tree/main/packages/canonical-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/theupdateframework/tuf-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@tufjs/canonical-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.4", + "bom-ref": "npm@10.8.0|debug@4.3.4", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.4?vcs_url=git%3A//github.com/debug-js/debug.git", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "make-fetch-happen", + "version": "13.0.1", + "bom-ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "author": "GitHub Inc.", + "description": "Opinionated, caching, retrying fetch client", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/make-fetch-happen@13.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/make-fetch-happen.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/make-fetch-happen.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/make-fetch-happen/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/make-fetch-happen" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "abbrev", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|abbrev@2.0.0", + "author": "GitHub Inc.", + "description": "Like ruby's abbrev module, but in js", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/abbrev@2.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/abbrev-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/abbrev-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/abbrev-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/abbrev-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/abbrev" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "archy", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|archy@1.0.0", + "author": "James Halliday", + "description": "render nested hierarchies `npm ls` style with unicode pipes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/archy@1.0.0?vcs_url=git%2Bssh%3A//git%40github.com/substack/node-archy.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/substack/node-archy.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-archy#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-archy/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/archy" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "3.0.3", + "bom-ref": "npm@10.8.0|fs-minipass@3.0.3", + "author": "GitHub Inc.", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@3.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-collect", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|minipass-collect@2.0.1", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that collects all the data into a single chunk", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-collect@2.0.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-collect.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-collect.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-collect/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-collect" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|minipass@7.1.1", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@7.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-flush", + "version": "1.0.5", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that calls a flush function before emitting 'end'", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-flush.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-flush/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yallist", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|yallist@4.0.0", + "author": "Isaac Z. Schlueter", + "description": "Yet Another Linked List", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/yallist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/yallist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/yallist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/yallist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-pipeline", + "version": "1.2.4", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "author": "Isaac Z. Schlueter", + "description": "create a pipeline of streams using Minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-pipeline@1.2.4", + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-map", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|p-map@4.0.0", + "author": "Sindre Sorhus", + "description": "Map over promises concurrently", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-map@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/p-map.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-map.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-map#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-map/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/p-map" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tar", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|tar@6.2.1", + "author": "GitHub Inc.", + "description": "tar for node", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-tar.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-tar#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-tar/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-filename", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|unique-filename@3.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique filename for use in temporary directories or caches.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-filename@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-filename.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-filename.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/unique-filename", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/unique-filename/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-filename" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "unique-slug", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|unique-slug@4.0.0", + "author": "GitHub Inc.", + "description": "Generate a unique character string suitible for use in files and URLs.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/unique-slug@4.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/unique-slug.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/unique-slug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/unique-slug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/unique-slug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/unique-slug" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "imurmurhash", + "version": "0.1.4", + "bom-ref": "npm@10.8.0|imurmurhash@0.1.4", + "author": "Jens Taylor", + "description": "An incremental implementation of MurmurHash3", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/imurmurhash@0.1.4?vcs_url=git%2Bhttps%3A//github.com/jensyt/imurmurhash-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jensyt/imurmurhash-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jensyt/imurmurhash-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/imurmurhash" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "5.3.0", + "bom-ref": "npm@10.8.0|chalk@5.3.0", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@5.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/chalk.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chalk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-columns", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|cli-columns@4.0.0", + "author": "Shannon Moeller", + "description": "Columnated lists for the CLI.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cli-columns@4.0.0?vcs_url=git%2Bhttps%3A//github.com/shannonmoeller/cli-columns.git", + "externalReferences": [ + { + "url": "git+https://github.com/shannonmoeller/cli-columns.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/shannonmoeller/cli-columns/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cli-columns" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "npm@10.8.0|string-width@4.2.3", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "8.0.0", + "bom-ref": "npm@10.8.0|emoji-regex@8.0.0", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@8.0.0?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-fullwidth-code-point", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the character represented by a given Unicode code point is fullwidth", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-fullwidth-code-point@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-fullwidth-code-point.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-fullwidth-code-point" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|strip-ansi@6.0.1", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|ansi-regex@5.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@5.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fastest-levenshtein", + "version": "1.0.16", + "bom-ref": "npm@10.8.0|fastest-levenshtein@1.0.16", + "author": "Kasper U. Weihe", + "description": "Fastest Levenshtein distance implementation in JS.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fastest-levenshtein@1.0.16?vcs_url=git%2Bhttps%3A//github.com/ka-weihe/fastest-levenshtein.git", + "externalReferences": [ + { + "url": "git+https://github.com/ka-weihe/fastest-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein#README", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ka-weihe/fastest-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/fastest-levenshtein" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "foreground-child", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|foreground-child@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Run a child as if it's the foreground process. Give it stdio. Exit when it exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/foreground-child@3.1.1?vcs_url=git%2Bhttps%3A//github.com/tapjs/foreground-child.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/foreground-child.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/foreground-child#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/foreground-child/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/foreground-child" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cross-spawn", + "version": "7.0.3", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3", + "author": "André Cruz", + "description": "Cross platform child_process#spawn and child_process#spawnSync", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/cross-spawn@7.0.3?vcs_url=git%2Bssh%3A//git%40github.com/moxystudio/node-cross-spawn.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/moxystudio/node-cross-spawn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/moxystudio/node-cross-spawn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|path-key@3.1.1", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@3.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-key.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-key" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-command", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|shebang-command@2.0.0", + "author": "Kevin Mårtensson", + "description": "Get the command from a shebang", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-command@2.0.0?vcs_url=git%2Bhttps%3A//github.com/kevva/shebang-command.git", + "externalReferences": [ + { + "url": "git+https://github.com/kevva/shebang-command.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kevva/shebang-command#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kevva/shebang-command/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-command" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "shebang-regex", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|shebang-regex@3.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching a shebang line", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/shebang-regex@3.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/shebang-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/shebang-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/shebang-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/shebang-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|isexe@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@2.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "npm@10.8.0|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0?vcs_url=git%2Bhttps%3A//github.com/tapjs/signal-exit.git", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jackspeak", + "version": "2.3.6", + "bom-ref": "npm@10.8.0|jackspeak@2.3.6", + "author": "Isaac Z. Schlueter", + "description": "A very strict and proper argument parser.", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/jackspeak@2.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/jackspeak.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/jackspeak.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/jackspeak#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/jackspeak/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jackspeak" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "group": "@isaacs", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40isaacs/cliui@8.0.2?vcs_url=git%2Bhttps%3A//github.com/yargs/cliui.git", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "4.2.3", + "bom-ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@4.2.3?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/string-width-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eastasianwidth", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|eastasianwidth@0.2.0", + "author": "Masaki Komagata", + "description": "Get East Asian Width from a character.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eastasianwidth@0.2.0?vcs_url=git%3A//github.com/komagata/eastasianwidth.git", + "externalReferences": [ + { + "url": "git://github.com/komagata/eastasianwidth.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/komagata/eastasianwidth/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/eastasianwidth" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "6.0.1", + "bom-ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/strip-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "7.0.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@7.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|color-convert@2.0.1", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@2.0.1?vcs_url=git%2Bhttps%3A//github.com/Qix-/color-convert.git", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-convert" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.4", + "bom-ref": "npm@10.8.0|color-name@1.1.4", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.4?vcs_url=git%2Bssh%3A//git%40github.com/colorjs/color-name.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/colorjs/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/colorjs/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/colorjs/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/color-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "8.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@8.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "6.2.1", + "bom-ref": "npm@10.8.0|ansi-styles@6.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@6.2.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parseargs", + "group": "@pkgjs", + "version": "0.11.0", + "bom-ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0", + "description": "Polyfill of future proposal for `util.parseArgs()`", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40pkgjs/parseargs@0.11.0?vcs_url=git%2Bssh%3A//git%40github.com/pkgjs/parseargs.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/pkgjs/parseargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pkgjs/parseargs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pkgjs/parseargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@pkgjs/parseargs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-scurry", + "version": "1.11.1", + "bom-ref": "npm@10.8.0|path-scurry@1.11.1", + "author": "Isaac Z. Schlueter", + "description": "walk paths fast and efficiently", + "licenses": [ + { + "license": { + "id": "BlueOak-1.0.0" + } + } + ], + "purl": "pkg:npm/path-scurry@1.11.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/path-scurry.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/path-scurry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/path-scurry#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/path-scurry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/path-scurry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "graceful-fs", + "version": "4.2.11", + "bom-ref": "npm@10.8.0|graceful-fs@4.2.11", + "description": "A drop-in replacement for fs, making various improvements.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/graceful-fs@4.2.11?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-graceful-fs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-graceful-fs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/graceful-fs" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "init-package-json", + "version": "6.0.3", + "bom-ref": "npm@10.8.0|init-package-json@6.0.3", + "author": "GitHub Inc.", + "description": "A node module to get your node module started", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/init-package-json@6.0.3?vcs_url=git%2Bhttps%3A//github.com/npm/init-package-json.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/init-package-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/init-package-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/init-package-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/init-package-json" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "promzard", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|promzard@1.0.2", + "author": "GitHub Inc.", + "description": "prompting wizardly", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/promzard@1.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/promzard.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/promzard.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/promzard#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/promzard/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/promzard" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "read", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|read@3.0.1", + "author": "GitHub Inc.", + "description": "read(1) for node programs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/read@3.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/read.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/read.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/read#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/read/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/read" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-license", + "version": "3.0.4", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "author": "Kyle E. Mitchell", + "description": "Give me a string and I'll tell you if it's a valid npm package license string", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/validate-npm-package-license@3.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/validate-npm-package-license.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-correct", + "version": "3.2.0", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0", + "description": "correct invalid SPDX expressions", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/spdx-correct@3.2.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-correct.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-correct.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-correct.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-exceptions", + "version": "2.5.0", + "bom-ref": "npm@10.8.0|spdx-exceptions@2.5.0", + "author": "The Linux Foundation", + "description": "list of SPDX standard license exceptions", + "licenses": [ + { + "license": { + "id": "CC-BY-3.0" + } + } + ], + "purl": "pkg:npm/spdx-exceptions@2.5.0?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "externalReferences": [ + { + "url": "git+https://github.com/kemitchell/spdx-exceptions.json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-exceptions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-license-ids", + "version": "3.0.17", + "bom-ref": "npm@10.8.0|spdx-license-ids@3.0.17", + "author": "Shinnosuke Watanabe", + "description": "A list of SPDX license identifiers", + "licenses": [ + { + "license": { + "id": "CC0-1.0" + } + } + ], + "purl": "pkg:npm/spdx-license-ids@3.0.17?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-license-ids.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-license-ids.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-license-ids/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-license-ids" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "validate-npm-package-name", + "version": "5.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-name@5.0.1", + "author": "GitHub Inc.", + "description": "Give me a string and I'll tell you if it's a valid npm package name", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/validate-npm-package-name@5.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/validate-npm-package-name.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/validate-npm-package-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/validate-npm-package-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-name" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-cidr", + "version": "5.0.5", + "bom-ref": "npm@10.8.0|is-cidr@5.0.5", + "author": "silverwind", + "description": "Check if a string is an IP address in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/is-cidr@5.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/is-cidr.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/is-cidr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/is-cidr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/is-cidr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-cidr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cidr-regex", + "version": "4.0.5", + "bom-ref": "npm@10.8.0|cidr-regex@4.0.5", + "author": "silverwind", + "description": "Regular expression for matching IP addresses in CIDR notation", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/cidr-regex@4.0.5?vcs_url=git%2Bhttps%3A//github.com/silverwind/cidr-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/silverwind/cidr-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/silverwind/cidr-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cidr-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-regex", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|ip-regex@5.0.0", + "author": "Sindre Sorhus", + "description": "Regular expression for matching IP addresses (IPv4 & IPv6)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-regex@5.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ip-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/ip-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/ip-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmaccess", + "version": "8.0.6", + "bom-ref": "npm@10.8.0|libnpmaccess@8.0.6", + "author": "GitHub Inc.", + "description": "programmatic library for `npm access` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmaccess@8.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmaccess", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmaccess", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmaccess", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmaccess/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmaccess" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmdiff", + "version": "6.1.2", + "bom-ref": "npm@10.8.0|libnpmdiff@6.1.2", + "author": "GitHub Inc.", + "description": "The registry diff", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmdiff@6.1.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmdiff", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmdiff", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmdiff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "binary-extensions", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|binary-extensions@2.3.0", + "author": "Sindre Sorhus", + "description": "List of binary file extensions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/binary-extensions@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/binary-extensions.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/binary-extensions.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/binary-extensions/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/binary-extensions" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "npm@10.8.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0?vcs_url=git%3A//github.com/kpdecker/jsdiff.git", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmexec", + "version": "8.1.1", + "bom-ref": "npm@10.8.0|libnpmexec@8.1.1", + "author": "GitHub Inc.", + "description": "npm exec (npx) programmatic API", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmexec@8.1.1?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmexec", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmexec", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmexec" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmfund", + "version": "5.0.10", + "bom-ref": "npm@10.8.0|libnpmfund@5.0.10", + "author": "GitHub Inc.", + "description": "Programmatic API for npm fund", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmfund@5.0.10?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmfund", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmfund", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmfund" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmhook", + "version": "10.0.5", + "bom-ref": "npm@10.8.0|libnpmhook@10.0.5", + "author": "GitHub Inc.", + "description": "programmatic API for managing npm registry hooks", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmhook@10.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmhook", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmhook", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmhook" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aproba", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|aproba@2.0.0", + "author": "Rebecca Turner", + "description": "A ridiculously light-weight argument validator (now browser friendly)", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/aproba@2.0.0?vcs_url=git%2Bhttps%3A//github.com/iarna/aproba.git", + "externalReferences": [ + { + "url": "git+https://github.com/iarna/aproba.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/iarna/aproba", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/iarna/aproba/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aproba" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmorg", + "version": "6.0.6", + "bom-ref": "npm@10.8.0|libnpmorg@6.0.6", + "author": "GitHub Inc.", + "description": "Programmatic api for `npm org` commands", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmorg@6.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmorg", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmorg", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmorg", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmorg/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmorg" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpack", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|libnpmpack@7.0.2", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm pack", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpack@7.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpack", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpack", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpack", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmpack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmpublish", + "version": "9.0.8", + "bom-ref": "npm@10.8.0|libnpmpublish@9.0.8", + "author": "GitHub Inc.", + "description": "Programmatic API for the bits behind npm publish and unpublish", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmpublish@9.0.8?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmpublish", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmpublish", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmpublish", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmpublish" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sigstore", + "version": "2.3.0", + "bom-ref": "npm@10.8.0|sigstore@2.3.0", + "author": "bdehamer@github.com", + "description": "code-signing for npm packages", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/sigstore@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/client#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sigstore" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "bundle", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore bundle type", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/bundle@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/bundle#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/bundle" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@sigstore", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|@sigstore/core@1.1.0", + "author": "bdehamer@github.com", + "description": "Base library for Sigstore", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/core@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/core#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/core" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sign", + "group": "@sigstore", + "version": "2.3.1", + "bom-ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "author": "bdehamer@github.com", + "description": "Sigstore signing library", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/sign@2.3.1?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/sign#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/sign" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "verify", + "group": "@sigstore", + "version": "1.2.0", + "bom-ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "author": "bdehamer@github.com", + "description": "Verification of Sigstore signatures", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40sigstore/verify@1.2.0?vcs_url=git%2Bhttps%3A//github.com/sigstore/sigstore-js.git", + "externalReferences": [ + { + "url": "git+https://github.com/sigstore/sigstore-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/tree/main/packages/verify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sigstore/sigstore-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@sigstore/verify" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmsearch", + "version": "7.0.5", + "bom-ref": "npm@10.8.0|libnpmsearch@7.0.5", + "author": "GitHub Inc.", + "description": "Programmatic API for searching in npm and compatible registries.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmsearch@7.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmsearch", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmsearch", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmsearch", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/libnpmsearch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmsearch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmteam", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|libnpmteam@6.0.5", + "author": "GitHub Inc.", + "description": "npm Team management APIs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmteam@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmteam", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmteam", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://npmjs.com/package/libnpmteam", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmteam" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "libnpmversion", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|libnpmversion@6.0.2", + "author": "GitHub Inc.", + "description": "library to do the things that 'npm version' does", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/libnpmversion@6.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/cli.git#workspaces/libnpmversion", + "externalReferences": [ + { + "url": "git+https://github.com/npm/cli.git#workspaces/libnpmversion", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/npm/cli#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/cli/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/libnpmversion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent", + "group": "@npmcli", + "version": "2.2.2", + "bom-ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "author": "GitHub Inc.", + "description": "the http/https agent used by the npm cli", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/%40npmcli/agent@2.2.2?vcs_url=git%2Bhttps%3A//github.com/npm/agent.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@npmcli/agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "agent-base", + "version": "7.1.1", + "bom-ref": "npm@10.8.0|agent-base@7.1.1", + "author": "Nathan Rajlich", + "description": "Turn a function into an `http.Agent` instance", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/agent-base@7.1.1?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/agent-base", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/agent-base" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-proxy-agent", + "version": "7.0.2", + "bom-ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTP", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/http-proxy-agent@7.0.2?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/http-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "https-proxy-agent", + "version": "7.0.4", + "bom-ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "author": "Nathan Rajlich", + "description": "An HTTP(s) proxy `http.Agent` implementation for HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/https-proxy-agent@7.0.4?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/https-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/https-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks-proxy-agent", + "version": "8.0.3", + "bom-ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "author": "Nathan Rajlich", + "description": "A SOCKS proxy `http.Agent` implementation for HTTP and HTTPS", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks-proxy-agent@8.0.3?vcs_url=git%2Bhttps%3A//github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "externalReferences": [ + { + "url": "git+https://github.com/TooTallNate/proxy-agents.git#packages/socks-proxy-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TooTallNate/proxy-agents/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks-proxy-agent" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "socks", + "version": "2.8.3", + "bom-ref": "npm@10.8.0|socks@2.8.3", + "author": "Josh Glazebrook", + "description": "Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/socks@2.8.3?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/socks.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/socks.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/socks/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/socks" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ip-address", + "version": "9.0.5", + "bom-ref": "npm@10.8.0|ip-address@9.0.5", + "author": "Beau Gunderson", + "description": "A library for parsing IPv4 and IPv6 IP addresses in node and the browser.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ip-address@9.0.5?vcs_url=git%3A//github.com/beaugunderson/ip-address.git", + "externalReferences": [ + { + "url": "git://github.com/beaugunderson/ip-address.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/beaugunderson/ip-address/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ip-address" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsbn", + "version": "1.1.0", + "bom-ref": "npm@10.8.0|jsbn@1.1.0", + "author": "Tom Wu", + "description": "The jsbn library is a fast, portable implementation of large-number math in pure JavaScript, enabling public-key crypto and other applications on desktop and mobile browsers.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsbn@1.1.0?vcs_url=git%2Bhttps%3A//github.com/andyperlitch/jsbn.git", + "externalReferences": [ + { + "url": "git+https://github.com/andyperlitch/jsbn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andyperlitch/jsbn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsbn" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.1.3", + "bom-ref": "npm@10.8.0|sprintf-js@1.1.3", + "author": "Alexandru Mărășteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.1.3?vcs_url=git%2Bhttps%3A//github.com/alexei/sprintf.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "smart-buffer", + "version": "4.2.0", + "bom-ref": "npm@10.8.0|smart-buffer@4.2.0", + "author": "Josh Glazebrook", + "description": "smart-buffer is a Buffer wrapper that adds automatic read & write offset tracking, string operations, data insertions, and more.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/smart-buffer@4.2.0?vcs_url=git%2Bhttps%3A//github.com/JoshGlazebrook/smart-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/JoshGlazebrook/smart-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/JoshGlazebrook/smart-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/smart-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "http-cache-semantics", + "version": "4.1.1", + "bom-ref": "npm@10.8.0|http-cache-semantics@4.1.1", + "author": "Kornel Lesiński", + "description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/http-cache-semantics@4.1.1?vcs_url=git%2Bhttps%3A//github.com/kornelski/http-cache-semantics.git", + "externalReferences": [ + { + "url": "git+https://github.com/kornelski/http-cache-semantics.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kornelski/http-cache-semantics/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/http-cache-semantics" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-lambda", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|is-lambda@1.0.1", + "author": "Thomas Watson Steen", + "description": "Detect if your code is running on an AWS Lambda server", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-lambda@1.0.1?vcs_url=git%2Bhttps%3A//github.com/watson/is-lambda.git", + "externalReferences": [ + { + "url": "git+https://github.com/watson/is-lambda.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/is-lambda", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/is-lambda/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-lambda" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-fetch", + "version": "3.0.5", + "bom-ref": "npm@10.8.0|minipass-fetch@3.0.5", + "author": "GitHub Inc.", + "description": "An implementation of window.fetch in Node.js using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-fetch@3.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-fetch.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-fetch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-fetch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-fetch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-fetch" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "encoding", + "version": "0.1.13", + "bom-ref": "npm@10.8.0|encoding@0.1.13", + "author": "Andris Reinman", + "description": "Convert encodings, uses iconv-lite", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/encoding@0.1.13?vcs_url=git%2Bhttps%3A//github.com/andris9/encoding.git", + "externalReferences": [ + { + "url": "git+https://github.com/andris9/encoding.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/andris9/encoding#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/andris9/encoding/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/encoding" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "iconv-lite", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|iconv-lite@0.6.3", + "author": "Alexander Shtuchkin", + "description": "Convert character encodings in pure javascript.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/iconv-lite@0.6.3?vcs_url=git%3A//github.com/ashtuchkin/iconv-lite.git", + "externalReferences": [ + { + "url": "git://github.com/ashtuchkin/iconv-lite.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ashtuchkin/iconv-lite/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/iconv-lite" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "safer-buffer", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|safer-buffer@2.1.2", + "author": "Nikita Skovoroda", + "description": "Modern Buffer API polyfill without footguns", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safer-buffer@2.1.2?vcs_url=git%2Bhttps%3A//github.com/ChALkeR/safer-buffer.git", + "externalReferences": [ + { + "url": "git+https://github.com/ChALkeR/safer-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ChALkeR/safer-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/safer-buffer" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-sized", + "version": "1.0.3", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3", + "author": "Isaac Z. Schlueter", + "description": "A Minipass stream that raises an error if you get a different number of bytes than expected", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass-sized@1.0.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-sized.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass-sized.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass-sized/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minizlib", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|minizlib@2.1.2", + "author": "Isaac Z. Schlueter", + "description": "A small fast zlib stream built on [minipass](http://npm.im/minipass) and Node.js's zlib binding.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minizlib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minizlib#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minizlib/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "negotiator", + "version": "0.6.3", + "bom-ref": "npm@10.8.0|negotiator@0.6.3", + "description": "HTTP content negotiation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/negotiator@0.6.3?vcs_url=git%2Bhttps%3A//github.com/jshttp/negotiator.git", + "externalReferences": [ + { + "url": "git+https://github.com/jshttp/negotiator.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jshttp/negotiator#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jshttp/negotiator/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/negotiator" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "err-code", + "version": "2.0.3", + "bom-ref": "npm@10.8.0|err-code@2.0.3", + "author": "IndigoUnited", + "description": "Create an error with a code", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/err-code@2.0.3?vcs_url=git%3A//github.com/IndigoUnited/js-err-code.git", + "externalReferences": [ + { + "url": "git://github.com/IndigoUnited/js-err-code.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/IndigoUnited/js-err-code/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/err-code" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "retry", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|retry@0.12.0", + "author": "Tim Koschützki", + "description": "Abstraction for exponential and custom retry strategies for failed operations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/retry@0.12.0?vcs_url=git%3A//github.com/tim-kos/node-retry.git", + "externalReferences": [ + { + "url": "git://github.com/tim-kos/node-retry.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tim-kos/node-retry", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tim-kos/node-retry/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/retry" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|brace-expansion@2.0.1", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@2.0.1?vcs_url=git%3A//github.com/juliangruber/brace-expansion.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "balanced-match", + "version": "1.0.2", + "bom-ref": "npm@10.8.0|balanced-match@1.0.2", + "author": "Julian Gruber", + "description": "Match balanced character pairs, like \"{\" and \"}\"", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/balanced-match@1.0.2?vcs_url=git%3A//github.com/juliangruber/balanced-match.git", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/balanced-match.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/balanced-match/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/balanced-match" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.3", + "bom-ref": "npm@10.8.0|ms@2.1.3", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.3?vcs_url=git%2Bhttps%3A//github.com/vercel/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/vercel/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/vercel/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/vercel/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "env-paths", + "version": "2.2.1", + "bom-ref": "npm@10.8.0|env-paths@2.2.1", + "author": "Sindre Sorhus", + "description": "Get paths for storing things like data, config, cache, etc", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/env-paths@2.2.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/env-paths.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/env-paths.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/env-paths/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/env-paths" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "exponential-backoff", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|exponential-backoff@3.1.1", + "author": "Sami Sayegh", + "description": "A utility that allows retrying a function with an exponential delay between attempts.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/exponential-backoff@3.1.1?vcs_url=git%2Bhttps%3A//github.com/coveo/exponential-backoff.git", + "externalReferences": [ + { + "url": "git+https://github.com/coveo/exponential-backoff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/coveo/exponential-backoff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/exponential-backoff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-core-module", + "version": "2.13.1", + "bom-ref": "npm@10.8.0|is-core-module@2.13.1", + "author": "Jordan Harband", + "description": "Is this specifier a node.js core module?", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-core-module@2.13.1?vcs_url=git%2Bhttps%3A//github.com/inspect-js/is-core-module.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/is-core-module.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/is-core-module/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/is-core-module" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hasown", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|hasown@2.0.2", + "author": "Jordan Harband", + "description": "A robust, ES3 compatible, \"has own property\" predicate.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/hasown@2.0.2?vcs_url=git%2Bhttps%3A//github.com/inspect-js/hasOwn.git", + "externalReferences": [ + { + "url": "git+https://github.com/inspect-js/hasOwn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/inspect-js/hasOwn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/hasown" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "function-bind", + "version": "1.1.2", + "bom-ref": "npm@10.8.0|function-bind@1.1.2", + "author": "Raynos", + "description": "Implementation of Function.prototype.bind", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/function-bind@1.1.2?vcs_url=git%2Bhttps%3A//github.com/Raynos/function-bind.git", + "externalReferences": [ + { + "url": "git+https://github.com/Raynos/function-bind.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Raynos/function-bind", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Raynos/function-bind/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/function-bind" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-audit-report", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|npm-audit-report@5.0.0", + "author": "GitHub Inc.", + "description": "Given a response from the npm security api, render it into a variety of security reports", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-audit-report@5.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-audit-report.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-audit-report.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-audit-report#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-audit-report/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-audit-report" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-profile", + "version": "10.0.0", + "bom-ref": "npm@10.8.0|npm-profile@10.0.0", + "author": "GitHub Inc.", + "description": "Library for updating an npmjs.com profile", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-profile@10.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/npm-profile.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-profile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-profile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-profile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-profile" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass-json-stream", + "version": "1.0.1", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "author": "Isaac Z. Schlueter", + "description": "Like JSONStream, but using Minipass streams", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/minipass-json-stream@1.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/minipass-json-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/minipass-json-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/minipass-json-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonparse", + "version": "1.3.1", + "bom-ref": "npm@10.8.0|jsonparse@1.3.1", + "author": "Tim Caswell", + "description": "This is a pure-js JSON streaming parser for node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonparse@1.3.1?vcs_url=git%2Bssh%3A//git%40github.com/creationix/jsonparse.git", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/creationix/jsonparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/creationix/jsonparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/creationix/jsonparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/jsonparse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-user-validate", + "version": "2.0.1", + "bom-ref": "npm@10.8.0|npm-user-validate@2.0.1", + "author": "GitHub Inc.", + "description": "User validations for npm", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/npm-user-validate@2.0.1?vcs_url=git%2Bhttps%3A//github.com/npm/npm-user-validate.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-user-validate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-user-validate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-user-validate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-user-validate" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "aggregate-error", + "version": "3.1.0", + "bom-ref": "npm@10.8.0|aggregate-error@3.1.0", + "author": "Sindre Sorhus", + "description": "Create an error from multiple errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/aggregate-error@3.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/aggregate-error.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/aggregate-error.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/aggregate-error/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/aggregate-error" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "clean-stack", + "version": "2.2.0", + "bom-ref": "npm@10.8.0|clean-stack@2.2.0", + "author": "Sindre Sorhus", + "description": "Clean up error stack traces", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/clean-stack@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/clean-stack.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/clean-stack.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/clean-stack/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/clean-stack" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "indent-string", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|indent-string@4.0.0", + "author": "Sindre Sorhus", + "description": "Indent each line in a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/indent-string@4.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/indent-string.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/indent-string.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/indent-string/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/indent-string" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "npm-packlist", + "version": "8.0.2", + "bom-ref": "npm@10.8.0|npm-packlist@8.0.2", + "author": "GitHub Inc.", + "description": "Get a list of the files to add from a folder into an npm package", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/npm-packlist@8.0.2?vcs_url=git%2Bhttps%3A//github.com/npm/npm-packlist.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/npm-packlist.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/npm-packlist#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/npm-packlist/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/npm-packlist" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore-walk", + "version": "6.0.5", + "bom-ref": "npm@10.8.0|ignore-walk@6.0.5", + "author": "GitHub Inc.", + "description": "Nested/recursive `.gitignore`/`.npmignore` parsing and filtering.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/ignore-walk@6.0.5?vcs_url=git%2Bhttps%3A//github.com/npm/ignore-walk.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/ignore-walk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/ignore-walk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/ignore-walk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/ignore-walk" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff-apply", + "version": "5.5.0", + "bom-ref": "npm@10.8.0|just-diff-apply@5.5.0", + "author": "Angus Croll", + "description": "Apply a diff to an object. Optionally supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff-apply@5.5.0?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff-apply" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "just-diff", + "version": "6.0.2", + "bom-ref": "npm@10.8.0|just-diff@6.0.2", + "author": "Angus Croll", + "description": "Return an object representing the diffs between two objects. Supports jsonPatch protocol", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/just-diff@6.0.2?vcs_url=git%2Bhttps%3A//github.com/angus-c/just.git", + "externalReferences": [ + { + "url": "git+https://github.com/angus-c/just.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/angus-c/just#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/angus-c/just/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/just-diff" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "qrcode-terminal", + "version": "0.12.0", + "bom-ref": "npm@10.8.0|qrcode-terminal@0.12.0", + "description": "QRCodes, in the terminal", + "licenses": [ + { + "license": { + "name": "Apache 2.0" + } + } + ], + "purl": "pkg:npm/qrcode-terminal@0.12.0?vcs_url=git%2Bhttps%3A//github.com/gtanner/qrcode-terminal.git", + "externalReferences": [ + { + "url": "git+https://github.com/gtanner/qrcode-terminal.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gtanner/qrcode-terminal/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/qrcode-terminal" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "npm@10.8.0|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/mute-stream.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "4.0.0", + "bom-ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@4.0.0?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "9.4.0", + "bom-ref": "npm@10.8.0|supports-color@9.4.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@9.4.0?vcs_url=git%2Bhttps%3A//github.com/chalk/supports-color.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chownr", + "version": "2.0.0", + "bom-ref": "npm@10.8.0|chownr@2.0.0", + "author": "Isaac Z. Schlueter", + "description": "like `chown -R`", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/chownr@2.0.0?vcs_url=git%3A//github.com/isaacs/chownr.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/chownr.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/chownr#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/chownr/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/chownr" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "1.0.4", + "bom-ref": "npm@10.8.0|mkdirp@1.0.4", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@1.0.4?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-mkdirp.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "text-table", + "version": "0.2.0", + "bom-ref": "npm@10.8.0|text-table@0.2.0", + "author": "James Halliday", + "description": "borderless text tables with alignment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/text-table@0.2.0?vcs_url=git%3A//github.com/substack/text-table.git", + "externalReferences": [ + { + "url": "git://github.com/substack/text-table.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/text-table", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/text-table/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/text-table" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tiny-relative-date", + "version": "1.3.0", + "bom-ref": "npm@10.8.0|tiny-relative-date@1.3.0", + "author": "Joseph Wynn", + "description": "Tiny function that provides relative, human-readable dates.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tiny-relative-date@1.3.0?vcs_url=git%2Bhttps%3A//github.com/wildlyinaccurate/relative-date.git", + "externalReferences": [ + { + "url": "git+https://github.com/wildlyinaccurate/relative-date.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/wildlyinaccurate/relative-date/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tiny-relative-date" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-version@2.2.2|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-version/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/@oclif/core" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "http-call", + "version": "5.3.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "author": "Jeff Dickey @jdxcode", + "description": "make http requests", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/http-call@5.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/heroku/http-call.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/heroku/http-call", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/heroku/http-call/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/http-call/-/http-call-5.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6a1c229ac0b6dc8084e243e5f714c18ca0788a76d169e2f265e46e9c2ff5272fd9e97f2dbf6d8c1008caf8a04e31254b6aa5cf4d399df3adfcc1a54828b1b1db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call" + } + ] + }, + { + "type": "library", + "name": "is-retry-allowed", + "version": "1.1.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "author": "Vsevolod Strukchinsky", + "description": "My prime module", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-retry-allowed@1.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/floatdrop/is-retry-allowed.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/floatdrop/is-retry-allowed/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "11a060568b67339444033d0125a61a20d564fb34" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/is-retry-allowed" + } + ] + }, + { + "type": "library", + "name": "json-parse-better-errors", + "version": "1.0.2", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2", + "author": "Kat Marchán", + "description": "JSON.parse with context information on error", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-parse-better-errors@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/zkat/json-parse-better-errors.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zkat/json-parse-better-errors/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9abab264a7d7e4484bee1bea715e961b5c988e78deb980f30e185c00052babc3e8f3934140124ff990d44fbe6a650f7c22452806a76413192e90e53b4ecdb0af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/json-parse-better-errors" + } + ] + }, + { + "type": "library", + "name": "tunnel-agent", + "version": "0.6.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "author": "Mikeal Rogers", + "description": "HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/tunnel-agent@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/mikeal/tunnel-agent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mikeal/tunnel-agent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "27a5dea06b36b04a0a9966774b290868f0fc40fd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/tunnel-agent" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "sinon@16.1.3|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "7.2.0", + "bom-ref": "sinon@16.1.3|supports-color@7.2.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@7.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "aa9080bd197db2db8e1ef78ab27ec79dc251befe74d6a21a70acd094effe2f0c5cf7ed2adb02f2bf80dfbedf34fc33e7da9a8e06c25d0e2a205c647df8ebf047" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sinon/node_modules/supports-color" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "commons", + "group": "@sinonjs", + "version": "2.0.0", + "bom-ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "description": "Simple functions shared among the sinon end user libraries", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/commons@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/commons.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/commons#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/commons/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/commons/-/commons-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b8b6b48fce7d98cae0dac97041874efc092b39f987f97e8b4d598d4d2f42a9ec6e13622f54e448912a492ea78f01b127289efb68c982c2bd4d519e7bd76d1772" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@sinonjs/samsam/node_modules/@sinonjs/commons" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fake-timers", + "group": "@sinonjs", + "version": "11.2.2", + "bom-ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "author": "Christian Johansen", + "description": "Fake JavaScript timers", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40sinonjs/fake-timers@11.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sinonjs/fake-timers.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sinonjs/fake-timers/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-11.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b6a62092c50ee858ec701920321477cf22cc9e2465d8b5cea615b9c503e9115e48849d397c73ff23ba5d92df6f621419c323d1c6a1e596019beebce91971c83" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/@sinonjs/fake-timers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "path-to-regexp", + "version": "6.2.2", + "bom-ref": "nise@5.1.9|path-to-regexp@6.2.2", + "description": "Express style path to RegExp utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-to-regexp@6.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/pillarjs/path-to-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/pillarjs/path-to-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1905f749232892781bdfafb085da515c4fb77fd57c533c80a2b958bce1b1f3bb9f1877a13539f9942c6b2ad2f2678625ff010a9cd9ebf7c6733b0c03655e6883" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/nise/node_modules/path-to-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "5.2.0", + "bom-ref": "pretty-format@29.7.0|ansi-styles@5.2.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0b1c29b7649f4f34ed5dc7ce97318479ef0ef9cf8c994806acd8817179ee5b1b852477ba6b91f3eeac21c1ee4e81a498234209be42ea597d40486f9c24e90488" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pretty-format/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-util@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-util/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint@8.57.0|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint@8.57.0|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint@8.57.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint@8.57.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@7.12.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/scope-manager", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8ad175a539cde85dee9cf6a4fa4bad1fdada2242f79611f56113c682ded040e878dc340a5495e65a4a5bfafa5cfd38831ece9149df424db0ec73f63e620abb92" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@7.12.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a3ed137ba796a76a69298de62c253e600f69549c61509135e4557b931b83f638302006bec3fc9c18904cad80d3a5519433fb60a5af5278c3ae81269b585abb6e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@7.12.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b9993b0debeb40b2f7bd29df165e5b8f8b0bef9a82f43e847637a621d6ed92e526221796a6e8a2ca5498d35271244efecc6ace58366ba755b13ae0e7b6f2ab1d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "7.12.0", + "bom-ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@7.12.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://typescript-eslint.io/packages/typescript-estree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.12.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e5bc2a2ec58150bbf587aa67edc316e5d5d7fd8d9a991a8b68aaac0125706c11cc6529c7a84fc7378bd3e1f134685b22c3162fafdf24a8e5a1d5af192976a509" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "description": "TypeScript plugin for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/eslint-plugin@4.33.0#packages/eslint-plugin", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/eslint-plugin", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68836203119574e975789c958da5a7fd871502ae068bf628df9a871829ea6d6573eb5837f43d21db7bde63f300d2b14519fc4aed3c92836bb00de36ff89815a6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/eslint-plugin" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parser", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "description": "An ESLint custom parser which leverages TypeScript ESTree", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/parser@4.33.0#packages/parser", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/parser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66885db1b5da76318148ad3fafe77ced7d120662b33aae3f4b99f32ba481809b29168f7f0940c9ee18dacaecdef892bb09940b0ccae8ab2b69ee939c14a4f164" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint", + "version": "7.32.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "author": "Nicholas C. Zakas", + "description": "An AST-based pattern checker for JavaScript.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint@7.32.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://eslint.org", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint/issues/", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint/-/eslint-7.32.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "54767c817f840dfcfef7b8c6720c860b24626bf74f39de9787dc8fbfc065d7e4a8688c03f9afef96b3a6191532398bbb33052173b0b1a9e683654d774b8f84a4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "code-frame", + "group": "@babel", + "version": "7.12.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "author": "Sebastian McKenzie", + "description": "Generate errors that contain a code frame that point to source locations.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40babel/code-frame@7.12.11#packages/babel-code-frame", + "externalReferences": [ + { + "url": "git+https://github.com/babel/babel.git#packages/babel-code-frame", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://babeljs.io/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/babel/babel/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66dd72a1d071d5473289e3cc4a45a753884faa1c2aee11a2da714bd4b780dc4525faad8b431d7a3084a0274fb3edd9e682f3fd42d2257ae11318e88e1f545c23" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@babel/code-frame" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslintrc", + "group": "@eslint", + "version": "0.4.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "author": "Nicholas C. Zakas", + "description": "The legacy ESLintRC config file format for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40eslint/eslintrc@0.4.3", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslintrc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslintrc#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslintrc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27a285173e50098509ab7a5fd268c47022551116f3bfbd4f5080dccee87d264c0613371e77a08ee400cb1c1d6b6dfffea0f06da0f7cc60d3a9183cc200d95b5f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "espree", + "version": "7.3.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "author": "Nicholas C. Zakas", + "description": "An Esprima-compatible JavaScript parser built on Acorn", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/espree@7.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/espree.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/espree", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/eslint/espree.git", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/espree/-/espree-7.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bf724234213ae2e9a41699a4146ab354ab0e4f4b4dd59afeb9ea8b65fa55d4e6fc7be08480f59af8ec42a061f7b6786298c2886819b89bfbda46927f92b473da" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/js-yaml" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "config-array", + "group": "@humanwhocodes", + "version": "0.5.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "author": "Nicholas C. Zakas", + "description": "Glob-based configuration matching.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/config-array@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/config-array.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/config-array/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "15a82d285cfbe17ad397bcba1c2cd0a700df5cfd328717bd9472c3d546718ef64871bc91cfccd3145ff260d7d27f3538d78783c19d52aced10bedc9ffb014c42" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/config-array" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "object-schema", + "group": "@humanwhocodes", + "version": "1.2.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "author": "Nicholas C. Zakas", + "description": "An object schema merger/validator", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/%40humanwhocodes/object-schema@1.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/humanwhocodes/object-schema.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/humanwhocodes/object-schema/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "66740c9cb5787bb843954bf0f07f94f0048bd36492d869fafbd01cdf01862c87bbfa37b601e00ec4f63e8b320f2437c50dbede0e37afd14b3c30ed6215137c84" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@humanwhocodes/object-schema" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "acorn", + "version": "7.4.1", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "description": "ECMAScript parser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/acorn@7.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/acornjs/acorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/acornjs/acorn", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/acornjs/acorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9d0ca9d28d7f98d75b4ced4f3ba9079304ab9a0674313fe3082a4d8b06d48c6a11378765061a89b6842e0a710e2b3813570834656882a10cba4b131e6d0561f0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/acorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob-parent", + "version": "5.1.2", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "author": "Gulp Team", + "description": "Extract the non-magic parent path from a glob string.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob-parent@5.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/gulpjs/glob-parent.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/gulpjs/glob-parent/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "00e22049009ea62258c0fdc04671b1fb95674eed870587736c63f8e5e2f0d6faf7cc1def64b7b279dd6c0bd8676dc39cf7f4ab33233944f42b906cf8692f59a3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/glob-parent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/argparse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/sprintf-js" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo-space", + "version": "0.29.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO with 2-space indent", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo-space@0.29.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo-space.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo-space/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo-space/-/eslint-config-xo-space-0.29.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a65195478e6ce5dc8d5a3b633fda0129a9afc61d74e5ecb17fbd07805f85be990214fb6932a98f7b16432749cd89f0eb28abebc2497098fc78c552614817f02" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo-space" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-config-xo", + "version": "0.38.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "author": "Sindre Sorhus", + "description": "ESLint shareable config for XO", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-config-xo@0.38.0", + "externalReferences": [ + { + "url": "git+https://github.com/xojs/eslint-config-xo.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/xojs/eslint-config-xo/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-config-xo/-/eslint-config-xo-0.38.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1b68cbf95c9f91c656f06a139aa2ec131beb5acb0179d4a8690435d6fca17e50de4f772c31d055a743a7f805628eb46ebe09a459e0f0c142f9463d2a0d11caea" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-config-xo" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "scope-manager", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "description": "TypeScript scope analyser for ESLint", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/scope-manager@4.33.0#packages/scope-manager", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/scope-manager", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e487c91e9813b1366e38d29b38372d2f890ab908defdbcc1464c0713c50e6787fcf5979d760f84199b3c3c3f0d70de0b74cdf2807598077ba43c0623be5fea6d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/scope-manager" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "description": "Types for the TypeScript-ESTree AST spec", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/types@4.33.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ccaa7b0a34332d02265c4a4bb76054c35b6f38c3df3684c07dbf25e757af8586ce104cdd5b240d98759618f47a8702890c08bed555d20669e12fd9325534ceb9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "visitor-keys", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "description": "Visitor keys used to help traverse the TypeScript-ESTree AST", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/visitor-keys@4.33.0#packages/visitor-keys", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/visitor-keys", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "baa8bfd9a4b3f60d9fb5c1d67fcb8b3c903bd2b52feb2b8c5b9068870f9bc1cbb36b14081da285642286a065c8adcf6f913277fb4b7133bdcad07ab7779c2022" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "typescript-estree", + "group": "@typescript-eslint", + "version": "4.33.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "description": "A parser that converts TypeScript source code into an ESTree compatible form", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/%40typescript-eslint/typescript-estree@4.33.0#packages/typescript-estree", + "externalReferences": [ + { + "url": "git+https://github.com/typescript-eslint/typescript-eslint.git#packages/typescript-estree", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/typescript-eslint/typescript-eslint/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.33.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae459163530f1738f09c4547b3119e983ceaa9d770d906d32652023c3f69f48f4b7ec3bc7dd99f40f397dee29f51a1910c525b7ebb66fec5e155737813e6f308" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/@typescript-eslint/typescript-estree" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@typescript-eslint/experimental-utils/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "tsutils@3.21.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsutils/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "@babel/highlight@7.24.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "@babel/highlight@7.24.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/highlight/node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.20.2", + "bom-ref": "globals@13.24.0|type-fest@0.20.2", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.20.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "35ef9e138af4fe25a7a40c43f39db3dc0f8dd01b7944dfff36327045dd95147126af2c317f9bec66587847a962c65e81fb0cfff1dfa669348090dd452242372d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/globals/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-levenshtein", + "version": "2.0.6", + "bom-ref": "optionator@0.9.3|fast-levenshtein@2.0.6", + "author": "Ramesh Nair", + "description": "Efficient implementation of Levenshtein algorithm with locale-specific collator support.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-levenshtein@2.0.6", + "externalReferences": [ + { + "url": "git+https://github.com/hiddentao/fast-levenshtein.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/hiddentao/fast-levenshtein/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0c25eee887e1a9c92ced364a6371f1a77cbaaa9858e522599ab58c0eb29c11148e5d641d32153d220fcf62bcf2c3fba5f63388ca1d0de0cd2d6c2e61a1d83c77" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/optionator/node_modules/fast-levenshtein" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "eslint-plugin-node@11.1.0|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-node/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-utils", + "version": "2.1.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "author": "Toru Nagashima", + "description": "Utilities for ESLint plugins.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-utils@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/mysticatea/eslint-utils.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mysticatea/eslint-utils/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c3de1d418a1abb2be50dce375e7181f2553766def5def342860b78116c215c03f65e406f9dd7f117402022a28e39ab233c83f38fd26a8309306c2603d3f57766" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-utils" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-plugin-es/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-plugin-unicorn", + "version": "36.0.0", + "bom-ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "author": "Sindre Sorhus", + "description": "Various awesome ESLint rules", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/eslint-plugin-unicorn@36.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/eslint-plugin-unicorn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/eslint-plugin-unicorn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-plugin-unicorn/-/eslint-plugin-unicorn-36.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c71376bd272d1969c35ba68b1259bf2ca23072b9a4ea676211c5b9e54bf992b72b55c20549632612073f870a5e9987d969c299e67a4511118dcf869386ca7500" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/eslint-plugin-unicorn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif/node_modules/ci-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/clean-regexp/node_modules/escape-string-regexp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-template-visitor/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "2.1.0", + "bom-ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@2.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2b4a6441cd7803cc8b03ea619d2607afce07b3239df809eaf92ffbf2317d241f34ff8e2078de346177d61494c1982d0cb6ce9acd9a84fca9ab021ad63e41a2b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/eslint-parser@7.24.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/eslint-parser/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-scope", + "version": "5.1.1", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "description": "ECMAScript scope analyzer for ESLint", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/eslint-scope@5.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-scope.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/eslint/eslint-scope", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-scope/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d8dc706c5fe16742a97a960dd1c35ba3e14de97a0aec6687950860c7f848665e956b46c5e3945038ec212c8cbc9500dbb8289a7522c20671f608562aba2b796f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/eslint-scope" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "estraverse", + "version": "4.3.0", + "bom-ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0", + "description": "ECMAScript JS AST traversal functions", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/estraverse@4.3.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/estools/estraverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/estools/estraverse", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/estools/estraverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dfd9e729f7d6cfcc4dd4153fd9cefd9fd9c1f470f3a349e2614ab1eb1caa527ca8027432c96a4e4dd6447a209c87c041bb9d79b78c29f599a055f5619fd101a7" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@nicolo-ribaudo/eslint-scope-5-internals/node_modules/estraverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/find-up" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/locate-path" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-locate" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/p-limit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.8.1", + "bom-ref": "read-pkg-up@7.0.1|type-fest@0.8.1", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e1d6f3233aaf8ed822339af0d64e6b107b4100d2a676e7611b20446a3374d5f13285a00886ca0a372eb2efe20df7721fa45b7063d8aa8bb903fb1c0a850b0d24" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg-up/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ajv", + "version": "6.12.6", + "bom-ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "author": "Evgeny Poberezkin", + "description": "Another JSON Schema Validator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ajv@6.12.6", + "externalReferences": [ + { + "url": "git+https://github.com/ajv-validator/ajv.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/ajv-validator/ajv", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ajv-validator/ajv/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8f77d52e0bd3a39dbb6a7c98c893864d825b1bebe79d062f1349b99a691cd532be9f1029a6408b3082f4699e1d6e55423681928619be933138654ca4068320e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/ajv" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json-schema-traverse", + "version": "0.4.1", + "bom-ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "author": "Evgeny Poberezkin", + "description": "Traverse JSON Schema passing each schema object to callback", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json-schema-traverse@0.4.1", + "externalReferences": [ + { + "url": "git+https://github.com/epoberezkin/json-schema-traverse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/epoberezkin/json-schema-traverse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c5b6c21f9742614e53f0b704861ba1ec727cf075ee5b7aac237634cce64529f6441dca5688753f271ce4eb6f41aec69bfe63221d0b62f7030ffbce3944f7b756" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@eslint/eslintrc/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "normalize-package-data", + "version": "2.5.0", + "bom-ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "author": "Meryn Stol", + "description": "Normalizes data that can be found in package.json files.", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/normalize-package-data@2.5.0", + "externalReferences": [ + { + "url": "git://github.com/npm/normalize-package-data.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/normalize-package-data#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/normalize-package-data/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ff908c3774f44785d38f80dc19a7b1a3eae8652752156ff400e39344eae3c73086d70ad65c4b066d129ebe39482fe643138b19949af9103e185b4caa9a42be78" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/normalize-package-data" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "hosted-git-info", + "version": "2.8.9", + "bom-ref": "read-pkg@5.2.0|hosted-git-info@2.8.9", + "author": "Rebecca Turner", + "description": "Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/hosted-git-info@2.8.9", + "externalReferences": [ + { + "url": "git+https://github.com/npm/hosted-git-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/hosted-git-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/hosted-git-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9b120301bf4bb26e83a0e27bc47fb9f97e32d4b53fe078b9d0bf42e6c22cc0adc9cd42d2e1bc24d45be374182f611e1bcd3e2db944220b5e451367f91db2ef63" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/hosted-git-info" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "5.7.2", + "bom-ref": "read-pkg@5.2.0|semver@5.7.2", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@5.7.2", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "701ce79d0f4a8c9a94ebb079d91302eb908c6ab2b6eb4d161676e471a8b05aadf1cbfe61685265b21827a63a2f31527e1df7f8f5df06127d1bf3b0b9a43435d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/semver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "type-fest", + "version": "0.6.0", + "bom-ref": "read-pkg@5.2.0|type-fest@0.6.0", + "author": "Sindre Sorhus", + "description": "A collection of essential TypeScript types", + "licenses": [ + { + "expression": "(MIT OR CC0-1.0)" + } + ], + "purl": "pkg:npm/type-fest@0.6.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/type-fest.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/type-fest/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "abe301f27611d4a0cbae0af81b9c9e99fb69302eff40ba959dd06610476ace6363e5d70538ee0ea3caa5c1913750b4f7f998a6d45f0aab87019e290d86508c96" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/read-pkg/node_modules/type-fest" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsesc", + "version": "0.5.0", + "bom-ref": "regjsparser@0.10.0|jsesc@0.5.0", + "author": "Mathias Bynens", + "description": "A JavaScript library for escaping JavaScript strings while generating the shortest possible valid output.", + "licenses": [ + { + "license": { + "id": "MIT", + "url": "http://mths.be/mit" + } + } + ], + "purl": "pkg:npm/jsesc@0.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/jsesc.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://mths.be/jsesc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/jsesc/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b99cf952707bbb84fd2efc2616a5e28bba594a8b9a44fa2b1ace70868d48a7b54ed30c5a9c5bc12fb1a433a7531e5817fa384102945eb5a5a99c369b39e4dc9c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/regjsparser/node_modules/jsesc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "body-parser@1.20.2|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "body-parser@1.20.2|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/body-parser/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "finalhandler@1.2.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "finalhandler@1.2.0|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/finalhandler/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "2.6.9", + "bom-ref": "send@0.18.0|debug@2.6.9", + "author": "TJ Holowaychuk", + "description": "small debugging utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@2.6.9", + "externalReferences": [ + { + "url": "git://github.com/visionmedia/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/visionmedia/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/visionmedia/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6c2ec496b7496899cf6c03fed44a2d62fa99b1bdde725e708ba05f8ba0494d470da30a7a72fb298348d7ce74532838e6fc4ec076014155e00f54c35c286b0730" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "1.3.1", + "bom-ref": "global-prefix@1.0.2|which@1.3.1", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@1.3.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1f125d616ab53132106c9de7c3472ab2c1e84cd536ebb2a5ac3b866755989710d2b54b4a52139a266875d76fd36661f1c547ee26a3d748e9bbb43c9ab3439221" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/global-prefix/node_modules/which" + } + ] + }, + { + "type": "library", + "name": "rxjs", + "version": "7.8.1", + "bom-ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "author": "Ben Lesh", + "description": "Reactive Extensions for modern JavaScript", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/rxjs@7.8.1", + "externalReferences": [ + { + "url": "git+https://github.com/reactivex/rxjs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://rxjs.dev", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/ReactiveX/RxJS/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "000dd3563fb40368ae2284245842bfb6a16306ada3fba3cee98d3325cbf32c016110520edc72f4be5b3d8562e77196c001b2b499aafba19e15d3bf48fea3ccc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/inquirer-file-tree-selection-prompt/node_modules/rxjs" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "figures@3.2.0|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/figures/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "tmp", + "version": "0.0.33", + "bom-ref": "external-editor@3.1.0|tmp@0.0.33", + "author": "KARASZI István", + "description": "Temporary file and directory creator", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/tmp@0.0.33", + "externalReferences": [ + { + "url": "git+https://github.com/raszi/node-tmp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://github.com/raszi/node-tmp", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/raszi/node-tmp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8d10899688ca9d9dda75db533a3748aa846e3c4281bcd5dc198ab33bacd6657f0a7ca1299c66398df820250dc48cabaef03e1b251af4cbe7182459986c89971b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/external-editor/node_modules/tmp" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "rxjs@6.6.7|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/rxjs/node_modules/tslib" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "@jest/core@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@jest/core/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "ci-info", + "version": "3.9.0", + "bom-ref": "jest-config@29.7.0|ci-info@3.9.0", + "author": "Thomas Watson Steen", + "description": "Get details about the current Continuous Integration environment", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ci-info@3.9.0", + "externalReferences": [ + { + "url": "git+https://github.com/watson/ci-info.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/watson/ci-info", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/watson/ci-info/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "348c45e7986fe274aa42cc2401e88e8b5afcdf1cbc26574e1434d68ae839e4a06ef499db96771dd94e958879988077f4d533d94bbecd24184130a7568fd1d031" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-config/node_modules/ci-info" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "jest-validate@29.7.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jest-validate/node_modules/camelcase" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/pkg-dir/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "resolve-cwd@3.0.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/resolve-cwd/node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "chalk", + "version": "2.4.2", + "bom-ref": "json-colorizer@2.2.2|chalk@2.4.2", + "description": "Terminal string styling done right", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/chalk@2.4.2", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/chalk.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/chalk#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/chalk/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "32d8be7fd96924d730178b5657cfcead34ed1758198be7fc16a97201da2eada95c156150585dbe3600874a18e409bf881412eaf5bb99c04d71724414e29792b9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/chalk" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "3.2.1", + "bom-ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "553d1923a91945d4e1f18c89c3748c6d89bfbbe36a7ec03112958ed0f7fdb2af3f7bde16c713a93cac7d151d459720ad3950cd390fbc9ed96a17189173eaf9a8" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/ansi-styles" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "json-colorizer@2.2.2|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "escape-string-regexp", + "version": "1.0.5", + "bom-ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "author": "Sindre Sorhus", + "description": "Escape RegExp special characters", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/escape-string-regexp@1.0.5", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/escape-string-regexp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/escape-string-regexp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdb468ac1e455105af95ad7a53c47faa06852326b6a86cf00eb366099b982ab6dd494306e88d5908641179f911561b8e9081959deec1437e4349fa35aaf26a16" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/escape-string-regexp" + } + ] + }, + { + "type": "library", + "name": "supports-color", + "version": "5.5.0", + "bom-ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "author": "Sindre Sorhus", + "description": "Detect whether a terminal supports color", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/supports-color@5.5.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/supports-color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/supports-color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/supports-color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "423563c1d5c8b78d3c308880a825f8a142ac814d84a801b3b363e9926e1a4186e39be644584716e127c5353af8b8c35999ad1ecb87f99602eb901d1a5f440ca3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/supports-color" + } + ] + }, + { + "type": "library", + "name": "has-flag", + "version": "3.0.0", + "bom-ref": "json-colorizer@2.2.2|has-flag@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if argv has a specific flag", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/has-flag@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/has-flag.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/has-flag/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0a25fd7e71e401af848c92f427043343b5fe135e95615466ad7aed2df75f1b977d059db1369b8bcd2d7f9559efdda6395bf87ba0198cd6eee4171fdf073c463" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/json-colorizer/node_modules/has-flag" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.2.0", + "bom-ref": "markdown-diff@2.0.0|diff@5.2.0", + "description": "A JavaScript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.2.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b88143c6aa5164667a4e13a4f388447ea5a81f1d9d7af445be94d97131eeafce6f2267dac546d35bd4728780a90ae0e74e838fd4212d5ca220cad1c13d57dfe4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/markdown-diff/node_modules/diff" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "5.0.0", + "bom-ref": "mocha@10.4.0|diff@5.0.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@5.0.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "fd54c2aef9b9674246b72fc158796387e0408b0dc82beda3f3b34632ef0dc1cfdfe3c5a80c00b7f79ba898ef590f5d7b64e05a1e6917d68c8bbe454cfda213df" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "glob", + "version": "8.1.0", + "bom-ref": "mocha@10.4.0|glob@8.1.0", + "author": "Isaac Z. Schlueter", + "description": "a little globber", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/glob@8.1.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-glob.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-glob#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-glob/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afc869123890118945d9053475fddd4be9f1c5222b797412d6a461309334439343751dfce82ee36fb1f0c2877c1608ae7b1fa4d0616381fb75f32bf19b95e809" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/glob" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "5.0.1", + "bom-ref": "mocha@10.4.0|minimatch@5.0.1", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@5.0.1", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9cb0f12054728436e5cf7a8cbaaf92a116440f8fa6889fc6fad743ae39249119e302c05ec5e1a98232c44346e5272eeb1e14766fddeb8506384afc96bbdbf4de" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/minimatch" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "log-symbols", + "version": "4.1.0", + "bom-ref": "mocha@10.4.0|log-symbols@4.1.0", + "author": "Sindre Sorhus", + "description": "Colored symbols for various log levels. Example: `✔︎ Success`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/log-symbols@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/log-symbols.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/log-symbols/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f173efa4003cbb285fb5ebbca48bd0c69259ed2618769522bd9a46cbab05b01b8a458ffbad019abde75e07c68af99932ababa930554bffd016eaf398cdf4722e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/log-symbols" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yargs", + "version": "16.2.0", + "bom-ref": "mocha@10.4.0|yargs@16.2.0", + "description": "yargs the modern, pirate-themed, successor to optimist.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yargs@16.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://yargs.js.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0f59afbed0c6d0be5fb7f8c65a42e91b5fa6d1e43139f681bd33442eb6968f6db049550c5b1654bd880961c2a1ea3186224245847e0864f4214784caa5cf2607" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/yargs" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cliui", + "version": "7.0.4", + "bom-ref": "mocha@10.4.0|cliui@7.0.4", + "author": "Ben Coe", + "description": "easily create complex multi-column command-line-interfaces", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cliui@7.0.4", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/cliui.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/cliui#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/cliui/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "39c444ebc70eb15317a7562fa2797f7f39103b28cb4aeffc6e13c37d0b747b4fc46f6f374ca3f6d05b3632aa0fb2bf52c00e7de6b44203e40ccd873d9c13fe25" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/mocha/node_modules/cliui" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "camelcase", + "version": "6.3.0", + "bom-ref": "yargs-unparser@2.0.0|camelcase@6.3.0", + "author": "Sindre Sorhus", + "description": "Convert a dash/dot/underscore/space separated string to camelCase or PascalCase: `foo-bar` → `fooBar`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/camelcase@6.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/camelcase.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/camelcase/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1a6cba161625098eee3849595126f1a365020c7f28c0493df7a8246eba6c806b6b24b33727b8c6c65f4873b430c23e22bce13901665644c79c0dd17b86a1a314" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/yargs-unparser/node_modules/camelcase" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.1", + "bom-ref": "oclif@4.13.0|@oclif/core@4.0.1", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "03e98e3a3b39fa2bf5314ac8c18b1d7a4c2116f8cd3d66264be3af77a66c3e83fc5c06ba60273b3ffa26b646c6578a237e3e39a76841a5d9c5520fa53b1a98d0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "debug", + "version": "4.3.5", + "bom-ref": "oclif@4.13.0|debug@4.3.5", + "author": "Josh Junon", + "description": "Lightweight debugging utility for Node.js and the browser", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/debug@4.3.5", + "externalReferences": [ + { + "url": "git://github.com/debug-js/debug.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/debug-js/debug#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/debug-js/debug/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/debug/-/debug-4.3.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a6dd1b3449a778322f74bd57b1df680d0ff0ad04645c34f80145a535934f2af5b9c7f8f23bd5455e42543f4eef436ba99b0e4f95a21368f29cdf58cad7757e8e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/debug" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "oclif@4.13.0|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0690fc7e56332d980e8c5f6ee80381411442c50996784b85ea7863970afebcb53fa36f7be4fd1c9a2963f43d32b25ad98b48cd1bf9a7544c4bdbb353c4687db" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/ms" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-extra", + "version": "8.1.0", + "bom-ref": "oclif@4.13.0|fs-extra@8.1.0", + "author": "JP Richardson", + "description": "fs-extra contains methods that aren't included in the vanilla Node.js fs package. Such as mkdir -p, cp -r, and rm -rf.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fs-extra@8.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/jprichardson/node-fs-extra.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-fs-extra/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ca1950800ea69ce25428eb11505b2025d402be42a1733f2d9591b91c141f45e619cb8e8ec0b718f9989ad26b5d1ec3a8f72fe13fe0b130dd1353d431a0eb46e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/fs-extra" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "jsonfile", + "version": "4.0.0", + "bom-ref": "oclif@4.13.0|jsonfile@4.0.0", + "author": "JP Richardson", + "description": "Easily read/write JSON files.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/jsonfile@4.0.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/jprichardson/node-jsonfile.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jprichardson/node-jsonfile/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ba175477cfc8e395fda29901d2d907b3e6c8ca590cdbbae86e27f14a605459bcf1373ee1dc48c559cdfb0b84654e91f776d286cbe5258405ec394a196ab8dc6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/jsonfile" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "universalify", + "version": "0.1.2", + "bom-ref": "oclif@4.13.0|universalify@0.1.2", + "author": "Ryan Zimmerman", + "description": "Make a callback- or promise-based function support both promises and callbacks.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/universalify@0.1.2", + "externalReferences": [ + { + "url": "git+https://github.com/RyanZim/universalify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/RyanZim/universalify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/RyanZim/universalify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac125e2390970259b2d6957eeb5ed607d27add4e9771acc71c5d9fd9d6c98b1e17ce9505d114b765b8f414620e080bdae4ffddfc604e61a002435c3ed1acd492" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/oclif/node_modules/universalify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.575.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "602b2d55a5b9b40bd7b3ebf82d1f603403be55184839b8e4d7f92709d550e504114debed550b5d25678dac3658a38013a343871b2a860a3e59d3d4d632ff9ed5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.575.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f0cad3e09d9d462b247f42453062f954d06a3ef73a8a035adb5f0b1812731d798bb26d567c60869dc7bce11ed4d944abf283ce7a7bb45f34822ef310c996c659" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.575.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d75ed4fa44248b65e829c6107dea6695170dc67eab10b1a538538143c6762530571181db956da47b4ebb6b408b9b1170a7fcc25ae73b2068ddde29f7c78437ae" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.575.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ac474da6a5b68c47399306dffecf57432c0c2d094890c8ee08aea6c3db05d8e5511871959e1fba7a1ff5245c7c2a3f9e539d5cb627d0eca6877bc746728f0761" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-host-header", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-host-header@3.575.0#packages/middleware-host-header", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-host-header", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-host-header", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-host-header/-/middleware-host-header-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5765a82c1897342738ac8599b7a15470fe13374564d3603d3cf0815a44dfc8ea288aa7eaf96666663451069c25d7ee54b2f011b25aca585d15ce178c4573c92d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-host-header" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-logger", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-logger@3.575.0#packages/middleware-logger", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-logger", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-logger", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-logger/-/middleware-logger-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ec310ac7d675d4c69ac9eec57e162d0bcae36ccfcf70570c3b637840401fca97205828fec3882c784d8e19d7c01fd3850e815ce98bcba79defd7abdb3e3cd04a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-logger" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-recursion-detection", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-recursion-detection@3.575.0#packages/middleware-recursion-detection", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-recursion-detection", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-recursion-detection", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ae2f3d95d445a2ce8a64319a92758f4b65cf3bdaabfa067bfa63daa14f189123355b8b8aaad9d448e37273e3b7085189aea45eb861e146ad25d9295dd1b8f03b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-recursion-detection" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.575.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7d696be117eb50d4b64773e03fe5aca0c60e44082fff8ecba742747dbddd5ced58bdd73335675d45b152517d8c43133fcbd5c57d03cba4b83396e8682f70a37a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "region-config-resolver", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/region-config-resolver@3.575.0#packages/region-config-resolver", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/region-config-resolver", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/awslabs/smithy-typescript/tree/main/packages/region-config-resolver", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/region-config-resolver/-/region-config-resolver-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b0124ac1358a096bbdcbc1735c88a3606c242abded0e43d733b072953a1ee96fad1a4a783a2ad5e225eb580f7345e3704d37a9a311ee7e87ea8c62bd06d708f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/region-config-resolver" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "types", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Types for the AWS SDK", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/types@3.575.0#packages/types", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/types", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/types", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5eb9e89501acd305f176036e762ad1d783a034e6ab1fb59489fdfcfb63dde289d91fe2fb5e820b7a6d04800d6d469805a70da914795908d6801c33520446a5ee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/types" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.575.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c02e71f95eb0de446547a5fa5d520db003c3606f93cecdd6b61970f982ed8ee3ce0d435921002ab000476a1c677a417202fb1efb5f76f47c28f8268bf811d918" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-browser", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-browser@3.575.0#packages/util-user-agent-browser", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-browser", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-browser", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "8800e89d7c9a5e0c2f0b84f4a91b8358274a227cfcd865f67327b3abfa2a5652fc6cf63b1c3f23c1966bbae25dab9b646898b51216cee3e7f592c66a3a264abd" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-browser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-user-agent-node", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-user-agent-node@3.575.0#packages/util-user-agent-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-user-agent-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-user-agent-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "930cef05f0342e820b0ce152e8157cb8e924b011eb62e94fea43577a00797999c348d89ae436c1b17ab143f1e49cd1796b8dbd496430d9a690244810bd907554" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/util-user-agent-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-env", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from known environment variables", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-env@3.575.0#packages/credential-provider-env", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-env", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-env", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "613829ab7aef6015f35ba3930c1d34704efd7af42db2cfe5cf61a525782aa955c3d26ee2efb84603ccdbe3855ebcffd6c6d0da8925bb4928eebbc542046b20e2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-env" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.575.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c507d599823ef4aa91be1598f1fc84967a5c5540415208bf1e88e2de853a58bad48eb5fdf24f771deee0283412c877fbca430b5002585b0b15e008d0da3ea78c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.575.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "05d33a6bfe5552e3607b773ac91bb1bcefb8b2b2e849fa877e44067d40df8537532699639697e773d877cf6362d7e6ae78e1cf64c34558892d1c3717e7050606" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-process", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credential_process from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-process@3.575.0#packages/credential-provider-process", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-process", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-process", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dbfe4d255ecc672b0a825a89490fcef0e10b35cc0b707df192769b2fd35a82dcc1ed1341da9d405174745254decbdb120cb2f8a0298d6bffae9d8ba0956fc086" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-process" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.575.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "36d5c0f4e3c82aca9abecd85ee184b4ffb766438f026cbd07af8f7d68bf536999335831cece585583a6d386eeba69b1632c93928a99f88bdaa5624099decd734" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-web-identity", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that calls STS assumeRole for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-web-identity@3.575.0#packages/credential-provider-web-identity", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-web-identity", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-web-identity", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41cbd51fbc29be91515c600680205f41e885fe9b43d0d27e1eb73c74361f3c6845799d04a1540160da612e2db9c5eec967e5db6aa08aad444766daf87c010e27" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/credential-provider-web-identity" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.575.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a5156a40b64b43dd7072e3b7ad1bcd062972bd2e1dec3423172e3712b34352d1f751210252db32b10bca8adb651099d14aa57c6d84d0f914a93b7cd12aad1fa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "token-providers", + "group": "@aws-sdk", + "version": "3.575.0", + "bom-ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "author": "AWS SDK for JavaScript Team", + "description": "A collection of token providers", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/token-providers@3.575.0#packages/token-providers", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/token-providers", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/token-providers", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.575.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "10f3433d0a109232aa9f80f6b7bd2a5736df76d95a032f4a05d1b9f2a0f5c8d595c6af1187f957770981f9a1363d26a1b727d58a465d091a19885cf10e1e4850" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-cloudfront/node_modules/@aws-sdk/token-providers" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso-oidc", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso-oidc@3.583.0#clients/client-sso-oidc", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso-oidc", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso-oidc", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "2cedf09ab1573e2da4344e3a943d570137d1aef74dc577780e54c5a2ea169abee5beaa1491c6e6b64576aff5c2859036cf41e20daba9842d5ef1bf2568955e4a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso-oidc" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sts", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sts Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sts@3.583.0#clients/client-sts", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sts", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sts", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c4333189e98f0d6afd758d90e00ca2c6446793f86f4ba7ece8e5b1b950b3d563b8ed885a01f3ac10602040c8032cb68e7e3fe82d4e43d78b9334110f1a1e2b04" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sts" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "Core functions & classes shared by multiple AWS SDK clients", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/core@3.582.0#packages/core", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/core", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a1f983f7a21073d83575bcaa942cb1bb97c21bb90897da75368379faf1815322dd6e63c25773dd83df6744760426ebf63201b1e405051833cc1dca9b2699d923" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-node", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from a Node.JS environment. ", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-node@3.583.0#packages/credential-provider-node", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-node", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c81372a415e7cbbcc91fce52cf10e3f2cd666cb5eff5cfd56ead2a4774773ce8f689d67acb007faa52110b55f006ebf8f56be0f24035c0a5e4dcade3ae971523" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "middleware-user-agent", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "author": "AWS SDK for JavaScript Team", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/middleware-user-agent@3.583.0#packages/middleware-user-agent", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/middleware-user-agent", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/middleware-user-agent", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "c553575d70d6bc1548fc0795b52740f5256e9aac6265a11293f269527f463249ad4ca7ed7abd02c1e6a9fb5890f63f1b4403b4bcd8662246dcbdd0754b859553" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-user-agent" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "util-endpoints", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "Utilities to help with endpoint resolution", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/util-endpoints@3.583.0#packages/util-endpoints", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/util-endpoints", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/util-endpoints", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/util-endpoints/-/util-endpoints-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "642f666f68eae811573d8b14b03dad99872796677ef4f18dc2714d9fc8e4e1a6e76b9263936c0392737cd726e4b66051e6db4df56f2e82692db8ab6f00c20309" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/util-endpoints" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-http", + "group": "@aws-sdk", + "version": "3.582.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider for containers and HTTP sources", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-http@3.582.0#packages/credential-provider-http", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-http", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-http", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.582.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9063942b0e6bc8f90321807af4f8cadd289c54b4db581d3aa2e14dd96d44bea509a644063c0506cd872898ab6dde625a0937ffd647e8687c0044097a28a48ff1" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-http" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-ini", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that sources credentials from ~/.aws/credentials and ~/.aws/config", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-ini@3.583.0#packages/credential-provider-ini", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-ini", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/packages/credential-provider-ini", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f08d2858d83fca9b3a72d8e111e2ffa89f4121affec573fb44f0d0a85299db306459b98b2cea0c59746f97cb8a5010faa827be0c699cbbdb247d55de5d27ac11" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-ini" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "credential-provider-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS credential provider that exchanges a resolved SSO login token file for temporary AWS credentials", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/credential-provider-sso@3.583.0#packages/credential-provider-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#packages/credential-provider-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/master/packages/credential-provider-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "1bfd44bcbf6d05ecd2894fb4ead1b82bf90ebc57cf8e785e4f82525ea8cf33bfaf8cace0a768f1a7527d30c77af73b388d55a89fddf6ccc786823ac2a65ccc12" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "client-sso", + "group": "@aws-sdk", + "version": "3.583.0", + "bom-ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "author": "AWS SDK for JavaScript Team", + "description": "AWS SDK for JavaScript Sso Client for Node.js, Browser and React Native", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40aws-sdk/client-sso@3.583.0#clients/client-sso", + "externalReferences": [ + { + "url": "git+https://github.com/aws/aws-sdk-js-v3.git#clients/client-sso", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\" and \"repository.directory\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-sso", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/aws/aws-sdk-js-v3/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.583.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14d276326881b596708248f8f862d5af3ab0983e83f05069b6b15993b3e71a449feefd50f2dc58348ea063ddfc4518582789415b870d6e13ef5a80f1025f741f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/sha1-browser/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fast-xml-parser", + "version": "4.2.5", + "bom-ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "author": "Amit Gupta", + "description": "Validate XML, Parse XML, Build XML without C/C++ based libraries", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/fast-xml-parser@4.2.5", + "externalReferences": [ + { + "url": "git+https://github.com/NaturalIntelligence/fast-xml-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/NaturalIntelligence/fast-xml-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "07dff08b31385a782a41fb453e675a318957a09949398c4640e6a70bbedfabd93cf99d2fe5d0d2561fb782512b74844e3fffecfe381bed9bb129f07c9d5ca8d2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-sdk/core/node_modules/fast-xml-parser" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "tslib", + "version": "1.14.1", + "bom-ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1", + "author": "Microsoft Corp.", + "description": "Runtime library for TypeScript helper functions", + "licenses": [ + { + "license": { + "id": "0BSD" + } + } + ], + "purl": "pkg:npm/tslib@1.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/Microsoft/tslib.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://www.typescriptlang.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Microsoft/TypeScript/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "5e78b7e4d2b38e032bc1ebf2b074c202bb4b0e93efc9ef3357fd04e04c989f8dcfeffeeabd0c0f87d0469077b06ccba5567b5b8a099c4fbadd5f704da3dc1126" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@aws-crypto/crc32c/node_modules/tslib" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "cli-width", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|cli-width@4.1.0", + "author": "Ilya Radchenko", + "description": "Get stdout window width, with two fallbacks, tty and then a default.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/cli-width@4.1.0", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/knownasilya/cli-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/knownasilya/cli-width", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/knownasilya/cli-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/cli-width/-/cli-width-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a2eb99778fdd9b64b0e469aacba6c6c8d34d7b5aadf51a66c6f78b48eeca720b139d4ed15dfb30fbf6ee9161a8d5a6e006230089cd3af2b72566c3b82169a6c5" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/cli-width" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mute-stream", + "version": "1.0.0", + "bom-ref": "@inquirer/core@8.2.2|mute-stream@1.0.0", + "author": "GitHub Inc.", + "description": "Bytes go in, but they don't come out (when muted).", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/mute-stream@1.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/npm/mute-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/mute-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/mute-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mute-stream/-/mute-stream-1.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6afb09421c9dfbaf3480a5f21bfb107349d7682eab0643ce7f21d87056fdfa1764a90911f5b767909d003198647b4a1eb0fa883be985149f8874173b9acb7820" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/mute-stream" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "signal-exit", + "version": "4.1.0", + "bom-ref": "@inquirer/core@8.2.2|signal-exit@4.1.0", + "author": "Ben Coe", + "description": "when you want to fire an event no matter how a process exits.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/signal-exit@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/tapjs/signal-exit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/tapjs/signal-exit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/tapjs/signal-exit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "6f3c99d5ef3cc3d3b588d25b2a73a5bd84eb58f0e5e3a3b56c6d03dd7227bfef6d90faf1acdf235144e21650e4926296827d4ce827c8035dd2b86a8e6bd2a8af" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/signal-exit" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "wrap-ansi", + "version": "6.2.0", + "bom-ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "author": "Sindre Sorhus", + "description": "Wordwrap a string with ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/wrap-ansi@6.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/wrap-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/wrap-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "afa94f7011b1657948732984bbb227c43321756d0a0f1a4b82814b720b9ab3109a27f48e219c0835ab4af4a63fb5ff99ae5cb038a5345038f70135d405fc495c" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@inquirer/core/node_modules/wrap-ansi" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "core", + "group": "@oclif", + "version": "4.0.0-beta.15", + "bom-ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "author": "Salesforce", + "description": "base library for oclif CLIs", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40oclif/core@4.0.0-beta.15", + "externalReferences": [ + { + "url": "git+https://github.com/oclif/core.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/oclif/core", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/oclif/core/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@oclif/core/-/core-4.0.0-beta.15.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a66b5993c211e31a8fae5994a6365c83f7712363ad317a5911177dae63d41ac4bd7ad6bb80504a1545eac5f2f9132ff48cbf2c266b1b987b120039a5d27b4c3a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-not-found/node_modules/@oclif/core" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mimic-response", + "version": "3.1.0", + "bom-ref": "decompress-response@6.0.0|mimic-response@3.1.0", + "author": "Sindre Sorhus", + "description": "Mimic a Node.js HTTP response stream", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mimic-response@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/mimic-response.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/mimic-response/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "cf4c9623ee050ebaf0792f199ade048f91dd266932d79f8bd9ee96827dfe88ae5f5b36fa4f77e1345ab6f8c79345bd3ae1ce96af837fc2fd03cd04e33731cd19" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/decompress-response/node_modules/mimic-response" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "detect-newline", + "version": "4.0.1", + "bom-ref": "sort-package-json@2.10.0|detect-newline@4.0.1", + "author": "Sindre Sorhus", + "description": "Detect the dominant newline character of a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/detect-newline@4.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/detect-newline.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/detect-newline/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/detect-newline/-/detect-newline-4.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a84dd57a0d585f3187421940ea3cde6d9376a957fa357f80ee6eea9610861b7d1d262c6b0108583ac263b270632640929ae38fa42937d35e397ebf055746f3a2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/detect-newline" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "globby", + "version": "13.2.2", + "bom-ref": "sort-package-json@2.10.0|globby@13.2.2", + "author": "Sindre Sorhus", + "description": "User-friendly glob matching", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/globby@13.2.2", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/globby.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/globby#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/globby/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/globby/-/globby-13.2.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "635ccd195fa9cd0761ec7dfd97dce00783c9aa344dab276f7580831b81c55cce17baf49a41094473dd48535c802cbf205130e89a00407f3dd725d9944bea28d3" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/globby" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "slash", + "version": "4.0.0", + "bom-ref": "sort-package-json@2.10.0|slash@4.0.0", + "author": "Sindre Sorhus", + "description": "Convert Windows backslash paths to slash paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/slash@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/slash.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/slash#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/slash/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/slash/-/slash-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ddd3ac0075d7524413a4e61ca00c4b228acc4e9e20210af9216de255bec0ee5148a74547867ca79bd8b3c7a4ecb1dac87152044809558ed9ced8af1b83e0a87b" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/slash" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-plain-obj", + "version": "4.1.0", + "bom-ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "author": "Sindre Sorhus", + "description": "Check if a value is a plain object", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-plain-obj@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-plain-obj.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-plain-obj/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f8f822faf32e50d909c84c62301b792251683322a7af9ce127852ca73e7c58e841179428219905c8d1c86c102d1f0cd502093946d9dd54db0344deb5fe6983aa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/sort-package-json/node_modules/is-plain-obj" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "is-wsl", + "version": "3.1.0", + "bom-ref": "open@10.1.0|is-wsl@3.1.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside Windows Subsystem for Linux (Bash on Windows)", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-wsl@3.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-wsl.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-wsl/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-wsl/-/is-wsl-3.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "51c55f55f68ae127389bb5f77544a81e8a3340604415e0c2fb3568d3ab7df317bc0b31d265905e90d5c7fadbb435a947a25709fd0006a92e3a1de7fb41704833" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/open/node_modules/is-wsl" + } + ] + }, + { + "type": "library", + "name": "is-docker", + "version": "3.0.0", + "bom-ref": "is-inside-container@1.0.0|is-docker@3.0.0", + "author": "Sindre Sorhus", + "description": "Check if the process is running inside a Docker container", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/is-docker@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/is-docker.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/is-docker/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/is-docker/-/is-docker-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7a58dc8040e5127b3fec05c5a2c0792bfda708ce0fec540f90673f0d62f2e6b985116bd96b21ab8a4d5df7f4086399c9e1ff58b15bc1900ea42691e7f6b21275" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/is-inside-container/node_modules/is-docker" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "5.2.0", + "bom-ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@5.2.0", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0ee46cd6029b06ab0c288665adf7f096e83c30791c9e98ece553e62f53c087e980df45340d3a2d7c3674776514b17a4f98f98c309e96efbdcc680dc9fa56e258" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/strip-ansi" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "4.1.1", + "bom-ref": "prompt-sync@4.2.0|ansi-regex@4.1.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@4.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "20b96fe24ff77fabdf4383a83f6006be2ace92d950f7c6442f593d15a423c5adcbd5a6c181bb930c074f3a9bdb1a7702d014d542b97e38cf316462bab565edee" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/prompt-sync/node_modules/ansi-regex" + } + ] + }, + { + "type": "library", + "name": "yargs-parser", + "version": "21.1.1", + "bom-ref": "ts-jest@29.1.4|yargs-parser@21.1.1", + "author": "Ben Coe", + "description": "the mighty option parser used by yargs", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/yargs-parser@21.1.1", + "externalReferences": [ + { + "url": "git+https://github.com/yargs/yargs-parser.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/yargs/yargs-parser#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/yargs/yargs-parser/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b55a6c256ec376379c0221696c80757b7ab1210b04e8da0f739fde4ddadb6c80b88742d5b16867a1ade0fa6d87725048ba31f3b31678549540f8652e736fcb07" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-jest/node_modules/yargs-parser" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@babel/helper-compilation-targets/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "find-up", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "author": "Sindre Sorhus", + "description": "Find a file or directory by walking up parent directories", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/find-up@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/find-up.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/find-up#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/find-up/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "3e93b001d43f6255d0daf8fc6b787c222a43b98462df071e550406616c4d20d71cab8d009f0ec196c11708c6edd59b7e38b03a16af6cb88a48583d0eb2721297" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/find-up" + } + ] + }, + { + "type": "library", + "name": "locate-path", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "author": "Sindre Sorhus", + "description": "Get the first path that exists on disk of multiple paths", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/locate-path@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/locate-path.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/locate-path/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b7b870f6923e5afbb03495f0939cd51e9ca122ace0daa4e592524e7f4995c4649b7b7169d9589e65c76e3588da2c3a32ea9f6e1a94041961bced6a4c2a536af2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/locate-path" + } + ] + }, + { + "type": "library", + "name": "p-locate", + "version": "4.1.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "author": "Sindre Sorhus", + "description": "Get the first fulfilled promise that satisfies the provided testing function", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-locate@4.1.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-locate.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-locate/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "47bf5967fd30031286bb7a18325cfc8f2fe46e1b0dad2ed2299ecfc441c1809e7e1769ad156d9f2b670eb4187570762442c6f3155ec8f84a1129ee98b74a0aec" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-locate" + } + ] + }, + { + "type": "library", + "name": "p-limit", + "version": "2.3.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "author": "Sindre Sorhus", + "description": "Run multiple promise-returning & async functions with limited concurrency", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/p-limit@2.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/p-limit.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/p-limit/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ffff3c985592271f25c42cf07400014c92f6332581d76f9e218ecc0cbd92a8b98091e294f6ac51bd6b92c938e6dc5526a4110cb857dc90022a11a546503c5beb" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/p-limit" + } + ] + }, + { + "type": "library", + "name": "js-yaml", + "version": "3.14.1", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "author": "Vladimir Zapparov", + "description": "YAML 1.2 parser and serializer", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/js-yaml@3.14.1", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/js-yaml.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/js-yaml", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/js-yaml/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a24307ece5d727b62b37d3a4dff497ae7bb8897f723a4fb6e67a97e22992da7a6ebd36039a8fd0119a2ac199186880e4de356f04e4ce20480485a2ceca7052f6" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/js-yaml" + } + ] + }, + { + "type": "library", + "name": "argparse", + "version": "1.0.10", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "description": "Very powerful CLI arguments parser. Native port of argparse - python's options parsing library", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/argparse@1.0.10", + "externalReferences": [ + { + "url": "git+https://github.com/nodeca/argparse.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodeca/argparse#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodeca/argparse/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a39468cbab4d1b848bfc53a408037a4738e26a4652db944b605adc32db49a9b75df015ab9c0f9f1b3e7b88de4f6f4ea9bc11af979810d01e3c74996c957be84e" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/argparse" + } + ] + }, + { + "type": "library", + "name": "sprintf-js", + "version": "1.0.3", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3", + "author": "Alexandru Marasteanu", + "description": "JavaScript sprintf implementation", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/sprintf-js@1.0.3", + "externalReferences": [ + { + "url": "git+https://github.com/alexei/sprintf.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/alexei/sprintf.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/alexei/sprintf.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "0fd70f824bcb955deddc8ccbd03d182ef180f40864e0f72f57051b3747521abd5a3f436bb780049d351bb86beab840b4980eb81aab757f38ab951b3989b5f1f2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/sprintf-js" + } + ] + }, + { + "type": "library", + "name": "resolve-from", + "version": "5.0.0", + "bom-ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0", + "author": "Sindre Sorhus", + "description": "Resolve the path of a module like `require.resolve()` but from a given path", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/resolve-from@5.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/resolve-from.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/resolve-from/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a9883d28fdb8743e6a91af49e3b774695932d0df9be1f4d4f3d2cdf620e78c1e706a4b220b8f6bbcc0743eb509406a13987e745cf8aa3af0230df6a28c6c5867" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@istanbuljs/load-nyc-config/node_modules/resolve-from" + } + ] + }, + { + "type": "library", + "name": "minimatch", + "version": "3.1.2", + "bom-ref": "test-exclude@6.0.0|minimatch@3.1.2", + "author": "Isaac Z. Schlueter", + "description": "a glob matcher in javascript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minimatch@3.1.2", + "externalReferences": [ + { + "url": "git://github.com/isaacs/minimatch.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minimatch#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minimatch/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "27ba7ade1462023c35343130c355bb8b7efe07222b3963b95d0400cd9dd539c2f43cdc9bc297e657f374e73140cf043d512c84717eaddd43be2b96aa0503881f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/minimatch" + } + ] + }, + { + "type": "library", + "name": "brace-expansion", + "version": "1.1.11", + "bom-ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "author": "Julian Gruber", + "description": "Brace expansion as known from sh/bash", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/brace-expansion@1.1.11", + "externalReferences": [ + { + "url": "git://github.com/juliangruber/brace-expansion.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/juliangruber/brace-expansion/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "882b8f1c3160ac75fb1f6bc423fe71a73d3bcd21c1d344e9ba0aa1998b5598c3bae75f260ae44ca0e60595d101974835f3bb9fa3375a1e058a71815beb5a8688" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/test-exclude/node_modules/brace-expansion" + } + ] + }, + { + "type": "library", + "name": "ts-node", + "version": "7.0.1", + "bom-ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "author": "Blake Embrey", + "description": "TypeScript execution environment and REPL for node.js, with source map support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ts-node@7.0.1", + "externalReferences": [ + { + "url": "git://github.com/TypeStrong/ts-node.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/TypeStrong/ts-node/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ts-node/-/ts-node-7.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "055c156cf251b29ccd876c9fb25c93d4f49b979b88934dc46656f8f7744a1cde2a7a3fc3d3a9f570486394e246ebda05b04ece4fc5e3a5351c61fea92932cc87" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/ts-node" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "arrify", + "version": "1.0.1", + "bom-ref": "ts-mocha@10.0.0|arrify@1.0.1", + "author": "Sindre Sorhus", + "description": "Convert a value to an array", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/arrify@1.0.1", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/arrify.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/arrify#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/arrify/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc26337b1f4cf451908c218c1b28baff7d5cf0625b81bd2a1b2af1e475b13ddd1a0b0878701d988cc6f65dff54ba8a20accae53bd713aa7079ac8e461d94dc50" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/arrify" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "diff", + "version": "3.5.0", + "bom-ref": "ts-mocha@10.0.0|diff@3.5.0", + "description": "A javascript text diff implementation.", + "licenses": [ + { + "license": { + "id": "BSD-3-Clause" + } + } + ], + "purl": "pkg:npm/diff@3.5.0", + "externalReferences": [ + { + "url": "git://github.com/kpdecker/jsdiff.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kpdecker/jsdiff#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "http://github.com/kpdecker/jsdiff/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "038eaab4581dfa0ee90d98a7a67c22449b716c2d61a607f4bb33f7886f3db1c1e4d00502ec0d531b17f93a288e52ffc931947c18eb7c84bf74d215746cecb9c4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/diff" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "mkdirp", + "version": "0.5.6", + "bom-ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "author": "James Halliday", + "description": "Recursively mkdir, like `mkdir -p`", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/mkdirp@0.5.6", + "externalReferences": [ + { + "url": "git+https://github.com/substack/node-mkdirp.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/substack/node-mkdirp#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/substack/node-mkdirp/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "14ffa9f1107c396a45dd86410ab3f982d0039ad5c0a41e4030b9febddc80f8fcb10a3ac2b34d268f2528cecb0edf77300de4f7c0d19d2f127933ffd8aad1c027" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/mkdirp" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "yn", + "version": "2.0.0", + "bom-ref": "ts-mocha@10.0.0|yn@2.0.0", + "author": "Sindre Sorhus", + "description": "Parse yes/no like values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/yn@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/yn.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/yn#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/yn/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/yn/-/yn-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "b93bfc27fc225938144e0fbdbcb4e2fff95e525e6f0d04baba28bf7a67936f6b2c63bbe5e9059fd9f15b2081a39e18ef6dd2a553479ded03e063586d4c2f3a8d" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/ts-mocha/node_modules/yn" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "json5", + "version": "1.0.2", + "bom-ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "author": "Aseem Kishore", + "description": "JSON for humans.", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/json5@1.0.2", + "externalReferences": [ + { + "url": "git+https://github.com/json5/json5.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "http://json5.org/", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/json5/json5/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "83531630b062cfc14a8b57b8c3453254bdf0fa225c7960050406819e718a3a935ae5ff132e4b646eb7b5facea8202c9d5809be1d15064e623efffc6fda1bd760" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/json5" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-bom", + "version": "3.0.0", + "bom-ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0", + "author": "Sindre Sorhus", + "description": "Strip UTF-8 byte order mark (BOM) from a string", + "scope": "optional", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-bom@3.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/strip-bom.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/strip-bom/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "bdabc03115ce80154d17a9f210498bdc304ad7d891a437282305beb3043e09b1a2bbb963bbab7e264940d4c1f07a85ad69d82de0849552c5cbc83ab7e1d75cc0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/tsconfig-paths/node_modules/strip-bom" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "trace-mapping", + "group": "@jridgewell", + "version": "0.3.9", + "bom-ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "author": "Justin Ridgewell", + "description": "Trace the original position through a source map", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/%40jridgewell/trace-mapping@0.3.9", + "externalReferences": [ + { + "url": "git+https://github.com/jridgewell/trace-mapping.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jridgewell/trace-mapping/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "dc17a5b7ab5d73c6cf800b5b72676d349962ad5a139846f97b6802f783e7930116f6323a0801d47a81bce6d8d63f95aabaa7dabe832d330886e0ff76e9928ab9" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@cspotcode/source-map-support/node_modules/@jridgewell/trace-mapping" + } + ] + }, + { + "type": "library", + "name": "color", + "version": "3.2.1", + "bom-ref": "colorspace@1.1.4|color@3.2.1", + "description": "Color conversion and manipulation with CSS string support", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color@3.2.1", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color/-/color-3.2.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "68197b75923d10d37a7d4182ee65a93133cd1e659448d6a7f6db9637a6a187964b364f5b68b24e9d2325ad090772b7c5833dbf462823515023771dfa55c7a628" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color" + } + ] + }, + { + "type": "library", + "name": "color-convert", + "version": "1.9.3", + "bom-ref": "colorspace@1.1.4|color-convert@1.9.3", + "author": "Heather Arthur", + "description": "Plain color conversion functions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-convert@1.9.3", + "externalReferences": [ + { + "url": "git+https://github.com/Qix-/color-convert.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/Qix-/color-convert#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/Qix-/color-convert/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "41f014b5dfaf15d02d150702f020b262dd5f616c52a8088ad9c483eb30c1f0dddca6c10102f471a7dcce1a0e86fd21c7258013f3cfdacff22e0c600bb0d55b1a" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-convert" + } + ] + }, + { + "type": "library", + "name": "color-name", + "version": "1.1.3", + "bom-ref": "colorspace@1.1.4|color-name@1.1.3", + "author": "DY", + "description": "A list of color names and its values", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/color-name@1.1.3", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/dfcreative/color-name.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/dfcreative/color-name", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/dfcreative/color-name/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "ef67d27a784cc361d931354778203d2829a91086f35a242c8cdf811dc05b4bdbebd66b6dfaf2633dd92c20135498a016f131540cf24ae52514dd0844f4d1170f" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/colorspace/node_modules/color-name" + } + ] + }, + { + "type": "library", + "name": "sax", + "version": "1.3.0", + "bom-ref": "xlsx-populate@1.21.0|sax@1.3.0", + "author": "Isaac Z. Schlueter", + "description": "An evented streaming XML parser in JavaScript", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/sax@1.3.0", + "externalReferences": [ + { + "url": "git://github.com/isaacs/sax-js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/sax-js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/sax-js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/sax/-/sax-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "d2cfa8026c3dccb975575712f41b5937b240774716e5ed101f85b72d610ae9ae0b68b100d8e4e919858363ee976ac04bb73eb0926deed71470f79991b89e7d58" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/xlsx-populate/node_modules/sax" + } + ] + }, + { + "type": "library", + "name": "readable-stream", + "version": "2.3.8", + "bom-ref": "jszip@3.10.1|readable-stream@2.3.8", + "description": "Streams3, a user-land copy of the stream library from Node.js", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/readable-stream@2.3.8", + "externalReferences": [ + { + "url": "git://github.com/nodejs/readable-stream.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/readable-stream#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/readable-stream/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "f29d00524e173838087b04a2d25f04a63b3e1159d688aecda03204194d07844efe67263c0f520c63ba1dbb9951ac55c683bd4bd79286f10acf9ae9b8e514ed74" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/readable-stream" + } + ] + }, + { + "type": "library", + "name": "safe-buffer", + "version": "5.1.2", + "bom-ref": "jszip@3.10.1|safe-buffer@5.1.2", + "author": "Feross Aboukhadijeh", + "description": "Safer Node.js Buffer API", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/safe-buffer@5.1.2", + "externalReferences": [ + { + "url": "git://github.com/feross/safe-buffer.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/feross/safe-buffer", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/feross/safe-buffer/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "19dd94641243917958ec66c9c5fb04f3f9ef2a45045351b7f1cd6c88de903fa6bd3d3f4c98707c1a7a6c71298c252a05f0b388aedf2e77fc0fb688f2b381bafa" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/safe-buffer" + } + ] + }, + { + "type": "library", + "name": "string_decoder", + "version": "1.1.1", + "bom-ref": "jszip@3.10.1|string_decoder@1.1.1", + "description": "The string_decoder module from Node core", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string_decoder@1.1.1", + "externalReferences": [ + { + "url": "git://github.com/nodejs/string_decoder.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/nodejs/string_decoder", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/nodejs/string_decoder/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "9ff4a19ef0e2e851db6d57ef8aba3e5a88e2173bfeb3c30f30705ccd578f7d4a4324bc282d3d21b759786300426e2f29240bde104767907c8fc933ff9b345fc2" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/jszip/node_modules/string_decoder" + } + ] + }, + { + "type": "library", + "name": "entities", + "version": "2.2.0", + "bom-ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0", + "author": "Felix Boehm", + "description": "Encode & decode XML and HTML entities with ease", + "licenses": [ + { + "license": { + "id": "BSD-2-Clause" + } + } + ], + "purl": "pkg:npm/entities@2.2.0", + "externalReferences": [ + { + "url": "git://github.com/fb55/entities.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/fb55/entities#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/fb55/entities/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "a7dda27f9373eb5f48d30f9a909acb647d0c5f43dbe435f7f573b0413b5749d41039a607d374b5b88429e2684e66d017af1ab85623baed84e22c1a36eb7f28f4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/dom-serializer/node_modules/entities" + } + ] + }, + { + "type": "library", + "name": "semver", + "version": "6.3.1", + "bom-ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1", + "author": "GitHub Inc.", + "description": "The semantic version parser used by npm.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/semver@6.3.1", + "externalReferences": [ + { + "url": "git+https://github.com/npm/node-semver.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/node-semver#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/node-semver/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "051ed5bc30951cefaadb10445ac9314ba0c9135a919dbec3c7352ba206fbd425a849f89c07162c88019df8a9749a6abf329ac6f7202b464cab4314cee978cccc" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@mitre/inspec-objects/node_modules/istanbul-lib-instrument/node_modules/semver" + } + ] + }, + { + "type": "library", + "name": "path-key", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0", + "author": "Sindre Sorhus", + "description": "Get the PATH environment variable key cross-platform", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/path-key@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/path-key.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/path-key#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/path-key/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/path-key/-/path-key-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "85a444ca9abbc6433b12b7e0232034cfe063e0018a94c49d9501368ef268ea1b960f511d90a615f86fd3e27ab4604176be04d3f24a8c14aa35b879fde74af849" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-plugins/node_modules/npm-run-path/node_modules/path-key" + } + ] + }, + { + "type": "library", + "name": "isexe", + "version": "3.1.1", + "bom-ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1", + "author": "Isaac Z. Schlueter", + "description": "Minimal module to check if a file is executable.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/isexe@3.1.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/isexe.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/isexe.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/isexe#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/isexe/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/which/node_modules/isexe" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "proc-log", + "version": "3.0.0", + "bom-ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "author": "GitHub Inc.", + "description": "just emit 'log' events on the process object", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/proc-log@3.0.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/proc-log.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/proc-log#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/proc-log/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/node-gyp/node_modules/proc-log" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.1.2", + "bom-ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2", + "description": "Tiny millisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.1.2?vcs_url=git%2Bhttps%3A//github.com/zeit/ms.git", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/debug/node_modules/ms" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-flush/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "fs-minipass", + "version": "2.1.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "author": "Isaac Z. Schlueter", + "description": "fs read and write streams based on minipass", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/fs-minipass@2.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/fs-minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/npm/fs-minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/npm/fs-minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/npm/fs-minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "5.0.0", + "bom-ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@5.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "which", + "version": "2.0.2", + "bom-ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "author": "Isaac Z. Schlueter", + "description": "Like which(1) unix command. Find the first instance of an executable in the PATH.", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/which@2.0.2?vcs_url=git%3A//github.com/isaacs/node-which.git", + "externalReferences": [ + { + "url": "git://github.com/isaacs/node-which.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/node-which#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/node-which/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/cross-spawn/node_modules/which" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/@isaacs/cliui/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-styles", + "version": "4.3.0", + "bom-ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "author": "Sindre Sorhus", + "description": "ANSI escape codes for styling strings in the terminal", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-styles@4.3.0?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-styles.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-styles.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-styles#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-styles/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi-cjs/node_modules/ansi-styles" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "string-width", + "version": "5.1.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "author": "Sindre Sorhus", + "description": "Get the visual width of a string - the number of columns required to display it", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/string-width@5.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/string-width.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/string-width#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/string-width/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/string-width" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "emoji-regex", + "version": "9.2.2", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "author": "Mathias Bynens", + "description": "A regular expression to match all Emoji-only symbols as per the Unicode Standard.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/emoji-regex@9.2.2?vcs_url=git%2Bhttps%3A//github.com/mathiasbynens/emoji-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/mathiasbynens/emoji-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://mths.be/emoji-regex", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mathiasbynens/emoji-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/emoji-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "strip-ansi", + "version": "7.1.0", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "author": "Sindre Sorhus", + "description": "Strip ANSI escape codes from a string", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/strip-ansi.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/strip-ansi#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/strip-ansi/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/strip-ansi" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ansi-regex", + "version": "6.0.1", + "bom-ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1", + "author": "Sindre Sorhus", + "description": "Regular expression for matching ANSI escape codes", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ansi-regex@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/ansi-regex.git", + "externalReferences": [ + { + "url": "git+https://github.com/chalk/ansi-regex.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/chalk/ansi-regex#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/chalk/ansi-regex/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/wrap-ansi/node_modules/ansi-regex" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "spdx-expression-parse", + "version": "3.0.1", + "bom-ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "author": "Kyle E. Mitchell", + "description": "parse SPDX license expressions", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/spdx-expression-parse@3.0.1?vcs_url=git%2Bhttps%3A//github.com/jslicense/spdx-expression-parse.js.git", + "externalReferences": [ + { + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-sized/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minizlib/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/minipass-json-stream/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "parse-json", + "version": "4.0.0", + "bom-ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "author": "Sindre Sorhus", + "description": "Parse JSON with more helpful errors", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/parse-json@4.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/sindresorhus/parse-json.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/sindresorhus/parse-json/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-1", + "content": "be35f5425be1f7f6c747184f98a788cb99477ee0" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/@oclif/plugin-warn-if-update-available/node_modules/http-call/node_modules/parse-json" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ignore", + "version": "4.0.6", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "author": "kael", + "description": "Ignore is a manager and filter for .gitignore rules.", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ignore@4.0.6", + "externalReferences": [ + { + "url": "git+ssh://git@github.com/kaelzhang/node-ignore.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/kaelzhang/node-ignore/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "7321432aba9cfd875c5859e2261cc8e36f80cd2fa0370994cce485711090630c92b81041cbf2a3bb158b67f147107e8ca2ad4d8b330e056c9372ff0ee0e64832" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/@eslint/eslintrc/node_modules/ignore" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/espree/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "eslint-visitor-keys", + "version": "1.3.0", + "bom-ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0", + "author": "Toru Nagashima", + "description": "Constants and utilities about visitor keys to traverse AST.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/eslint-visitor-keys@1.3.0", + "externalReferences": [ + { + "url": "git+https://github.com/eslint/eslint-visitor-keys.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/eslint/eslint-visitor-keys/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.3.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "e89ef637c50d6b8eb6c1afca14e0edfcf277214eb4483a42dd05c2d478dcd415d7a5f2f60bd479f8053b8e17b417a19112a54c87826ebbe358ef19fee9d8a951" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/eslint-config-oclif-typescript/node_modules/eslint-utils/node_modules/eslint-visitor-keys" + }, + { + "name": "cdx:npm:package:development", + "value": "true" + } + ] + }, + { + "type": "library", + "name": "ms", + "version": "2.0.0", + "bom-ref": "send@0.18.0|debug@2.6.9|ms@2.0.0", + "description": "Tiny milisecond conversion utility", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/ms@2.0.0", + "externalReferences": [ + { + "url": "git+https://github.com/zeit/ms.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/zeit/ms#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/zeit/ms/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "type": "distribution", + "hashes": [ + { + "alg": "SHA-512", + "content": "4e9a7ad0fe885090d3b8eabfe59f1c76c93326e8dfc2a7ce4e4af02308fb211212a679099d3e92c89e0f08f9c63281630bd75d85a979295218b40b7dee2c74e4" + } + ], + "comment": "as detected from npm-ls property \"resolved\" and property \"integrity\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/send/node_modules/debug/node_modules/ms" + } + ] + }, + { + "type": "library", + "name": "minipass", + "version": "3.3.6", + "bom-ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "author": "Isaac Z. Schlueter", + "description": "minimal implementation of a PassThrough stream", + "licenses": [ + { + "license": { + "id": "ISC" + } + } + ], + "purl": "pkg:npm/minipass@3.3.6?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass.git", + "externalReferences": [ + { + "url": "git+https://github.com/isaacs/minipass.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/isaacs/minipass#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/isaacs/minipass/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "node_modules/npm/node_modules/tar/node_modules/fs-minipass/node_modules/minipass" + }, + { + "name": "cdx:npm:package:bundled", + "value": "true" + } + ] + } + ], + "dependencies": [ + { + "ref": "@mitre/saf@1.4.7", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@aws-sdk/client-securityhub@3.590.0", + "@e965/xlsx@0.20.1", + "@mitre/emass_client@3.10.0", + "@mitre/hdf-converters@2.10.8", + "@mitre/heimdall-lite@2.10.9", + "@mitre/inspec-objects@1.0.1", + "@oclif/core@3.26.9", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-plugins@5.2.2", + "@oclif/plugin-version@2.2.2", + "@oclif/plugin-warn-if-update-available@3.1.4", + "@oclif/test@3.2.15", + "@smithy/node-http-handler@3.0.0", + "@types/chai@4.3.14", + "@types/express@4.17.21", + "@types/flat@5.0.5", + "@types/fs-extra@11.0.4", + "@types/get-installed-path@4.0.3", + "@types/jest@29.5.12", + "@types/js-yaml@4.0.9", + "@types/lodash@4.17.4", + "@types/mocha@10.0.6", + "@types/mock-fs@4.13.4", + "@types/mustache@4.2.5", + "@types/node@20.14.1", + "@types/objects-to-csv@1.3.3", + "@types/prompt-sync@4.2.3", + "@types/tmp@0.2.6", + "@types/uuid@9.0.8", + "@types/xml2js@0.4.14", + "@typescript-eslint/eslint-plugin@7.12.0", + "accurate-search@1.2.15", + "ajv@8.16.0", + "axios@1.7.2", + "chai@4.4.1", + "colors@1.4.0", + "csv-parse@4.16.3", + "dotenv@16.4.5", + "eslint-config-oclif-typescript@1.0.3", + "eslint-config-oclif@4.0.0", + "eslint-plugin-unicorn@52.0.0", + "eslint@8.57.0", + "express@4.19.2", + "fast-xml-parser@4.4.0", + "flat@5.0.2", + "form-data@4.0.0", + "fs-extra@11.2.0", + "get-installed-path@4.0.8", + "htmlparser2@9.1.0", + "https@1.0.0", + "inquirer-file-tree-selection-prompt@2.0.2", + "inquirer@8.0.0", + "inspecjs@2.10.8", + "jest-mock@29.7.0", + "jest@29.7.0", + "js-yaml@4.1.0", + "json-colorizer@2.2.2", + "lodash@4.17.21", + "markdown-diff@2.0.0", + "markdown-table-ts@1.0.3", + "marked@12.0.2", + "mocha@10.4.0", + "mock-fs@5.2.0", + "moment@2.30.1", + "mustache@4.2.0", + "objects-to-csv@1.3.6", + "oclif@4.13.0", + "open@10.1.0", + "prompt-sync@4.2.0", + "run-script-os@1.1.6", + "table@6.8.2", + "tmp@0.2.3", + "ts-jest@29.1.4", + "ts-mocha@10.0.0", + "ts-node@10.9.2", + "tsimportlib@0.0.5", + "tslib@2.6.3", + "typescript@5.1.6", + "uuid@9.0.1", + "winston@3.13.0", + "xlsx-populate@1.21.0", + "xml2js@0.6.2", + "yaml@2.4.3", + "zip-lib@1.0.4" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-config-service@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/ie11-detection@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha256-js@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0", + "dependsOn": [ + "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/supports-web-crypto@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/util@3.0.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/util@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/util@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/types@3.577.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-utf8-browser@3.259.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-locate-window@3.535.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "tslib@2.6.3" + }, + { + "ref": "@aws-sdk/middleware-host-header@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-logger@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-recursion-detection@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-browser@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/config-resolver@3.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/core@2.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/fetch-http-handler@3.0.1", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/invalid-dependency@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-content-length@3.0.0", + "dependsOn": [ + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-endpoint@3.0.1", + "dependsOn": [ + "@smithy/middleware-serde@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-retry@3.0.3", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/service-error-classification@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "tslib@2.6.3", + "uuid@9.0.1" + ] + }, + { + "ref": "@smithy/middleware-serde@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/middleware-stack@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-config-provider@3.1.0", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/node-http-handler@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/querystring-builder@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/protocol-http@4.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/smithy-client@3.1.1", + "dependsOn": [ + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-stack@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/types@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/url-parser@3.0.0", + "dependsOn": [ + "@smithy/querystring-parser@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-base64@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-browser@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-body-length-node@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-browser@3.0.3", + "dependsOn": [ + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-defaults-mode-node@3.0.3", + "dependsOn": [ + "@smithy/config-resolver@3.0.1", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-endpoints@2.0.1", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-middleware@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-retry@3.0.0", + "dependsOn": [ + "@smithy/service-error-classification@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-utf8@3.0.0", + "dependsOn": [ + "@smithy/util-buffer-from@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/signature-v4@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-middleware@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/is-array-buffer@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-hex-encoding@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-uri-escape@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "strnum@1.0.5" + }, + { + "ref": "@smithy/property-provider@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-stream@3.0.1", + "dependsOn": [ + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-buffer-from@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/credential-provider-imds@3.1.0", + "dependsOn": [ + "@smithy/node-config-provider@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/shared-ini-file-loader@3.1.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-config-provider@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "bowser@2.11.0" + }, + { + "ref": "@smithy/querystring-builder@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-uri-escape@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-buffer-from@3.0.0", + "dependsOn": [ + "@smithy/is-array-buffer@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/service-error-classification@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0" + ] + }, + { + "ref": "uuid@9.0.1" + }, + { + "ref": "@smithy/querystring-parser@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-node@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-ini@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-env@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-http@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-process@3.587.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-sso@3.590.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/credential-provider-web-identity@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sts@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso@3.590.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/core@3.588.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/middleware-user-agent@3.587.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/region-config-resolver@3.587.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-endpoints@3.587.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/util-user-agent-node@3.587.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/token-providers@3.587.0", + "dependsOn": [ + "@aws-sdk/client-securityhub@3.590.0|@aws-sdk/client-sso-oidc@3.590.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@e965/xlsx@0.20.1" + }, + { + "ref": "@mitre/emass_client@3.10.0", + "dependsOn": [ + "@mitre/emass_client@3.10.0|axios@0.21.4" + ] + }, + { + "ref": "@mitre/emass_client@3.10.0|axios@0.21.4", + "dependsOn": [ + "follow-redirects@1.15.6" + ] + }, + { + "ref": "follow-redirects@1.15.6" + }, + { + "ref": "@mitre/hdf-converters@2.10.8", + "dependsOn": [ + "@aws-sdk/client-config-service@3.590.0", + "@e965/xlsx@0.20.1", + "@mdi/js@7.4.47", + "@mitre/jsonix@3.0.7", + "@smithy/node-http-handler@3.0.0", + "@types/csv2json@1.4.5", + "@types/ms@0.7.34", + "@types/mustache@4.2.5", + "@types/papaparse@5.3.14", + "@types/revalidator@0.3.12", + "@types/triple-beam@1.3.5", + "@types/validator@13.12.0", + "@types/xml2js@0.4.14", + "axios@1.7.2", + "compare-versions@6.1.0", + "csv2json@2.0.2", + "fast-xml-parser@4.4.0", + "html-entities@2.5.2", + "htmlparser2@9.1.0", + "inspecjs@2.10.8", + "lodash@4.17.21", + "moment@2.30.1", + "ms@2.1.3", + "mustache@4.2.0", + "papaparse@5.4.1", + "revalidator@0.3.1", + "run-script-os@1.1.6", + "semver@7.6.2", + "tailwindcss@3.4.3", + "tw-elements@1.1.0", + "validator@13.12.0", + "winston@3.13.0", + "xml-formatter@3.6.2", + "xml-parser-xo@4.1.1", + "xml2js@0.6.2", + "yaml@2.4.3" + ] + }, + { + "ref": "@mdi/js@7.4.47" + }, + { + "ref": "@mitre/jsonix@3.0.7", + "dependsOn": [ + "@xmldom/xmldom@0.8.10", + "amdefine@0.0.4", + "xmlhttprequest@1.8.0" + ] + }, + { + "ref": "@xmldom/xmldom@0.8.10" + }, + { + "ref": "amdefine@0.0.4" + }, + { + "ref": "xmlhttprequest@1.8.0" + }, + { + "ref": "@types/csv2json@1.4.5", + "dependsOn": [ + "@types/pumpify@1.4.4" + ] + }, + { + "ref": "@types/pumpify@1.4.4", + "dependsOn": [ + "@types/duplexify@3.6.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/duplexify@3.6.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/node@20.14.1", + "dependsOn": [ + "undici-types@5.26.5" + ] + }, + { + "ref": "@types/ms@0.7.34" + }, + { + "ref": "@types/mustache@4.2.5" + }, + { + "ref": "@types/papaparse@5.3.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/revalidator@0.3.12" + }, + { + "ref": "@types/triple-beam@1.3.5" + }, + { + "ref": "@types/validator@13.12.0" + }, + { + "ref": "@types/xml2js@0.4.14", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "axios@1.7.2", + "dependsOn": [ + "follow-redirects@1.15.6", + "form-data@4.0.0", + "proxy-from-env@1.1.0" + ] + }, + { + "ref": "compare-versions@6.1.0" + }, + { + "ref": "csv2json@2.0.2", + "dependsOn": [ + "csv-parser@2.3.5", + "exec-promise@0.7.0", + "minimist@1.2.8", + "promise-toolbox@0.14.0", + "pump@3.0.0", + "pumpify@2.0.1", + "strip-bom-stream@4.0.0", + "through2@3.0.2" + ] + }, + { + "ref": "csv-parser@2.3.5", + "dependsOn": [ + "minimist@1.2.8", + "through2@3.0.2" + ] + }, + { + "ref": "minimist@1.2.8" + }, + { + "ref": "through2@3.0.2", + "dependsOn": [ + "inherits@2.0.4", + "readable-stream@3.6.2" + ] + }, + { + "ref": "exec-promise@0.7.0", + "dependsOn": [ + "log-symbols@1.0.2" + ] + }, + { + "ref": "log-symbols@1.0.2", + "dependsOn": [ + "log-symbols@1.0.2|chalk@1.1.3" + ] + }, + { + "ref": "log-symbols@1.0.2|chalk@1.1.3", + "dependsOn": [ + "log-symbols@1.0.2|ansi-styles@2.2.1", + "log-symbols@1.0.2|escape-string-regexp@1.0.5", + "has-ansi@2.0.0", + "log-symbols@1.0.2|strip-ansi@3.0.1", + "log-symbols@1.0.2|supports-color@2.0.0" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-styles@2.2.1" + }, + { + "ref": "log-symbols@1.0.2|escape-string-regexp@1.0.5" + }, + { + "ref": "log-symbols@1.0.2|strip-ansi@3.0.1", + "dependsOn": [ + "log-symbols@1.0.2|ansi-regex@2.1.1" + ] + }, + { + "ref": "log-symbols@1.0.2|ansi-regex@2.1.1" + }, + { + "ref": "log-symbols@1.0.2|supports-color@2.0.0" + }, + { + "ref": "has-ansi@2.0.0", + "dependsOn": [ + "has-ansi@2.0.0|ansi-regex@2.1.1" + ] + }, + { + "ref": "has-ansi@2.0.0|ansi-regex@2.1.1" + }, + { + "ref": "promise-toolbox@0.14.0", + "dependsOn": [ + "make-error@1.3.6" + ] + }, + { + "ref": "make-error@1.3.6" + }, + { + "ref": "pump@3.0.0", + "dependsOn": [ + "end-of-stream@1.4.4", + "once@1.4.0" + ] + }, + { + "ref": "end-of-stream@1.4.4", + "dependsOn": [ + "once@1.4.0" + ] + }, + { + "ref": "once@1.4.0", + "dependsOn": [ + "wrappy@1.0.2" + ] + }, + { + "ref": "pumpify@2.0.1", + "dependsOn": [ + "duplexify@4.1.3", + "inherits@2.0.4", + "pump@3.0.0" + ] + }, + { + "ref": "duplexify@4.1.3", + "dependsOn": [ + "end-of-stream@1.4.4", + "inherits@2.0.4", + "readable-stream@3.6.2", + "stream-shift@1.0.3" + ] + }, + { + "ref": "inherits@2.0.4" + }, + { + "ref": "readable-stream@3.6.2", + "dependsOn": [ + "inherits@2.0.4", + "string_decoder@1.3.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "stream-shift@1.0.3" + }, + { + "ref": "strip-bom-stream@4.0.0", + "dependsOn": [ + "first-chunk-stream@3.0.0", + "strip-bom-buf@2.0.0" + ] + }, + { + "ref": "first-chunk-stream@3.0.0" + }, + { + "ref": "strip-bom-buf@2.0.0", + "dependsOn": [ + "is-utf8@0.2.1" + ] + }, + { + "ref": "is-utf8@0.2.1" + }, + { + "ref": "fast-xml-parser@4.4.0", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "html-entities@2.5.2" + }, + { + "ref": "htmlparser2@9.1.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "domutils@3.1.0", + "entities@4.5.0" + ] + }, + { + "ref": "inspecjs@2.10.8" + }, + { + "ref": "lodash@4.17.21" + }, + { + "ref": "moment@2.30.1" + }, + { + "ref": "ms@2.1.3" + }, + { + "ref": "mustache@4.2.0" + }, + { + "ref": "papaparse@5.4.1" + }, + { + "ref": "revalidator@0.3.1" + }, + { + "ref": "run-script-os@1.1.6" + }, + { + "ref": "semver@7.6.2" + }, + { + "ref": "tailwindcss@3.4.3", + "dependsOn": [ + "@alloc/quick-lru@5.2.0", + "arg@5.0.2", + "chokidar@3.5.3", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "postcss-import@15.1.0", + "postcss-js@4.0.1", + "postcss-load-config@4.0.2", + "postcss-nested@6.0.1", + "postcss-selector-parser@6.0.16", + "postcss@8.4.38", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "@alloc/quick-lru@5.2.0" + }, + { + "ref": "arg@5.0.2" + }, + { + "ref": "chokidar@3.5.3", + "dependsOn": [ + "anymatch@3.1.3", + "braces@3.0.2", + "fsevents@2.3.3", + "chokidar@3.5.3|glob-parent@5.1.2", + "is-binary-path@2.1.0", + "is-glob@4.0.3", + "normalize-path@3.0.0", + "readdirp@3.6.0" + ] + }, + { + "ref": "chokidar@3.5.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "didyoumean@1.2.2" + }, + { + "ref": "dlv@1.1.3" + }, + { + "ref": "fast-glob@3.3.2", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "@nodelib/fs.walk@1.2.8", + "fast-glob@3.3.2|glob-parent@5.1.2", + "merge2@1.4.1", + "micromatch@4.0.5" + ] + }, + { + "ref": "fast-glob@3.3.2|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "@nodelib/fs.stat@2.0.5" + }, + { + "ref": "@nodelib/fs.walk@1.2.8", + "dependsOn": [ + "@nodelib/fs.scandir@2.1.5", + "fastq@1.17.1" + ] + }, + { + "ref": "is-glob@4.0.3", + "dependsOn": [ + "is-extglob@2.1.1" + ] + }, + { + "ref": "merge2@1.4.1" + }, + { + "ref": "micromatch@4.0.5", + "dependsOn": [ + "braces@3.0.2", + "picomatch@2.3.1" + ] + }, + { + "ref": "glob-parent@6.0.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "jiti@1.21.0" + }, + { + "ref": "lilconfig@2.1.0" + }, + { + "ref": "braces@3.0.2", + "dependsOn": [ + "fill-range@7.0.1" + ] + }, + { + "ref": "picomatch@2.3.1" + }, + { + "ref": "normalize-path@3.0.0" + }, + { + "ref": "object-hash@3.0.0" + }, + { + "ref": "picocolors@1.0.0" + }, + { + "ref": "postcss-import@15.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "postcss-value-parser@4.2.0" + }, + { + "ref": "postcss@8.4.38", + "dependsOn": [ + "nanoid@3.3.7", + "picocolors@1.0.0", + "source-map-js@1.2.0" + ] + }, + { + "ref": "read-cache@1.0.0", + "dependsOn": [ + "pify@2.3.0" + ] + }, + { + "ref": "pify@2.3.0" + }, + { + "ref": "resolve@1.22.8", + "dependsOn": [ + "is-core-module@2.13.1", + "path-parse@1.0.7", + "supports-preserve-symlinks-flag@1.0.0" + ] + }, + { + "ref": "postcss-js@4.0.1", + "dependsOn": [ + "camelcase-css@2.0.1", + "postcss@8.4.38" + ] + }, + { + "ref": "camelcase-css@2.0.1" + }, + { + "ref": "postcss-load-config@4.0.2", + "dependsOn": [ + "postcss-load-config@4.0.2|lilconfig@3.1.1", + "postcss@8.4.38", + "ts-node@10.9.2", + "yaml@2.4.3" + ] + }, + { + "ref": "postcss-load-config@4.0.2|lilconfig@3.1.1" + }, + { + "ref": "ts-node@10.9.2", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1", + "@tsconfig/node10@1.0.11", + "@tsconfig/node12@1.0.11", + "@tsconfig/node14@1.0.3", + "@tsconfig/node16@1.0.4", + "@types/node@20.14.1", + "acorn-walk@8.3.2", + "acorn@8.11.3", + "ts-node@10.9.2|arg@4.1.3", + "create-require@1.1.1", + "diff@4.0.2", + "make-error@1.3.6", + "typescript@5.1.6", + "v8-compile-cache-lib@3.0.1", + "yn@3.1.1" + ] + }, + { + "ref": "ts-node@10.9.2|arg@4.1.3" + }, + { + "ref": "yaml@2.4.3" + }, + { + "ref": "postcss-nested@6.0.1", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "postcss-selector-parser@6.0.16", + "dependsOn": [ + "cssesc@3.0.0", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "cssesc@3.0.0" + }, + { + "ref": "util-deprecate@1.0.2" + }, + { + "ref": "nanoid@3.3.7" + }, + { + "ref": "source-map-js@1.2.0" + }, + { + "ref": "is-core-module@2.13.1", + "dependsOn": [ + "hasown@2.0.2" + ] + }, + { + "ref": "path-parse@1.0.7" + }, + { + "ref": "supports-preserve-symlinks-flag@1.0.0" + }, + { + "ref": "sucrase@3.35.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "sucrase@3.35.0|commander@4.1.1", + "sucrase@3.35.0|glob@10.3.12", + "lines-and-columns@1.2.4", + "mz@2.7.0", + "pirates@4.0.6", + "ts-interface-checker@0.1.13" + ] + }, + { + "ref": "sucrase@3.35.0|commander@4.1.1" + }, + { + "ref": "sucrase@3.35.0|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "sucrase@3.35.0|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "sucrase@3.35.0|minipass@7.0.4" + }, + { + "ref": "@jridgewell/gen-mapping@0.3.5", + "dependsOn": [ + "@jridgewell/set-array@1.2.1", + "@jridgewell/sourcemap-codec@1.4.15", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "@jridgewell/set-array@1.2.1" + }, + { + "ref": "@jridgewell/sourcemap-codec@1.4.15" + }, + { + "ref": "@jridgewell/trace-mapping@0.3.25", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "foreground-child@3.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "foreground-child@3.1.1|signal-exit@4.1.0" + ] + }, + { + "ref": "foreground-child@3.1.1|signal-exit@4.1.0" + }, + { + "ref": "cross-spawn@7.0.3", + "dependsOn": [ + "path-key@3.1.1", + "shebang-command@2.0.0", + "which@2.0.2" + ] + }, + { + "ref": "jackspeak@2.3.6", + "dependsOn": [ + "@isaacs/cliui@8.0.2", + "@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2", + "dependsOn": [ + "string-width@4.2.3", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.5h3h9846p8.g5nk6qdc128", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "wrap-ansi@7.0.0", + "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "eastasianwidth@0.2.0", + "@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "@isaacs/cliui@8.0.2|wrap-ansi@8.1.0", + "dependsOn": [ + "@isaacs/cliui@8.0.2|ansi-styles@6.2.1", + "@isaacs/cliui@8.0.2|string-width@5.1.2", + "@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "@isaacs/cliui@8.0.2|ansi-styles@6.2.1" + }, + { + "ref": "string-width@4.2.3", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "emoji-regex@8.0.0" + }, + { + "ref": "is-fullwidth-code-point@3.0.0" + }, + { + "ref": "strip-ansi@6.0.1", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.5h3h9846p8.g5nk6qdc128", + "dependsOn": [ + "ansi-regex@5.0.1" + ] + }, + { + "ref": "ansi-regex@5.0.1" + }, + { + "ref": "wrap-ansi@7.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-styles@4.3.0", + "dependsOn": [ + "color-convert@2.0.1" + ] + }, + { + "ref": "BomRef.5hrhe0lu5jo.6brcifutiug", + "dependsOn": [ + "emoji-regex@8.0.0", + "is-fullwidth-code-point@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@pkgjs/parseargs@0.11.0" + }, + { + "ref": "minimatch@9.0.4", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "path-scurry@1.10.2", + "dependsOn": [ + "path-scurry@1.10.2|lru-cache@10.2.0", + "path-scurry@1.10.2|minipass@7.0.4" + ] + }, + { + "ref": "path-scurry@1.10.2|lru-cache@10.2.0" + }, + { + "ref": "path-scurry@1.10.2|minipass@7.0.4" + }, + { + "ref": "lines-and-columns@1.2.4" + }, + { + "ref": "mz@2.7.0", + "dependsOn": [ + "any-promise@1.3.0", + "object-assign@4.1.1", + "thenify-all@1.6.0" + ] + }, + { + "ref": "any-promise@1.3.0" + }, + { + "ref": "object-assign@4.1.1" + }, + { + "ref": "thenify-all@1.6.0", + "dependsOn": [ + "thenify@3.3.1" + ] + }, + { + "ref": "thenify@3.3.1", + "dependsOn": [ + "any-promise@1.3.0" + ] + }, + { + "ref": "pirates@4.0.6" + }, + { + "ref": "ts-interface-checker@0.1.13" + }, + { + "ref": "tw-elements@1.1.0", + "dependsOn": [ + "@popperjs/core@2.11.8", + "chart.js@3.9.1", + "chartjs-plugin-datalabels@2.2.0", + "deepmerge@4.3.1", + "detect-autofill@1.1.4", + "perfect-scrollbar@1.5.5", + "tw-elements@1.1.0|tailwindcss@3.3.0" + ] + }, + { + "ref": "tw-elements@1.1.0|tailwindcss@3.3.0", + "dependsOn": [ + "arg@5.0.2", + "chokidar@3.5.3", + "color-name@1.1.4", + "didyoumean@1.2.2", + "dlv@1.1.3", + "fast-glob@3.3.2", + "glob-parent@6.0.2", + "is-glob@4.0.3", + "jiti@1.21.0", + "lilconfig@2.1.0", + "micromatch@4.0.5", + "normalize-path@3.0.0", + "object-hash@3.0.0", + "picocolors@1.0.0", + "tw-elements@1.1.0|postcss-import@14.1.0", + "postcss-js@4.0.1", + "tw-elements@1.1.0|postcss-load-config@3.1.4", + "tw-elements@1.1.0|postcss-nested@6.0.0", + "postcss-selector-parser@6.0.16", + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "quick-lru@5.1.1", + "resolve@1.22.8", + "sucrase@3.35.0" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-import@14.1.0", + "dependsOn": [ + "postcss-value-parser@4.2.0", + "postcss@8.4.38", + "read-cache@1.0.0", + "resolve@1.22.8" + ] + }, + { + "ref": "tw-elements@1.1.0|postcss-load-config@3.1.4", + "dependsOn": [ + "lilconfig@2.1.0", + "postcss@8.4.38", + "ts-node@10.9.2", + "tw-elements@1.1.0|yaml@1.10.2" + ] + }, + { + "ref": "tw-elements@1.1.0|yaml@1.10.2" + }, + { + "ref": "tw-elements@1.1.0|postcss-nested@6.0.0", + "dependsOn": [ + "postcss-selector-parser@6.0.16", + "postcss@8.4.38" + ] + }, + { + "ref": "@popperjs/core@2.11.8" + }, + { + "ref": "chart.js@3.9.1" + }, + { + "ref": "chartjs-plugin-datalabels@2.2.0", + "dependsOn": [ + "chart.js@3.9.1" + ] + }, + { + "ref": "deepmerge@4.3.1" + }, + { + "ref": "detect-autofill@1.1.4", + "dependsOn": [ + "custom-event-polyfill@1.0.7" + ] + }, + { + "ref": "custom-event-polyfill@1.0.7" + }, + { + "ref": "perfect-scrollbar@1.5.5" + }, + { + "ref": "color-name@1.1.4" + }, + { + "ref": "quick-lru@5.1.1" + }, + { + "ref": "validator@13.12.0" + }, + { + "ref": "winston@3.13.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@dabh/diagnostics@2.0.3", + "async@3.2.5", + "is-stream@2.0.1", + "logform@2.6.0", + "one-time@1.0.0", + "readable-stream@3.6.2", + "safe-stable-stringify@2.4.3", + "stack-trace@0.0.10", + "triple-beam@1.4.1", + "winston-transport@4.7.0" + ] + }, + { + "ref": "xml-formatter@3.6.2", + "dependsOn": [ + "xml-parser-xo@4.1.1" + ] + }, + { + "ref": "xml-parser-xo@4.1.1" + }, + { + "ref": "xml2js@0.6.2", + "dependsOn": [ + "sax@1.2.1", + "xmlbuilder@11.0.1" + ] + }, + { + "ref": "@mitre/heimdall-lite@2.10.9", + "dependsOn": [ + "express@4.19.2" + ] + }, + { + "ref": "express@4.19.2", + "dependsOn": [ + "accepts@1.3.8", + "array-flatten@1.1.1", + "body-parser@1.20.2", + "content-disposition@0.5.4", + "content-type@1.0.5", + "cookie-signature@1.0.6", + "cookie@0.6.0", + "express@4.19.2|debug@2.6.9", + "depd@2.0.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "finalhandler@1.2.0", + "fresh@0.5.2", + "http-errors@2.0.0", + "merge-descriptors@1.0.1", + "methods@1.1.2", + "on-finished@2.4.1", + "parseurl@1.3.3", + "path-to-regexp@0.1.7", + "proxy-addr@2.0.7", + "qs@6.11.0", + "range-parser@1.2.1", + "safe-buffer@5.2.1", + "send@0.18.0", + "serve-static@1.15.0", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "type-is@1.6.18", + "utils-merge@1.0.1", + "vary@1.1.2" + ] + }, + { + "ref": "express@4.19.2|debug@2.6.9", + "dependsOn": [ + "express@4.19.2|ms@2.0.0" + ] + }, + { + "ref": "express@4.19.2|ms@2.0.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1", + "dependsOn": [ + "@types/flat@5.0.5", + "@types/he@1.2.3", + "@types/json-diff@0.7.0", + "@types/jstoxml@2.0.4", + "@types/lodash@4.17.4", + "@types/mustache@4.2.5", + "@types/pretty@2.0.3", + "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "flat@5.0.2", + "he@1.2.0", + "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "inspecjs@2.10.8", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json-diff@0.9.1", + "jstoxml@3.2.10", + "lodash@4.17.21", + "mustache@4.2.0", + "pretty@2.0.0", + "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "winston@3.13.0", + "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|fast-xml-parser@3.21.1", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|htmlparser2@7.2.0", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "@mitre/inspec-objects@1.0.1|entities@3.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|domutils@2.8.0", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1", + "dependsOn": [ + "domelementtype@2.3.0", + "@mitre/inspec-objects@1.0.1|domhandler@4.3.1", + "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dom-serializer@1.4.1|entities@2.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|entities@3.0.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "rimraf@3.0.2", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/reporters@28.1.3", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "terminal-link@2.1.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|istanbul-lib-instrument@5.2.1|semver@6.3.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "dependsOn": [ + "@types/node@20.14.1", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|convert-source-map@1.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ci-info@3.9.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-changed-files@28.1.3", + "dependsOn": [ + "execa@5.1.1", + "p-limit@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "micromatch@4.0.5", + "parse-json@5.2.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/test-sequencer@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-circus@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "@mitre/inspec-objects@1.0.1|dedent@0.7.0", + "is-generator-fn@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "p-limit@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/babel__traverse@7.20.5", + "@types/prettier@2.7.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|expect@28.1.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "natural-compare@1.4.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "semver@7.6.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|dedent@0.7.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-each@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "ansi-regex@5.0.1", + "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-matcher-utils@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "execa@5.1.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/fake-timers@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "@types/node@20.14.1", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-mock@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "jest-pnp-resolver@1.2.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-runner@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/console@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/transform@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "graceful-fs@4.2.11", + "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-environment-node@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-haste-map@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-message-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-resolve@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-runtime@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-worker@28.1.3", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|camelcase@6.3.0", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "leven@3.1.0", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-resolve-dependencies@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-regex-util@28.0.2", + "@mitre/inspec-objects@1.0.1|jest-snapshot@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|resolve.exports@1.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|emittery@0.10.2" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-docblock@28.1.1", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-leak-detector@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-watcher@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|emittery@0.10.2", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "string-length@4.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/fake-timers@9.1.2", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinonjs/commons@1.8.6", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/globals@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/environment@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/expect@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/source-map@28.1.2", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/expect-utils@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-diff@28.1.3", + "dependsOn": [ + "chalk@4.1.2", + "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1", + "@mitre/inspec-objects@1.0.1|jest-get-type@28.0.2", + "@mitre/inspec-objects@1.0.1|pretty-format@28.1.3" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|diff-sequences@28.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|camelcase@6.3.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@jest/schemas@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ansi-styles@5.2.0" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|@sinclair/typebox@0.24.51" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|jest-cli@28.1.3", + "dependsOn": [ + "@mitre/inspec-objects@1.0.1|@jest/core@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/test-result@28.1.3", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "import-local@3.1.0", + "@mitre/inspec-objects@1.0.1|jest-config@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest-validate@28.1.3", + "prompts@2.4.2", + "yargs@17.7.2" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|ts-jest@28.0.8", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|@jest/types@28.1.3", + "@mitre/inspec-objects@1.0.1|babel-jest@28.1.3", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "@mitre/inspec-objects@1.0.1|jest-util@28.1.3", + "@mitre/inspec-objects@1.0.1|jest@28.1.3", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "@mitre/inspec-objects@1.0.1|typescript@4.9.5", + "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-preset-jest@28.1.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|babel-plugin-jest-hoist@28.1.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@mitre/inspec-objects@1.0.1|typescript@4.9.5" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yargs-parser@21.1.1" + }, + { + "ref": "@mitre/inspec-objects@1.0.1|yaml@1.10.2" + }, + { + "ref": "@types/flat@5.0.5" + }, + { + "ref": "@types/he@1.2.3" + }, + { + "ref": "@types/json-diff@0.7.0" + }, + { + "ref": "@types/jstoxml@2.0.4" + }, + { + "ref": "@types/lodash@4.17.4" + }, + { + "ref": "@types/pretty@2.0.3" + }, + { + "ref": "flat@5.0.2" + }, + { + "ref": "he@1.2.0" + }, + { + "ref": "domelementtype@2.3.0" + }, + { + "ref": "chalk@4.1.2", + "dependsOn": [ + "ansi-styles@4.3.0", + "chalk@4.1.2|supports-color@7.2.0" + ] + }, + { + "ref": "chalk@4.1.2|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "slash@3.0.0" + }, + { + "ref": "@bcoe/v8-coverage@0.2.3" + }, + { + "ref": "collect-v8-coverage@1.0.2" + }, + { + "ref": "exit@0.1.2" + }, + { + "ref": "glob@7.2.3", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "glob@7.2.3|minimatch@3.1.2", + "once@1.4.0", + "path-is-absolute@1.0.1" + ] + }, + { + "ref": "glob@7.2.3|minimatch@3.1.2", + "dependsOn": [ + "glob@7.2.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "glob@7.2.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "graceful-fs@4.2.11" + }, + { + "ref": "istanbul-lib-coverage@3.2.2" + }, + { + "ref": "@babel/core@7.24.4", + "dependsOn": [ + "@ampproject/remapping@2.3.0", + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-compilation-targets@7.23.6", + "@babel/helper-module-transforms@7.23.3", + "@babel/helpers@7.24.4", + "@babel/parser@7.24.4", + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0", + "convert-source-map@2.0.0", + "debug@4.3.4", + "gensync@1.0.0-beta.2", + "json5@2.2.3", + "@babel/core@7.24.4|semver@6.3.1" + ] + }, + { + "ref": "@babel/core@7.24.4|semver@6.3.1" + }, + { + "ref": "@babel/parser@7.24.4" + }, + { + "ref": "@istanbuljs/schema@0.1.3" + }, + { + "ref": "istanbul-lib-report@3.0.1", + "dependsOn": [ + "istanbul-lib-coverage@3.2.2", + "make-dir@4.0.0", + "istanbul-lib-report@3.0.1|supports-color@7.2.0" + ] + }, + { + "ref": "istanbul-lib-report@3.0.1|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "istanbul-lib-source-maps@4.0.1", + "dependsOn": [ + "debug@4.3.4", + "istanbul-lib-coverage@3.2.2", + "source-map@0.6.1" + ] + }, + { + "ref": "istanbul-reports@3.1.7", + "dependsOn": [ + "html-escaper@2.0.2", + "istanbul-lib-report@3.0.1" + ] + }, + { + "ref": "merge-stream@2.0.0" + }, + { + "ref": "supports-color@8.1.1", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "string-length@4.0.2", + "dependsOn": [ + "char-regex@1.0.2", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "terminal-link@2.1.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "supports-hyperlinks@2.3.0" + ] + }, + { + "ref": "ansi-escapes@4.3.2", + "dependsOn": [ + "type-fest@0.21.3" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0", + "dependsOn": [ + "has-flag@4.0.0", + "supports-hyperlinks@2.3.0|supports-color@7.2.0" + ] + }, + { + "ref": "supports-hyperlinks@2.3.0|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "v8-to-istanbul@9.2.0", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "@types/istanbul-lib-coverage@2.0.6", + "convert-source-map@2.0.0" + ] + }, + { + "ref": "@types/istanbul-lib-coverage@2.0.6" + }, + { + "ref": "babel-plugin-istanbul@6.1.1", + "dependsOn": [ + "@babel/helper-plugin-utils@7.24.0", + "@istanbuljs/load-nyc-config@1.1.0", + "@istanbuljs/schema@0.1.3", + "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "test-exclude@6.0.0" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|istanbul-lib-instrument@5.2.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "babel-plugin-istanbul@6.1.1|semver@6.3.1" + ] + }, + { + "ref": "babel-plugin-istanbul@6.1.1|semver@6.3.1" + }, + { + "ref": "fast-json-stable-stringify@2.1.0" + }, + { + "ref": "write-file-atomic@4.0.2", + "dependsOn": [ + "imurmurhash@0.1.4", + "signal-exit@3.0.7" + ] + }, + { + "ref": "execa@5.1.1", + "dependsOn": [ + "cross-spawn@7.0.3", + "get-stream@6.0.1", + "human-signals@2.1.0", + "is-stream@2.0.1", + "merge-stream@2.0.0", + "npm-run-path@4.0.1", + "onetime@5.1.2", + "signal-exit@3.0.7", + "strip-final-newline@2.0.0" + ] + }, + { + "ref": "p-limit@3.1.0", + "dependsOn": [ + "yocto-queue@0.1.0" + ] + }, + { + "ref": "co@4.6.0" + }, + { + "ref": "is-generator-fn@2.1.0" + }, + { + "ref": "stack-utils@2.0.6", + "dependsOn": [ + "stack-utils@2.0.6|escape-string-regexp@2.0.0" + ] + }, + { + "ref": "stack-utils@2.0.6|escape-string-regexp@2.0.0" + }, + { + "ref": "parse-json@5.2.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "error-ex@1.3.2", + "json-parse-even-better-errors@2.3.1", + "lines-and-columns@1.2.4" + ] + }, + { + "ref": "strip-json-comments@3.1.1" + }, + { + "ref": "@types/graceful-fs@4.1.9", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "anymatch@3.1.3", + "dependsOn": [ + "normalize-path@3.0.0", + "picomatch@2.3.1" + ] + }, + { + "ref": "fb-watchman@2.0.2", + "dependsOn": [ + "bser@2.1.1" + ] + }, + { + "ref": "fsevents@2.3.3" + }, + { + "ref": "walker@1.0.8", + "dependsOn": [ + "makeerror@1.0.12" + ] + }, + { + "ref": "@babel/code-frame@7.24.2", + "dependsOn": [ + "@babel/highlight@7.24.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "@types/stack-utils@2.0.3" + }, + { + "ref": "jest-pnp-resolver@1.2.3", + "dependsOn": [ + "jest-resolve@29.7.0" + ] + }, + { + "ref": "detect-newline@3.1.0" + }, + { + "ref": "source-map-support@0.5.13", + "dependsOn": [ + "buffer-from@1.1.2", + "source-map@0.6.1" + ] + }, + { + "ref": "type-detect@4.0.8" + }, + { + "ref": "callsites@3.1.0" + }, + { + "ref": "cjs-module-lexer@1.2.3" + }, + { + "ref": "strip-bom@4.0.0" + }, + { + "ref": "@babel/generator@7.24.4", + "dependsOn": [ + "@babel/types@7.24.0", + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25", + "@babel/generator@7.24.4|jsesc@2.5.2" + ] + }, + { + "ref": "@babel/generator@7.24.4|jsesc@2.5.2" + }, + { + "ref": "@babel/plugin-syntax-typescript@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/generator@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-function-name@7.23.0", + "@babel/helper-hoist-variables@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "debug@4.3.4", + "@babel/traverse@7.24.1|globals@11.12.0" + ] + }, + { + "ref": "@babel/traverse@7.24.1|globals@11.12.0" + }, + { + "ref": "@babel/types@7.24.0", + "dependsOn": [ + "@babel/helper-string-parser@7.24.1", + "@babel/helper-validator-identifier@7.22.20", + "to-fast-properties@2.0.0" + ] + }, + { + "ref": "@types/babel__traverse@7.20.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/prettier@2.7.3" + }, + { + "ref": "babel-preset-current-node-syntax@1.0.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/plugin-syntax-async-generators@7.8.4", + "@babel/plugin-syntax-bigint@7.8.3", + "@babel/plugin-syntax-class-properties@7.12.13", + "@babel/plugin-syntax-import-meta@7.10.4", + "@babel/plugin-syntax-json-strings@7.8.3", + "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "@babel/plugin-syntax-numeric-separator@7.10.4", + "@babel/plugin-syntax-object-rest-spread@7.8.3", + "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "@babel/plugin-syntax-optional-chaining@7.8.3", + "@babel/plugin-syntax-top-level-await@7.14.5" + ] + }, + { + "ref": "natural-compare@1.4.0" + }, + { + "ref": "leven@3.1.0" + }, + { + "ref": "react-is@18.2.0" + }, + { + "ref": "rimraf@3.0.2", + "dependsOn": [ + "glob@7.2.3" + ] + }, + { + "ref": "@types/istanbul-reports@3.0.4", + "dependsOn": [ + "@types/istanbul-lib-report@3.0.3" + ] + }, + { + "ref": "@types/yargs@17.0.32", + "dependsOn": [ + "@types/yargs-parser@21.0.3" + ] + }, + { + "ref": "import-local@3.1.0", + "dependsOn": [ + "pkg-dir@4.2.0", + "resolve-cwd@3.0.0" + ] + }, + { + "ref": "prompts@2.4.2", + "dependsOn": [ + "kleur@3.0.3", + "sisteransi@1.0.5" + ] + }, + { + "ref": "kleur@3.0.3" + }, + { + "ref": "sisteransi@1.0.5" + }, + { + "ref": "yargs@17.7.2", + "dependsOn": [ + "cliui@8.0.1", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs@17.7.2|yargs-parser@21.1.1" + ] + }, + { + "ref": "yargs@17.7.2|yargs-parser@21.1.1" + }, + { + "ref": "json-diff@0.9.1", + "dependsOn": [ + "cli-color@2.0.4", + "difflib@0.2.4", + "dreamopt@0.8.0" + ] + }, + { + "ref": "cli-color@2.0.4", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "memoizee@0.4.15", + "timers-ext@0.1.7" + ] + }, + { + "ref": "d@1.0.2", + "dependsOn": [ + "es5-ext@0.10.64", + "type@2.7.2" + ] + }, + { + "ref": "es5-ext@0.10.64", + "dependsOn": [ + "es6-iterator@2.0.3", + "es6-symbol@3.1.4", + "esniff@2.0.1", + "next-tick@1.1.0" + ] + }, + { + "ref": "type@2.7.2" + }, + { + "ref": "es6-iterator@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "es6-symbol@3.1.4", + "dependsOn": [ + "d@1.0.2", + "ext@1.7.0" + ] + }, + { + "ref": "ext@1.7.0", + "dependsOn": [ + "type@2.7.2" + ] + }, + { + "ref": "esniff@2.0.1", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "event-emitter@0.3.5", + "type@2.7.2" + ] + }, + { + "ref": "event-emitter@0.3.5", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64" + ] + }, + { + "ref": "next-tick@1.1.0" + }, + { + "ref": "memoizee@0.4.15", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-weak-map@2.0.3", + "event-emitter@0.3.5", + "is-promise@2.2.2", + "lru-queue@0.1.0", + "next-tick@1.1.0", + "timers-ext@0.1.7" + ] + }, + { + "ref": "es6-weak-map@2.0.3", + "dependsOn": [ + "d@1.0.2", + "es5-ext@0.10.64", + "es6-iterator@2.0.3", + "es6-symbol@3.1.4" + ] + }, + { + "ref": "is-promise@2.2.2" + }, + { + "ref": "lru-queue@0.1.0", + "dependsOn": [ + "es5-ext@0.10.64" + ] + }, + { + "ref": "timers-ext@0.1.7", + "dependsOn": [ + "es5-ext@0.10.64", + "next-tick@1.1.0" + ] + }, + { + "ref": "difflib@0.2.4", + "dependsOn": [ + "heap@0.2.7" + ] + }, + { + "ref": "heap@0.2.7" + }, + { + "ref": "dreamopt@0.8.0", + "dependsOn": [ + "wordwrap@1.0.0" + ] + }, + { + "ref": "wordwrap@1.0.0" + }, + { + "ref": "jstoxml@3.2.10" + }, + { + "ref": "pretty@2.0.0", + "dependsOn": [ + "condense-newlines@0.2.1", + "extend-shallow@2.0.1", + "js-beautify@1.15.1" + ] + }, + { + "ref": "condense-newlines@0.2.1", + "dependsOn": [ + "extend-shallow@2.0.1", + "is-whitespace@0.3.0", + "kind-of@3.2.2" + ] + }, + { + "ref": "extend-shallow@2.0.1", + "dependsOn": [ + "is-extendable@0.1.1" + ] + }, + { + "ref": "is-whitespace@0.3.0" + }, + { + "ref": "kind-of@3.2.2", + "dependsOn": [ + "is-buffer@1.1.6" + ] + }, + { + "ref": "is-buffer@1.1.6" + }, + { + "ref": "is-extendable@0.1.1" + }, + { + "ref": "js-beautify@1.15.1", + "dependsOn": [ + "config-chain@1.1.13", + "editorconfig@1.0.4", + "js-beautify@1.15.1|glob@10.3.12", + "js-cookie@3.0.5", + "nopt@7.2.0" + ] + }, + { + "ref": "js-beautify@1.15.1|glob@10.3.12", + "dependsOn": [ + "foreground-child@3.1.1", + "jackspeak@2.3.6", + "minimatch@9.0.4", + "js-beautify@1.15.1|minipass@7.0.4", + "path-scurry@1.10.2" + ] + }, + { + "ref": "js-beautify@1.15.1|minipass@7.0.4" + }, + { + "ref": "config-chain@1.1.13", + "dependsOn": [ + "ini@1.3.8", + "proto-list@1.2.4" + ] + }, + { + "ref": "ini@1.3.8" + }, + { + "ref": "proto-list@1.2.4" + }, + { + "ref": "editorconfig@1.0.4", + "dependsOn": [ + "@one-ini/wasm@0.1.1", + "commander@10.0.1", + "editorconfig@1.0.4|minimatch@9.0.1", + "semver@7.6.2" + ] + }, + { + "ref": "editorconfig@1.0.4|minimatch@9.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "@one-ini/wasm@0.1.1" + }, + { + "ref": "commander@10.0.1" + }, + { + "ref": "brace-expansion@2.0.1", + "dependsOn": [ + "balanced-match@1.0.2" + ] + }, + { + "ref": "js-cookie@3.0.5" + }, + { + "ref": "nopt@7.2.0", + "dependsOn": [ + "abbrev@2.0.0" + ] + }, + { + "ref": "abbrev@2.0.0" + }, + { + "ref": "@types/babel__core@7.20.5", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0", + "@types/babel__generator@7.6.8", + "@types/babel__template@7.4.4", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "@babel/template@7.24.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "bs-logger@0.2.6", + "dependsOn": [ + "fast-json-stable-stringify@2.1.0" + ] + }, + { + "ref": "json5@2.2.3" + }, + { + "ref": "lodash.memoize@4.1.2" + }, + { + "ref": "@oclif/core@3.26.9", + "dependsOn": [ + "@types/cli-progress@3.11.5", + "ansi-escapes@4.3.2", + "ansi-styles@4.3.0", + "cardinal@2.1.1", + "chalk@4.1.2", + "clean-stack@3.0.1", + "cli-progress@3.12.0", + "color@4.2.3", + "@oclif/core@3.26.9|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "hyperlinker@1.0.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "@oclif/core@3.26.9|js-yaml@3.14.1", + "minimatch@9.0.4", + "natural-orderby@2.0.3", + "object-treeify@1.1.33", + "password-prompt@1.1.3", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "supports-color@8.1.1", + "supports-hyperlinks@2.3.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/core@3.26.9|debug@4.3.5", + "dependsOn": [ + "@oclif/core@3.26.9|ms@2.1.2" + ] + }, + { + "ref": "@oclif/core@3.26.9|ms@2.1.2" + }, + { + "ref": "@oclif/core@3.26.9|js-yaml@3.14.1", + "dependsOn": [ + "@oclif/core@3.26.9|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@oclif/core@3.26.9|argparse@1.0.10", + "dependsOn": [ + "@oclif/core@3.26.9|sprintf-js@1.0.3" + ] + }, + { + "ref": "@oclif/core@3.26.9|sprintf-js@1.0.3" + }, + { + "ref": "@types/cli-progress@3.11.5", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "type-fest@0.21.3" + }, + { + "ref": "color-convert@2.0.1", + "dependsOn": [ + "color-name@1.1.4" + ] + }, + { + "ref": "cardinal@2.1.1", + "dependsOn": [ + "ansicolors@0.3.2", + "redeyed@2.1.1" + ] + }, + { + "ref": "ansicolors@0.3.2" + }, + { + "ref": "redeyed@2.1.1", + "dependsOn": [ + "esprima@4.0.1" + ] + }, + { + "ref": "esprima@4.0.1" + }, + { + "ref": "has-flag@4.0.0" + }, + { + "ref": "clean-stack@3.0.1", + "dependsOn": [ + "escape-string-regexp@4.0.0" + ] + }, + { + "ref": "escape-string-regexp@4.0.0" + }, + { + "ref": "cli-progress@3.12.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "color@4.2.3", + "dependsOn": [ + "color-convert@2.0.1", + "color-string@1.9.1" + ] + }, + { + "ref": "color-string@1.9.1", + "dependsOn": [ + "color-name@1.1.4", + "simple-swizzle@0.2.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2", + "dependsOn": [ + "simple-swizzle@0.2.2|is-arrayish@0.3.2" + ] + }, + { + "ref": "simple-swizzle@0.2.2|is-arrayish@0.3.2" + }, + { + "ref": "ejs@3.1.10", + "dependsOn": [ + "jake@10.8.7" + ] + }, + { + "ref": "jake@10.8.7", + "dependsOn": [ + "async@3.2.5", + "chalk@4.1.2", + "filelist@1.0.4", + "jake@10.8.7|minimatch@3.1.2" + ] + }, + { + "ref": "jake@10.8.7|minimatch@3.1.2", + "dependsOn": [ + "jake@10.8.7|brace-expansion@1.1.11" + ] + }, + { + "ref": "jake@10.8.7|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "async@3.2.5" + }, + { + "ref": "filelist@1.0.4", + "dependsOn": [ + "filelist@1.0.4|minimatch@5.1.6" + ] + }, + { + "ref": "filelist@1.0.4|minimatch@5.1.6", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "balanced-match@1.0.2" + }, + { + "ref": "concat-map@0.0.1" + }, + { + "ref": "get-package-type@0.1.0" + }, + { + "ref": "globby@11.1.0", + "dependsOn": [ + "array-union@2.1.0", + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "slash@3.0.0" + ] + }, + { + "ref": "array-union@2.1.0" + }, + { + "ref": "dir-glob@3.0.1", + "dependsOn": [ + "path-type@4.0.0" + ] + }, + { + "ref": "path-type@4.0.0" + }, + { + "ref": "ignore@5.3.1" + }, + { + "ref": "hyperlinker@1.0.0" + }, + { + "ref": "indent-string@4.0.0" + }, + { + "ref": "is-wsl@2.2.0", + "dependsOn": [ + "is-docker@2.2.1" + ] + }, + { + "ref": "is-docker@2.2.1" + }, + { + "ref": "natural-orderby@2.0.3" + }, + { + "ref": "object-treeify@1.1.33" + }, + { + "ref": "password-prompt@1.1.3", + "dependsOn": [ + "ansi-escapes@4.3.2", + "cross-spawn@7.0.3" + ] + }, + { + "ref": "slice-ansi@4.0.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "astral-regex@2.0.0", + "is-fullwidth-code-point@3.0.0" + ] + }, + { + "ref": "astral-regex@2.0.0" + }, + { + "ref": "widest-line@3.1.0", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug" + ] + }, + { + "ref": "BomRef.okvgjdrtm6.tqh1scmn9b8", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0", + "dependsOn": [ + "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|@oclif/core@4.0.0-beta.13", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "@oclif/plugin-help@6.1.0|supports-color@9.4.0", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-help@6.1.0|supports-color@9.4.0" + }, + { + "ref": "ansis@3.2.0" + }, + { + "ref": "cli-spinners@2.9.2" + }, + { + "ref": "cosmiconfig@9.0.0", + "dependsOn": [ + "env-paths@2.2.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "parse-json@5.2.0", + "typescript@5.1.6" + ] + }, + { + "ref": "env-paths@2.2.1" + }, + { + "ref": "import-fresh@3.3.0", + "dependsOn": [ + "parent-module@1.0.1", + "resolve-from@4.0.0" + ] + }, + { + "ref": "js-yaml@4.1.0", + "dependsOn": [ + "argparse@2.0.1" + ] + }, + { + "ref": "error-ex@1.3.2", + "dependsOn": [ + "is-arrayish@0.2.1" + ] + }, + { + "ref": "json-parse-even-better-errors@2.3.1" + }, + { + "ref": "typescript@5.1.6" + }, + { + "ref": "debug@4.3.4", + "dependsOn": [ + "debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "debug@4.3.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "npm@10.8.0", + "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1", + "semver@7.6.2", + "validate-npm-package-name@5.0.1", + "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-package-arg@11.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2", + "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0", + "semver@7.6.2", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|proc-log@4.2.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|npm-run-path@5.3.0|path-key@4.0.0" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|object-treeify@4.0.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|which@4.0.0", + "dependsOn": [ + "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + ] + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|isexe@3.1.1" + }, + { + "ref": "@oclif/plugin-plugins@5.2.2|yarn@1.22.22" + }, + { + "ref": "hosted-git-info@7.0.2", + "dependsOn": [ + "hosted-git-info@7.0.2|lru-cache@10.2.2" + ] + }, + { + "ref": "hosted-git-info@7.0.2|lru-cache@10.2.2" + }, + { + "ref": "validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/config@8.3.2", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|abbrev@2.0.0", + "npm@10.8.0|archy@1.0.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|chalk@5.3.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|cli-columns@4.0.0", + "npm@10.8.0|fastest-levenshtein@1.0.16", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|init-package-json@6.0.3", + "npm@10.8.0|is-cidr@5.0.5", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|libnpmaccess@8.0.6", + "npm@10.8.0|libnpmdiff@6.1.2", + "npm@10.8.0|libnpmexec@8.1.1", + "npm@10.8.0|libnpmfund@5.0.10", + "npm@10.8.0|libnpmhook@10.0.5", + "npm@10.8.0|libnpmorg@6.0.6", + "npm@10.8.0|libnpmpack@7.0.2", + "npm@10.8.0|libnpmpublish@9.0.8", + "npm@10.8.0|libnpmsearch@7.0.5", + "npm@10.8.0|libnpmteam@6.0.5", + "npm@10.8.0|libnpmversion@6.0.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|ms@2.1.3", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-audit-report@5.0.0", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-profile@10.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|npm-user-validate@2.0.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|qrcode-terminal@0.12.0", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|spdx-expression-parse@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|supports-color@9.4.0", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|text-table@0.2.0", + "npm@10.8.0|tiny-relative-date@1.3.0", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|validate-npm-package-name@5.0.1", + "npm@10.8.0|which@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/string-locale-compare@1.1.0" + }, + { + "ref": "npm@10.8.0|@npmcli/arborist@7.5.2", + "dependsOn": [ + "npm@10.8.0|@isaacs/string-locale-compare@1.1.0", + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/query@3.1.0", + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|bin-links@4.0.4", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|common-ancestor-path@1.0.1", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|json-stringify-nice@1.1.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|parse-conflict-json@3.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|proggy@2.0.0", + "npm@10.8.0|promise-all-reject-late@1.0.1", + "npm@10.8.0|promise-call-limit@3.0.1", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|treeverse@3.0.0", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/fs@3.1.1", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "dependsOn": [ + "npm@10.8.0|npm-bundled@3.0.1", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-bundled@3.0.1", + "dependsOn": [ + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-normalize-package-bin@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/name-from-folder@2.0.0", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|read-package-json-fast@3.0.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/metavuln-calculator@7.1.1", + "dependsOn": [ + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|cacache@18.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/fs@3.1.1", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass-collect@2.0.1", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|p-map@4.0.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|unique-filename@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|json-parse-even-better-errors@3.0.2" + }, + { + "ref": "npm@10.8.0|pacote@18.0.6", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|fs-minipass@3.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-packlist@8.0.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|proc-log@4.2.0" + }, + { + "ref": "npm@10.8.0|semver@7.6.2" + }, + { + "ref": "npm@10.8.0|@npmcli/name-from-folder@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/node-gyp@3.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/package-json@5.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/query@3.1.0", + "dependsOn": [ + "npm@10.8.0|postcss-selector-parser@6.0.16" + ] + }, + { + "ref": "npm@10.8.0|postcss-selector-parser@6.0.16", + "dependsOn": [ + "npm@10.8.0|cssesc@3.0.0", + "npm@10.8.0|util-deprecate@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|cssesc@3.0.0" + }, + { + "ref": "npm@10.8.0|util-deprecate@1.0.2" + }, + { + "ref": "npm@10.8.0|@npmcli/redact@2.0.0" + }, + { + "ref": "npm@10.8.0|@npmcli/run-script@8.1.0", + "dependsOn": [ + "npm@10.8.0|@npmcli/node-gyp@3.0.0", + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|node-gyp@10.1.0", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|bin-links@4.0.4", + "dependsOn": [ + "npm@10.8.0|cmd-shim@6.0.3", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|read-cmd-shim@4.0.0", + "npm@10.8.0|write-file-atomic@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|cmd-shim@6.0.3" + }, + { + "ref": "npm@10.8.0|read-cmd-shim@4.0.0" + }, + { + "ref": "npm@10.8.0|write-file-atomic@5.0.1", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|common-ancestor-path@1.0.1" + }, + { + "ref": "npm@10.8.0|hosted-git-info@7.0.2", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2" + ] + }, + { + "ref": "npm@10.8.0|json-stringify-nice@1.1.4" + }, + { + "ref": "npm@10.8.0|lru-cache@10.2.2" + }, + { + "ref": "npm@10.8.0|minimatch@9.0.4", + "dependsOn": [ + "npm@10.8.0|brace-expansion@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|nopt@7.2.1", + "dependsOn": [ + "npm@10.8.0|abbrev@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|npm-install-checks@6.3.0", + "dependsOn": [ + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-package-arg@11.0.2", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|npm-pick-manifest@9.0.1", + "dependsOn": [ + "npm@10.8.0|npm-install-checks@6.3.0", + "npm@10.8.0|npm-normalize-package-bin@3.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|npm-registry-fetch@17.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/redact@2.0.0", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-json-stream@1.0.1", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|parse-conflict-json@3.0.1", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|just-diff-apply@5.5.0", + "npm@10.8.0|just-diff@6.0.2" + ] + }, + { + "ref": "npm@10.8.0|proggy@2.0.0" + }, + { + "ref": "npm@10.8.0|promise-all-reject-late@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-call-limit@3.0.1" + }, + { + "ref": "npm@10.8.0|read-package-json-fast@3.0.2", + "dependsOn": [ + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|npm-normalize-package-bin@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ssri@10.0.6", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|treeverse@3.0.0" + }, + { + "ref": "npm@10.8.0|walk-up-path@3.0.1" + }, + { + "ref": "npm@10.8.0|@npmcli/config@8.3.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/map-workspaces@3.0.6", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|ini@4.1.2", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|ci-info@4.0.0" + }, + { + "ref": "npm@10.8.0|ini@4.1.2" + }, + { + "ref": "npm@10.8.0|glob@10.3.15", + "dependsOn": [ + "npm@10.8.0|foreground-child@3.1.1", + "npm@10.8.0|jackspeak@2.3.6", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|path-scurry@1.11.1" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/git@5.0.7", + "dependsOn": [ + "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|npm-pick-manifest@9.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-inflight@1.0.1", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/promise-spawn@7.0.2", + "dependsOn": [ + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|promise-inflight@1.0.1" + }, + { + "ref": "npm@10.8.0|promise-retry@2.0.1", + "dependsOn": [ + "npm@10.8.0|err-code@2.0.3", + "npm@10.8.0|retry@0.12.0" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0", + "dependsOn": [ + "npm@10.8.0|which@4.0.0|isexe@3.1.1" + ] + }, + { + "ref": "npm@10.8.0|which@4.0.0|isexe@3.1.1" + }, + { + "ref": "npm@10.8.0|normalize-package-data@6.0.1", + "dependsOn": [ + "npm@10.8.0|hosted-git-info@7.0.2", + "npm@10.8.0|is-core-module@2.13.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0", + "dependsOn": [ + "npm@10.8.0|env-paths@2.2.1", + "npm@10.8.0|exponential-backoff@3.1.1", + "npm@10.8.0|glob@10.3.15", + "npm@10.8.0|graceful-fs@4.2.11", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|nopt@7.2.1", + "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|tar@6.2.1", + "npm@10.8.0|which@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|node-gyp@10.1.0|proc-log@3.0.0" + }, + { + "ref": "npm@10.8.0|@sigstore/tuf@2.3.3", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|tuf-js@2.2.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + }, + { + "ref": "npm@10.8.0|tuf-js@2.2.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/models@2.0.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|make-fetch-happen@13.0.1" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/models@2.0.1", + "dependsOn": [ + "npm@10.8.0|@tufjs/canonical-json@2.0.0", + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|@tufjs/canonical-json@2.0.0" + }, + { + "ref": "npm@10.8.0|debug@4.3.4", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4|ms@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|debug@4.3.4|ms@2.1.2" + }, + { + "ref": "npm@10.8.0|make-fetch-happen@13.0.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/agent@2.2.2", + "npm@10.8.0|cacache@18.0.3", + "npm@10.8.0|http-cache-semantics@4.1.1", + "npm@10.8.0|is-lambda@1.0.1", + "npm@10.8.0|minipass-fetch@3.0.5", + "npm@10.8.0|minipass-flush@1.0.5", + "npm@10.8.0|minipass-pipeline@1.2.4", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|negotiator@0.6.3", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|abbrev@2.0.0" + }, + { + "ref": "npm@10.8.0|archy@1.0.0" + }, + { + "ref": "npm@10.8.0|fs-minipass@3.0.3", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass-collect@2.0.1", + "dependsOn": [ + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|minipass@7.1.1" + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5", + "dependsOn": [ + "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-flush@1.0.5|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|yallist@4.0.0" + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4", + "dependsOn": [ + "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-pipeline@1.2.4|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|p-map@4.0.0", + "dependsOn": [ + "npm@10.8.0|aggregate-error@3.1.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1", + "dependsOn": [ + "npm@10.8.0|chownr@2.0.0", + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "npm@10.8.0|tar@6.2.1|minipass@5.0.0", + "npm@10.8.0|minizlib@2.1.2", + "npm@10.8.0|mkdirp@1.0.4", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0", + "dependsOn": [ + "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|fs-minipass@2.1.0|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|tar@6.2.1|minipass@5.0.0" + }, + { + "ref": "npm@10.8.0|unique-filename@3.0.0", + "dependsOn": [ + "npm@10.8.0|unique-slug@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|unique-slug@4.0.0", + "dependsOn": [ + "npm@10.8.0|imurmurhash@0.1.4" + ] + }, + { + "ref": "npm@10.8.0|imurmurhash@0.1.4" + }, + { + "ref": "npm@10.8.0|chalk@5.3.0" + }, + { + "ref": "npm@10.8.0|cli-columns@4.0.0", + "dependsOn": [ + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|string-width@4.2.3", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|emoji-regex@8.0.0" + }, + { + "ref": "npm@10.8.0|is-fullwidth-code-point@3.0.0" + }, + { + "ref": "npm@10.8.0|strip-ansi@6.0.1", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|ansi-regex@5.0.1" + }, + { + "ref": "npm@10.8.0|fastest-levenshtein@1.0.16" + }, + { + "ref": "npm@10.8.0|foreground-child@3.1.1", + "dependsOn": [ + "npm@10.8.0|cross-spawn@7.0.3", + "npm@10.8.0|signal-exit@4.1.0" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3", + "dependsOn": [ + "npm@10.8.0|path-key@3.1.1", + "npm@10.8.0|shebang-command@2.0.0", + "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|cross-spawn@7.0.3|which@2.0.2", + "dependsOn": [ + "npm@10.8.0|isexe@2.0.0" + ] + }, + { + "ref": "npm@10.8.0|path-key@3.1.1" + }, + { + "ref": "npm@10.8.0|shebang-command@2.0.0", + "dependsOn": [ + "npm@10.8.0|shebang-regex@3.0.0" + ] + }, + { + "ref": "npm@10.8.0|shebang-regex@3.0.0" + }, + { + "ref": "npm@10.8.0|isexe@2.0.0" + }, + { + "ref": "npm@10.8.0|signal-exit@4.1.0" + }, + { + "ref": "npm@10.8.0|jackspeak@2.3.6", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2", + "npm@10.8.0|@pkgjs/parseargs@0.11.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2", + "dependsOn": [ + "BomRef.6h760ft6oi8.7sr4bitkllo", + "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "BomRef.uih8rvtlbdo.33q7f9m1mj", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "npm@10.8.0|wrap-ansi@7.0.0", + "npm@10.8.0|wrap-ansi@8.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2", + "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|@isaacs/cliui@8.0.2|ansi-regex@6.0.1" + }, + { + "ref": "BomRef.6h760ft6oi8.7sr4bitkllo", + "dependsOn": [ + "npm@10.8.0|emoji-regex@8.0.0", + "npm@10.8.0|is-fullwidth-code-point@3.0.0", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|eastasianwidth@0.2.0" + }, + { + "ref": "BomRef.uih8rvtlbdo.33q7f9m1mj", + "dependsOn": [ + "npm@10.8.0|ansi-regex@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "npm@10.8.0|string-width@4.2.3", + "npm@10.8.0|strip-ansi@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@7.0.0|ansi-styles@4.3.0", + "dependsOn": [ + "npm@10.8.0|color-convert@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|color-convert@2.0.1", + "dependsOn": [ + "npm@10.8.0|color-name@1.1.4" + ] + }, + { + "ref": "npm@10.8.0|color-name@1.1.4" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0", + "dependsOn": [ + "npm@10.8.0|ansi-styles@6.2.1", + "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|string-width@5.1.2", + "dependsOn": [ + "npm@10.8.0|eastasianwidth@0.2.0", + "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2", + "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|emoji-regex@9.2.2" + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|strip-ansi@7.1.0", + "dependsOn": [ + "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + ] + }, + { + "ref": "npm@10.8.0|wrap-ansi@8.1.0|ansi-regex@6.0.1" + }, + { + "ref": "npm@10.8.0|ansi-styles@6.2.1" + }, + { + "ref": "npm@10.8.0|@pkgjs/parseargs@0.11.0" + }, + { + "ref": "npm@10.8.0|path-scurry@1.11.1", + "dependsOn": [ + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|minipass@7.1.1" + ] + }, + { + "ref": "npm@10.8.0|graceful-fs@4.2.11" + }, + { + "ref": "npm@10.8.0|init-package-json@6.0.3", + "dependsOn": [ + "npm@10.8.0|@npmcli/package-json@5.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|promzard@1.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|validate-npm-package-license@3.0.4", + "npm@10.8.0|validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "npm@10.8.0|promzard@1.0.2", + "dependsOn": [ + "npm@10.8.0|read@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|read@3.0.1", + "dependsOn": [ + "npm@10.8.0|mute-stream@1.0.0" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0", + "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|validate-npm-package-license@3.0.4|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0", + "dependsOn": [ + "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-correct@3.2.0|spdx-expression-parse@3.0.1", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|spdx-exceptions@2.5.0" + }, + { + "ref": "npm@10.8.0|spdx-license-ids@3.0.17" + }, + { + "ref": "npm@10.8.0|validate-npm-package-name@5.0.1" + }, + { + "ref": "npm@10.8.0|is-cidr@5.0.5", + "dependsOn": [ + "npm@10.8.0|cidr-regex@4.0.5" + ] + }, + { + "ref": "npm@10.8.0|cidr-regex@4.0.5", + "dependsOn": [ + "npm@10.8.0|ip-regex@5.0.0" + ] + }, + { + "ref": "npm@10.8.0|ip-regex@5.0.0" + }, + { + "ref": "npm@10.8.0|libnpmaccess@8.0.6", + "dependsOn": [ + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmdiff@6.1.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/installed-package-contents@2.1.0", + "npm@10.8.0|binary-extensions@2.3.0", + "npm@10.8.0|diff@5.2.0", + "npm@10.8.0|minimatch@9.0.4", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|tar@6.2.1" + ] + }, + { + "ref": "npm@10.8.0|binary-extensions@2.3.0" + }, + { + "ref": "npm@10.8.0|diff@5.2.0" + }, + { + "ref": "npm@10.8.0|libnpmexec@8.1.1", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|read-package-json-fast@3.0.2", + "npm@10.8.0|read@3.0.1", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|walk-up-path@3.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmfund@5.0.10", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmhook@10.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|aproba@2.0.0" + }, + { + "ref": "npm@10.8.0|libnpmorg@6.0.6", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmpack@7.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/arborist@7.5.2", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|pacote@18.0.6" + ] + }, + { + "ref": "npm@10.8.0|libnpmpublish@9.0.8", + "dependsOn": [ + "npm@10.8.0|ci-info@4.0.0", + "npm@10.8.0|normalize-package-data@6.0.1", + "npm@10.8.0|npm-package-arg@11.0.2", + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2", + "npm@10.8.0|sigstore@2.3.0", + "npm@10.8.0|ssri@10.0.6" + ] + }, + { + "ref": "npm@10.8.0|sigstore@2.3.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|@sigstore/sign@2.3.1", + "npm@10.8.0|@sigstore/tuf@2.3.3", + "npm@10.8.0|@sigstore/verify@1.2.0" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/bundle@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/core@1.1.0" + }, + { + "ref": "npm@10.8.0|@sigstore/sign@2.3.1", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2", + "npm@10.8.0|make-fetch-happen@13.0.1", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|promise-retry@2.0.1" + ] + }, + { + "ref": "npm@10.8.0|@sigstore/verify@1.2.0", + "dependsOn": [ + "npm@10.8.0|@sigstore/bundle@2.3.1", + "npm@10.8.0|@sigstore/core@1.1.0", + "npm@10.8.0|@sigstore/protobuf-specs@0.3.2" + ] + }, + { + "ref": "npm@10.8.0|libnpmsearch@7.0.5", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmteam@6.0.5", + "dependsOn": [ + "npm@10.8.0|aproba@2.0.0", + "npm@10.8.0|npm-registry-fetch@17.0.1" + ] + }, + { + "ref": "npm@10.8.0|libnpmversion@6.0.2", + "dependsOn": [ + "npm@10.8.0|@npmcli/git@5.0.7", + "npm@10.8.0|@npmcli/run-script@8.1.0", + "npm@10.8.0|json-parse-even-better-errors@3.0.2", + "npm@10.8.0|proc-log@4.2.0", + "npm@10.8.0|semver@7.6.2" + ] + }, + { + "ref": "npm@10.8.0|@npmcli/agent@2.2.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|http-proxy-agent@7.0.2", + "npm@10.8.0|https-proxy-agent@7.0.4", + "npm@10.8.0|lru-cache@10.2.2", + "npm@10.8.0|socks-proxy-agent@8.0.3" + ] + }, + { + "ref": "npm@10.8.0|agent-base@7.1.1", + "dependsOn": [ + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|http-proxy-agent@7.0.2", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|https-proxy-agent@7.0.4", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4" + ] + }, + { + "ref": "npm@10.8.0|socks-proxy-agent@8.0.3", + "dependsOn": [ + "npm@10.8.0|agent-base@7.1.1", + "npm@10.8.0|debug@4.3.4", + "npm@10.8.0|socks@2.8.3" + ] + }, + { + "ref": "npm@10.8.0|socks@2.8.3", + "dependsOn": [ + "npm@10.8.0|ip-address@9.0.5", + "npm@10.8.0|smart-buffer@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|ip-address@9.0.5", + "dependsOn": [ + "npm@10.8.0|jsbn@1.1.0", + "npm@10.8.0|sprintf-js@1.1.3" + ] + }, + { + "ref": "npm@10.8.0|jsbn@1.1.0" + }, + { + "ref": "npm@10.8.0|sprintf-js@1.1.3" + }, + { + "ref": "npm@10.8.0|smart-buffer@4.2.0" + }, + { + "ref": "npm@10.8.0|http-cache-semantics@4.1.1" + }, + { + "ref": "npm@10.8.0|is-lambda@1.0.1" + }, + { + "ref": "npm@10.8.0|minipass-fetch@3.0.5", + "dependsOn": [ + "npm@10.8.0|encoding@0.1.13", + "npm@10.8.0|minipass-sized@1.0.3", + "npm@10.8.0|minipass@7.1.1", + "npm@10.8.0|minizlib@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|encoding@0.1.13", + "dependsOn": [ + "npm@10.8.0|iconv-lite@0.6.3" + ] + }, + { + "ref": "npm@10.8.0|iconv-lite@0.6.3", + "dependsOn": [ + "npm@10.8.0|safer-buffer@2.1.2" + ] + }, + { + "ref": "npm@10.8.0|safer-buffer@2.1.2" + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3", + "dependsOn": [ + "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-sized@1.0.3|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2", + "dependsOn": [ + "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|minizlib@2.1.2|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|negotiator@0.6.3" + }, + { + "ref": "npm@10.8.0|err-code@2.0.3" + }, + { + "ref": "npm@10.8.0|retry@0.12.0" + }, + { + "ref": "npm@10.8.0|brace-expansion@2.0.1", + "dependsOn": [ + "npm@10.8.0|balanced-match@1.0.2" + ] + }, + { + "ref": "npm@10.8.0|balanced-match@1.0.2" + }, + { + "ref": "npm@10.8.0|ms@2.1.3" + }, + { + "ref": "npm@10.8.0|env-paths@2.2.1" + }, + { + "ref": "npm@10.8.0|exponential-backoff@3.1.1" + }, + { + "ref": "npm@10.8.0|is-core-module@2.13.1", + "dependsOn": [ + "npm@10.8.0|hasown@2.0.2" + ] + }, + { + "ref": "npm@10.8.0|hasown@2.0.2", + "dependsOn": [ + "npm@10.8.0|function-bind@1.1.2" + ] + }, + { + "ref": "npm@10.8.0|function-bind@1.1.2" + }, + { + "ref": "npm@10.8.0|npm-audit-report@5.0.0" + }, + { + "ref": "npm@10.8.0|npm-profile@10.0.0", + "dependsOn": [ + "npm@10.8.0|npm-registry-fetch@17.0.1", + "npm@10.8.0|proc-log@4.2.0" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1", + "dependsOn": [ + "npm@10.8.0|jsonparse@1.3.1", + "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6" + ] + }, + { + "ref": "npm@10.8.0|minipass-json-stream@1.0.1|minipass@3.3.6", + "dependsOn": [ + "npm@10.8.0|yallist@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|jsonparse@1.3.1" + }, + { + "ref": "npm@10.8.0|npm-user-validate@2.0.1" + }, + { + "ref": "npm@10.8.0|aggregate-error@3.1.0", + "dependsOn": [ + "npm@10.8.0|clean-stack@2.2.0", + "npm@10.8.0|indent-string@4.0.0" + ] + }, + { + "ref": "npm@10.8.0|clean-stack@2.2.0" + }, + { + "ref": "npm@10.8.0|indent-string@4.0.0" + }, + { + "ref": "npm@10.8.0|npm-packlist@8.0.2", + "dependsOn": [ + "npm@10.8.0|ignore-walk@6.0.5" + ] + }, + { + "ref": "npm@10.8.0|ignore-walk@6.0.5", + "dependsOn": [ + "npm@10.8.0|minimatch@9.0.4" + ] + }, + { + "ref": "npm@10.8.0|just-diff-apply@5.5.0" + }, + { + "ref": "npm@10.8.0|just-diff@6.0.2" + }, + { + "ref": "npm@10.8.0|qrcode-terminal@0.12.0" + }, + { + "ref": "npm@10.8.0|mute-stream@1.0.0" + }, + { + "ref": "npm@10.8.0|spdx-expression-parse@4.0.0", + "dependsOn": [ + "npm@10.8.0|spdx-exceptions@2.5.0", + "npm@10.8.0|spdx-license-ids@3.0.17" + ] + }, + { + "ref": "npm@10.8.0|supports-color@9.4.0" + }, + { + "ref": "npm@10.8.0|chownr@2.0.0" + }, + { + "ref": "npm@10.8.0|mkdirp@1.0.4" + }, + { + "ref": "npm@10.8.0|text-table@0.2.0" + }, + { + "ref": "npm@10.8.0|tiny-relative-date@1.3.0" + }, + { + "ref": "@oclif/plugin-version@2.2.2", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "ansis@3.2.0" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-version@2.2.2|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-version@2.2.2|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-version@2.2.2|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "ansis@3.2.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "lodash@4.17.21" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "dependsOn": [ + "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|ms@2.1.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0", + "dependsOn": [ + "content-type@1.0.5", + "@oclif/plugin-warn-if-update-available@3.1.4|debug@4.3.5", + "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0", + "is-stream@2.0.1", + "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|http-call@5.3.0|parse-json@4.0.0", + "dependsOn": [ + "error-ex@1.3.2", + "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + ] + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|is-retry-allowed@1.1.0" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|json-parse-better-errors@1.0.2" + }, + { + "ref": "@oclif/plugin-warn-if-update-available@3.1.4|tunnel-agent@0.6.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "content-type@1.0.5" + }, + { + "ref": "is-stream@2.0.1" + }, + { + "ref": "is-arrayish@0.2.1" + }, + { + "ref": "safe-buffer@5.2.1" + }, + { + "ref": "@oclif/test@3.2.15", + "dependsOn": [ + "@oclif/core@3.26.9", + "chai@4.4.1", + "fancy-test@3.0.15" + ] + }, + { + "ref": "chai@4.4.1", + "dependsOn": [ + "assertion-error@1.1.0", + "check-error@1.0.3", + "deep-eql@4.1.3", + "get-func-name@2.0.2", + "loupe@2.3.7", + "pathval@1.1.1", + "type-detect@4.0.8" + ] + }, + { + "ref": "fancy-test@3.0.15", + "dependsOn": [ + "@types/chai@4.3.14", + "@types/lodash@4.17.4", + "@types/node@20.14.1", + "@types/sinon@17.0.3", + "lodash@4.17.21", + "mock-stdin@1.0.0", + "nock@13.5.4", + "sinon@16.1.3", + "stdout-stderr@0.1.13" + ] + }, + { + "ref": "@types/chai@4.3.14" + }, + { + "ref": "@types/sinon@17.0.3", + "dependsOn": [ + "@types/sinonjs__fake-timers@8.1.5" + ] + }, + { + "ref": "@types/sinonjs__fake-timers@8.1.5" + }, + { + "ref": "mock-stdin@1.0.0" + }, + { + "ref": "nock@13.5.4", + "dependsOn": [ + "debug@4.3.4", + "json-stringify-safe@5.0.1", + "propagate@2.0.1" + ] + }, + { + "ref": "json-stringify-safe@5.0.1" + }, + { + "ref": "propagate@2.0.1" + }, + { + "ref": "sinon@16.1.3", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "@sinonjs/fake-timers@10.3.0", + "@sinonjs/samsam@8.0.0", + "sinon@16.1.3|diff@5.2.0", + "nise@5.1.9", + "sinon@16.1.3|supports-color@7.2.0" + ] + }, + { + "ref": "sinon@16.1.3|diff@5.2.0" + }, + { + "ref": "sinon@16.1.3|supports-color@7.2.0", + "dependsOn": [ + "has-flag@4.0.0" + ] + }, + { + "ref": "@sinonjs/commons@3.0.1", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/fake-timers@10.3.0", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0", + "dependsOn": [ + "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "lodash.get@4.4.2", + "type-detect@4.0.8" + ] + }, + { + "ref": "@sinonjs/samsam@8.0.0|@sinonjs/commons@2.0.0", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "lodash.get@4.4.2" + }, + { + "ref": "nise@5.1.9", + "dependsOn": [ + "@sinonjs/commons@3.0.1", + "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "@sinonjs/text-encoding@0.7.2", + "just-extend@6.2.0", + "nise@5.1.9|path-to-regexp@6.2.2" + ] + }, + { + "ref": "nise@5.1.9|@sinonjs/fake-timers@11.2.2", + "dependsOn": [ + "@sinonjs/commons@3.0.1" + ] + }, + { + "ref": "nise@5.1.9|path-to-regexp@6.2.2" + }, + { + "ref": "@sinonjs/text-encoding@0.7.2" + }, + { + "ref": "just-extend@6.2.0" + }, + { + "ref": "stdout-stderr@0.1.13", + "dependsOn": [ + "debug@4.3.4", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@smithy/abort-controller@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@types/express@4.17.21", + "dependsOn": [ + "@types/body-parser@1.19.5", + "@types/express-serve-static-core@4.19.0", + "@types/qs@6.9.15", + "@types/serve-static@1.15.7" + ] + }, + { + "ref": "@types/body-parser@1.19.5", + "dependsOn": [ + "@types/connect@3.4.38", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/connect@3.4.38", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/express-serve-static-core@4.19.0", + "dependsOn": [ + "@types/node@20.14.1", + "@types/qs@6.9.15", + "@types/range-parser@1.2.7", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/qs@6.9.15" + }, + { + "ref": "@types/range-parser@1.2.7" + }, + { + "ref": "@types/send@0.17.4", + "dependsOn": [ + "@types/mime@1.3.5", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/mime@1.3.5" + }, + { + "ref": "@types/serve-static@1.15.7", + "dependsOn": [ + "@types/http-errors@2.0.4", + "@types/node@20.14.1", + "@types/send@0.17.4" + ] + }, + { + "ref": "@types/http-errors@2.0.4" + }, + { + "ref": "@types/fs-extra@11.0.4", + "dependsOn": [ + "@types/jsonfile@6.1.4", + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/jsonfile@6.1.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/get-installed-path@4.0.3" + }, + { + "ref": "@types/jest@29.5.12", + "dependsOn": [ + "expect@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "expect@29.7.0", + "dependsOn": [ + "@jest/expect-utils@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/expect-utils@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3" + ] + }, + { + "ref": "jest-get-type@29.6.3" + }, + { + "ref": "jest-matcher-utils@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-diff@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "diff-sequences@29.6.3", + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "diff-sequences@29.6.3" + }, + { + "ref": "pretty-format@29.7.0", + "dependsOn": [ + "@jest/schemas@29.6.3", + "pretty-format@29.7.0|ansi-styles@5.2.0", + "react-is@18.2.0" + ] + }, + { + "ref": "pretty-format@29.7.0|ansi-styles@5.2.0" + }, + { + "ref": "jest-message-util@29.7.0", + "dependsOn": [ + "@babel/code-frame@7.24.2", + "@jest/types@29.6.3", + "@types/stack-utils@2.0.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/types@29.6.3", + "dependsOn": [ + "@jest/schemas@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "@types/istanbul-reports@3.0.4", + "@types/node@20.14.1", + "@types/yargs@17.0.32", + "chalk@4.1.2" + ] + }, + { + "ref": "jest-util@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-util@29.7.0|ci-info@3.9.0", + "graceful-fs@4.2.11", + "picomatch@2.3.1" + ] + }, + { + "ref": "jest-util@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/schemas@29.6.3", + "dependsOn": [ + "@sinclair/typebox@0.27.8" + ] + }, + { + "ref": "@sinclair/typebox@0.27.8" + }, + { + "ref": "@types/js-yaml@4.0.9" + }, + { + "ref": "@types/mocha@10.0.6" + }, + { + "ref": "@types/mock-fs@4.13.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "undici-types@5.26.5" + }, + { + "ref": "@types/objects-to-csv@1.3.3" + }, + { + "ref": "@types/prompt-sync@4.2.3" + }, + { + "ref": "@types/tmp@0.2.6" + }, + { + "ref": "@types/uuid@9.0.8" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0", + "dependsOn": [ + "@eslint-community/regexpp@4.10.0", + "@typescript-eslint/parser@7.7.1", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/type-utils@7.12.0", + "@typescript-eslint/utils@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "eslint@8.57.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "natural-compare@1.4.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/eslint-plugin@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@eslint-community/regexpp@4.10.0" + }, + { + "ref": "@typescript-eslint/parser@7.7.1", + "dependsOn": [ + "@typescript-eslint/scope-manager@7.7.1", + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/typescript-estree@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/scope-manager@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1" + ] + }, + { + "ref": "@typescript-eslint/types@7.7.1" + }, + { + "ref": "@typescript-eslint/visitor-keys@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/typescript-estree@7.7.1", + "dependsOn": [ + "@typescript-eslint/types@7.7.1", + "@typescript-eslint/visitor-keys@7.7.1", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "ts-api-utils@1.3.0", + "dependsOn": [ + "typescript@5.1.6" + ] + }, + { + "ref": "eslint-visitor-keys@3.4.3" + }, + { + "ref": "eslint@8.57.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@eslint-community/regexpp@4.10.0", + "@eslint/eslintrc@2.1.4", + "@eslint/js@8.57.0", + "@humanwhocodes/config-array@0.11.14", + "@humanwhocodes/module-importer@1.0.1", + "@nodelib/fs.walk@1.2.8", + "@ungap/structured-clone@1.2.0", + "eslint@8.57.0|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "escape-string-regexp@4.0.0", + "eslint-scope@7.2.2", + "eslint-visitor-keys@3.4.3", + "espree@9.6.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "find-up@5.0.0", + "glob-parent@6.0.2", + "globals@13.24.0", + "graphemer@1.4.0", + "ignore@5.3.1", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "is-path-inside@3.0.3", + "js-yaml@4.1.0", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint@8.57.0|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "strip-ansi@6.0.1", + "text-table@0.2.0" + ] + }, + { + "ref": "eslint@8.57.0|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint@8.57.0|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint@8.57.0|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint@8.57.0|minimatch@3.1.2", + "dependsOn": [ + "eslint@8.57.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint@8.57.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "@typescript-eslint/utils@7.12.0", + "debug@4.3.4", + "eslint@8.57.0", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/type-utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0", + "dependsOn": [ + "@eslint-community/eslint-utils@4.4.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/scope-manager@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0" + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "@typescript-eslint/utils@7.12.0|@typescript-eslint/typescript-estree@7.12.0", + "dependsOn": [ + "@typescript-eslint/utils@7.12.0|@typescript-eslint/types@7.12.0", + "@typescript-eslint/utils@7.12.0|@typescript-eslint/visitor-keys@7.12.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "minimatch@9.0.4", + "semver@7.6.2", + "ts-api-utils@1.3.0" + ] + }, + { + "ref": "@eslint-community/eslint-utils@4.4.0", + "dependsOn": [ + "eslint-visitor-keys@3.4.3", + "eslint@8.57.0" + ] + }, + { + "ref": "graphemer@1.4.0" + }, + { + "ref": "accurate-search@1.2.15" + }, + { + "ref": "ajv@8.16.0", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "json-schema-traverse@1.0.0", + "require-from-string@2.0.2", + "uri-js@4.4.1" + ] + }, + { + "ref": "fast-deep-equal@3.1.3" + }, + { + "ref": "json-schema-traverse@1.0.0" + }, + { + "ref": "require-from-string@2.0.2" + }, + { + "ref": "uri-js@4.4.1", + "dependsOn": [ + "punycode@2.3.1" + ] + }, + { + "ref": "punycode@2.3.1" + }, + { + "ref": "form-data@4.0.0", + "dependsOn": [ + "asynckit@0.4.0", + "combined-stream@1.0.8", + "mime-types@2.1.35" + ] + }, + { + "ref": "proxy-from-env@1.1.0" + }, + { + "ref": "assertion-error@1.1.0" + }, + { + "ref": "check-error@1.0.3", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "get-func-name@2.0.2" + }, + { + "ref": "deep-eql@4.1.3", + "dependsOn": [ + "type-detect@4.0.8" + ] + }, + { + "ref": "loupe@2.3.7", + "dependsOn": [ + "get-func-name@2.0.2" + ] + }, + { + "ref": "pathval@1.1.1" + }, + { + "ref": "colors@1.4.0" + }, + { + "ref": "csv-parse@4.16.3" + }, + { + "ref": "dotenv@16.4.5" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/eslint-plugin@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "functional-red-black-tree@1.0.1", + "ignore@5.3.1", + "regexpp@3.2.0", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/parser@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "chalk@4.1.2", + "cross-spawn@7.0.3", + "debug@4.3.4", + "doctrine@3.0.0", + "enquirer@2.4.1", + "escape-string-regexp@4.0.0", + "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "eslint-config-oclif-typescript@1.0.3|eslint-visitor-keys@2.1.0", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "esquery@1.5.0", + "esutils@2.0.3", + "fast-deep-equal@3.1.3", + "file-entry-cache@6.0.1", + "functional-red-black-tree@1.0.1", + "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6", + "import-fresh@3.3.0", + "imurmurhash@0.1.4", + "is-glob@4.0.3", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "json-stable-stringify-without-jsonify@1.0.1", + "levn@0.4.1", + "lodash.merge@4.6.2", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "natural-compare@1.4.0", + "optionator@0.9.3", + "progress@2.0.3", + "regexpp@3.2.0", + "semver@7.6.2", + "strip-ansi@6.0.1", + "strip-json-comments@3.1.1", + "table@6.8.2", + "text-table@0.2.0", + "v8-compile-cache@2.4.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@babel/code-frame@7.12.11", + "dependsOn": [ + "@babel/highlight@7.24.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "globals@13.24.0", + "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6", + "import-fresh@3.3.0", + "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@eslint/eslintrc@0.4.3|ignore@4.0.6" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1", + "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|espree@7.3.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|js-yaml@3.14.1", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/config-array@0.5.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1", + "debug@4.3.4", + "eslint-config-oclif-typescript@1.0.3|minimatch@3.1.2" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@humanwhocodes/object-schema@1.2.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|json-schema-traverse@0.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|estraverse@4.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-utils@2.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|acorn@7.4.1" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|glob-parent@5.1.2", + "dependsOn": [ + "is-glob@4.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|argparse@1.0.10", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|sprintf-js@1.0.3" + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/types@4.33.0", + "eslint-config-oclif-typescript@1.0.3|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo-space@0.29.0", + "dependsOn": [ + "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "eslint-config-oclif-typescript@1.0.3|eslint-config-xo@0.38.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint-config-oclif-typescript@1.0.3|eslint@7.32.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0", + "dependsOn": [ + "@types/json-schema@7.0.15", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "eslint-utils@3.0.0", + "eslint@8.57.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/scope-manager@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/typescript-estree@4.33.0", + "dependsOn": [ + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/types@4.33.0", + "@typescript-eslint/experimental-utils@4.33.0|@typescript-eslint/visitor-keys@4.33.0", + "debug@4.3.4", + "globby@11.1.0", + "is-glob@4.0.3", + "semver@7.6.2", + "tsutils@3.21.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + ] + }, + { + "ref": "@typescript-eslint/experimental-utils@4.33.0|estraverse@4.3.0" + }, + { + "ref": "@types/json-schema@7.0.15" + }, + { + "ref": "tsutils@3.21.0", + "dependsOn": [ + "tsutils@3.21.0|tslib@1.14.1", + "typescript@5.1.6" + ] + }, + { + "ref": "tsutils@3.21.0|tslib@1.14.1" + }, + { + "ref": "esrecurse@4.3.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "eslint-utils@3.0.0", + "dependsOn": [ + "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-utils@3.0.0|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/highlight@7.24.2", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@babel/highlight@7.24.2|chalk@2.4.2", + "js-tokens@4.0.0", + "picocolors@1.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|chalk@2.4.2", + "dependsOn": [ + "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "@babel/highlight@7.24.2|escape-string-regexp@1.0.5", + "@babel/highlight@7.24.2|supports-color@5.5.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|ansi-styles@3.2.1", + "dependsOn": [ + "@babel/highlight@7.24.2|color-convert@1.9.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-convert@1.9.3", + "dependsOn": [ + "@babel/highlight@7.24.2|color-name@1.1.3" + ] + }, + { + "ref": "@babel/highlight@7.24.2|color-name@1.1.3" + }, + { + "ref": "@babel/highlight@7.24.2|escape-string-regexp@1.0.5" + }, + { + "ref": "@babel/highlight@7.24.2|supports-color@5.5.0", + "dependsOn": [ + "@babel/highlight@7.24.2|has-flag@3.0.0" + ] + }, + { + "ref": "@babel/highlight@7.24.2|has-flag@3.0.0" + }, + { + "ref": "globals@13.24.0", + "dependsOn": [ + "globals@13.24.0|type-fest@0.20.2" + ] + }, + { + "ref": "globals@13.24.0|type-fest@0.20.2" + }, + { + "ref": "doctrine@3.0.0", + "dependsOn": [ + "esutils@2.0.3" + ] + }, + { + "ref": "enquirer@2.4.1", + "dependsOn": [ + "ansi-colors@4.1.1", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "ansi-colors@4.1.1" + }, + { + "ref": "acorn-jsx@5.3.2", + "dependsOn": [ + "acorn@8.11.3" + ] + }, + { + "ref": "esquery@1.5.0", + "dependsOn": [ + "estraverse@5.3.0" + ] + }, + { + "ref": "esutils@2.0.3" + }, + { + "ref": "file-entry-cache@6.0.1", + "dependsOn": [ + "flat-cache@3.2.0" + ] + }, + { + "ref": "functional-red-black-tree@1.0.1" + }, + { + "ref": "imurmurhash@0.1.4" + }, + { + "ref": "json-stable-stringify-without-jsonify@1.0.1" + }, + { + "ref": "levn@0.4.1", + "dependsOn": [ + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "lodash.merge@4.6.2" + }, + { + "ref": "optionator@0.9.3", + "dependsOn": [ + "@aashutoshrathi/word-wrap@1.2.6", + "deep-is@0.1.4", + "optionator@0.9.3|fast-levenshtein@2.0.6", + "levn@0.4.1", + "prelude-ls@1.2.1", + "type-check@0.4.0" + ] + }, + { + "ref": "optionator@0.9.3|fast-levenshtein@2.0.6" + }, + { + "ref": "progress@2.0.3" + }, + { + "ref": "regexpp@3.2.0" + }, + { + "ref": "table@6.8.2", + "dependsOn": [ + "ajv@8.16.0", + "lodash.truncate@4.4.2", + "slice-ansi@4.0.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "text-table@0.2.0" + }, + { + "ref": "v8-compile-cache@2.4.0" + }, + { + "ref": "confusing-browser-globals@1.0.10" + }, + { + "ref": "eslint-plugin-mocha@9.0.0", + "dependsOn": [ + "eslint-utils@3.0.0", + "eslint@8.57.0", + "ramda@0.27.2" + ] + }, + { + "ref": "ramda@0.27.2" + }, + { + "ref": "eslint-plugin-node@11.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1", + "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "eslint@8.57.0", + "ignore@5.3.1", + "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "resolve@1.22.8", + "eslint-plugin-node@11.1.0|semver@6.3.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-plugin-node@11.1.0|minimatch@3.1.2", + "dependsOn": [ + "eslint-plugin-node@11.1.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "eslint-plugin-node@11.1.0|semver@6.3.1" + }, + { + "ref": "eslint-plugin-es@3.0.1", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "eslint@8.57.0", + "regexpp@3.2.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-utils@2.1.0", + "dependsOn": [ + "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + ] + }, + { + "ref": "eslint-plugin-es@3.0.1|eslint-visitor-keys@1.3.0" + }, + { + "ref": "eslint-config-oclif@4.0.0", + "dependsOn": [ + "eslint-config-xo-space@0.27.0", + "eslint-plugin-mocha@9.0.0", + "eslint-plugin-node@11.1.0", + "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|eslint-plugin-unicorn@36.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "eslint-config-oclif@4.0.0|ci-info@3.9.0", + "clean-regexp@1.0.0", + "eslint-template-visitor@2.3.2", + "eslint-utils@3.0.0", + "eslint@8.57.0", + "is-builtin-module@3.2.1", + "lodash@4.17.21", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "safe-regex@2.1.1", + "semver@7.6.2" + ] + }, + { + "ref": "eslint-config-oclif@4.0.0|ci-info@3.9.0" + }, + { + "ref": "eslint-config-xo-space@0.27.0", + "dependsOn": [ + "eslint-config-xo@0.35.0", + "eslint@8.57.0" + ] + }, + { + "ref": "eslint-config-xo@0.35.0", + "dependsOn": [ + "confusing-browser-globals@1.0.10", + "eslint@8.57.0" + ] + }, + { + "ref": "@babel/helper-validator-identifier@7.22.20" + }, + { + "ref": "clean-regexp@1.0.0", + "dependsOn": [ + "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "clean-regexp@1.0.0|escape-string-regexp@1.0.5" + }, + { + "ref": "eslint-template-visitor@2.3.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/eslint-parser@7.24.1", + "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "esquery@1.5.0", + "multimap@1.1.0" + ] + }, + { + "ref": "eslint-template-visitor@2.3.2|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0", + "eslint@8.57.0", + "@babel/eslint-parser@7.24.1|semver@6.3.1" + ] + }, + { + "ref": "@babel/eslint-parser@7.24.1|eslint-visitor-keys@2.1.0" + }, + { + "ref": "@babel/eslint-parser@7.24.1|semver@6.3.1" + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1", + "dependsOn": [ + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|eslint-scope@5.1.1", + "dependsOn": [ + "esrecurse@4.3.0", + "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + ] + }, + { + "ref": "@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1|estraverse@4.3.0" + }, + { + "ref": "multimap@1.1.0" + }, + { + "ref": "is-builtin-module@3.2.1", + "dependsOn": [ + "builtin-modules@3.3.0" + ] + }, + { + "ref": "pluralize@8.0.0" + }, + { + "ref": "read-pkg-up@7.0.1", + "dependsOn": [ + "read-pkg-up@7.0.1|find-up@4.1.0", + "read-pkg@5.2.0", + "read-pkg-up@7.0.1|type-fest@0.8.1" + ] + }, + { + "ref": "read-pkg-up@7.0.1|find-up@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|locate-path@5.0.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-locate@4.1.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-locate@4.1.0", + "dependsOn": [ + "read-pkg-up@7.0.1|p-limit@2.3.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "read-pkg-up@7.0.1|type-fest@0.8.1" + }, + { + "ref": "regexp-tree@0.1.27" + }, + { + "ref": "safe-regex@2.1.1", + "dependsOn": [ + "regexp-tree@0.1.27" + ] + }, + { + "ref": "eslint-plugin-unicorn@52.0.0", + "dependsOn": [ + "@babel/helper-validator-identifier@7.22.20", + "@eslint-community/eslint-utils@4.4.0", + "@eslint/eslintrc@2.1.4", + "ci-info@4.0.0", + "clean-regexp@1.0.0", + "core-js-compat@3.37.0", + "eslint@8.57.0", + "esquery@1.5.0", + "indent-string@4.0.0", + "is-builtin-module@3.2.1", + "jsesc@3.0.2", + "pluralize@8.0.0", + "read-pkg-up@7.0.1", + "regexp-tree@0.1.27", + "regjsparser@0.10.0", + "semver@7.6.2", + "strip-indent@3.0.0" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "debug@4.3.4", + "espree@9.6.1", + "globals@13.24.0", + "ignore@5.3.1", + "import-fresh@3.3.0", + "js-yaml@4.1.0", + "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "strip-json-comments@3.1.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|ajv@6.12.6", + "dependsOn": [ + "fast-deep-equal@3.1.3", + "fast-json-stable-stringify@2.1.0", + "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1", + "uri-js@4.4.1" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|json-schema-traverse@0.4.1" + }, + { + "ref": "@eslint/eslintrc@2.1.4|minimatch@3.1.2", + "dependsOn": [ + "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11" + ] + }, + { + "ref": "@eslint/eslintrc@2.1.4|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "espree@9.6.1", + "dependsOn": [ + "acorn-jsx@5.3.2", + "acorn@8.11.3", + "eslint-visitor-keys@3.4.3" + ] + }, + { + "ref": "parent-module@1.0.1", + "dependsOn": [ + "callsites@3.1.0" + ] + }, + { + "ref": "resolve-from@4.0.0" + }, + { + "ref": "ci-info@4.0.0" + }, + { + "ref": "core-js-compat@3.37.0", + "dependsOn": [ + "browserslist@4.23.0" + ] + }, + { + "ref": "browserslist@4.23.0", + "dependsOn": [ + "caniuse-lite@1.0.30001612", + "electron-to-chromium@1.4.747", + "node-releases@2.0.14", + "update-browserslist-db@1.0.13" + ] + }, + { + "ref": "caniuse-lite@1.0.30001612" + }, + { + "ref": "electron-to-chromium@1.4.747" + }, + { + "ref": "node-releases@2.0.14" + }, + { + "ref": "update-browserslist-db@1.0.13", + "dependsOn": [ + "browserslist@4.23.0", + "escalade@3.1.2", + "picocolors@1.0.0" + ] + }, + { + "ref": "escalade@3.1.2" + }, + { + "ref": "estraverse@5.3.0" + }, + { + "ref": "builtin-modules@3.3.0" + }, + { + "ref": "jsesc@3.0.2" + }, + { + "ref": "p-try@2.2.0" + }, + { + "ref": "path-exists@4.0.0" + }, + { + "ref": "read-pkg@5.2.0", + "dependsOn": [ + "@types/normalize-package-data@2.4.4", + "read-pkg@5.2.0|normalize-package-data@2.5.0", + "parse-json@5.2.0", + "read-pkg@5.2.0|type-fest@0.6.0" + ] + }, + { + "ref": "read-pkg@5.2.0|normalize-package-data@2.5.0", + "dependsOn": [ + "read-pkg@5.2.0|hosted-git-info@2.8.9", + "resolve@1.22.8", + "read-pkg@5.2.0|semver@5.7.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "read-pkg@5.2.0|hosted-git-info@2.8.9" + }, + { + "ref": "read-pkg@5.2.0|semver@5.7.2" + }, + { + "ref": "read-pkg@5.2.0|type-fest@0.6.0" + }, + { + "ref": "@types/normalize-package-data@2.4.4" + }, + { + "ref": "validate-npm-package-license@3.0.4", + "dependsOn": [ + "spdx-correct@3.2.0", + "spdx-expression-parse@3.0.1" + ] + }, + { + "ref": "regjsparser@0.10.0", + "dependsOn": [ + "regjsparser@0.10.0|jsesc@0.5.0" + ] + }, + { + "ref": "regjsparser@0.10.0|jsesc@0.5.0" + }, + { + "ref": "strip-indent@3.0.0", + "dependsOn": [ + "min-indent@1.0.1" + ] + }, + { + "ref": "min-indent@1.0.1" + }, + { + "ref": "@eslint/js@8.57.0" + }, + { + "ref": "@humanwhocodes/config-array@0.11.14", + "dependsOn": [ + "@humanwhocodes/object-schema@2.0.3", + "debug@4.3.4", + "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|minimatch@3.1.2", + "dependsOn": [ + "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11" + ] + }, + { + "ref": "@humanwhocodes/config-array@0.11.14|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@humanwhocodes/object-schema@2.0.3" + }, + { + "ref": "@humanwhocodes/module-importer@1.0.1" + }, + { + "ref": "@nodelib/fs.scandir@2.1.5", + "dependsOn": [ + "@nodelib/fs.stat@2.0.5", + "run-parallel@1.2.0" + ] + }, + { + "ref": "run-parallel@1.2.0", + "dependsOn": [ + "queue-microtask@1.2.3" + ] + }, + { + "ref": "queue-microtask@1.2.3" + }, + { + "ref": "fastq@1.17.1", + "dependsOn": [ + "reusify@1.0.4" + ] + }, + { + "ref": "reusify@1.0.4" + }, + { + "ref": "@ungap/structured-clone@1.2.0" + }, + { + "ref": "path-key@3.1.1" + }, + { + "ref": "shebang-command@2.0.0", + "dependsOn": [ + "shebang-regex@3.0.0" + ] + }, + { + "ref": "shebang-regex@3.0.0" + }, + { + "ref": "which@2.0.2", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "isexe@2.0.0" + }, + { + "ref": "eslint-scope@7.2.2", + "dependsOn": [ + "esrecurse@4.3.0", + "estraverse@5.3.0" + ] + }, + { + "ref": "acorn@8.11.3" + }, + { + "ref": "flat-cache@3.2.0", + "dependsOn": [ + "flatted@3.3.1", + "keyv@4.5.4", + "rimraf@3.0.2" + ] + }, + { + "ref": "flatted@3.3.1" + }, + { + "ref": "keyv@4.5.4", + "dependsOn": [ + "json-buffer@3.0.1" + ] + }, + { + "ref": "json-buffer@3.0.1" + }, + { + "ref": "find-up@5.0.0", + "dependsOn": [ + "locate-path@6.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "locate-path@6.0.0", + "dependsOn": [ + "p-locate@5.0.0" + ] + }, + { + "ref": "p-locate@5.0.0", + "dependsOn": [ + "p-limit@3.1.0" + ] + }, + { + "ref": "is-extglob@2.1.1" + }, + { + "ref": "is-path-inside@3.0.3" + }, + { + "ref": "prelude-ls@1.2.1" + }, + { + "ref": "type-check@0.4.0", + "dependsOn": [ + "prelude-ls@1.2.1" + ] + }, + { + "ref": "@aashutoshrathi/word-wrap@1.2.6" + }, + { + "ref": "deep-is@0.1.4" + }, + { + "ref": "accepts@1.3.8", + "dependsOn": [ + "mime-types@2.1.35", + "negotiator@0.6.3" + ] + }, + { + "ref": "mime-types@2.1.35", + "dependsOn": [ + "mime-db@1.52.0" + ] + }, + { + "ref": "negotiator@0.6.3" + }, + { + "ref": "array-flatten@1.1.1" + }, + { + "ref": "body-parser@1.20.2", + "dependsOn": [ + "bytes@3.1.2", + "content-type@1.0.5", + "body-parser@1.20.2|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "on-finished@2.4.1", + "qs@6.11.0", + "raw-body@2.5.2", + "type-is@1.6.18", + "unpipe@1.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|debug@2.6.9", + "dependsOn": [ + "body-parser@1.20.2|ms@2.0.0" + ] + }, + { + "ref": "body-parser@1.20.2|ms@2.0.0" + }, + { + "ref": "bytes@3.1.2" + }, + { + "ref": "depd@2.0.0" + }, + { + "ref": "destroy@1.2.0" + }, + { + "ref": "http-errors@2.0.0", + "dependsOn": [ + "depd@2.0.0", + "inherits@2.0.4", + "setprototypeof@1.2.0", + "statuses@2.0.1", + "toidentifier@1.0.1" + ] + }, + { + "ref": "iconv-lite@0.4.24", + "dependsOn": [ + "safer-buffer@2.1.2" + ] + }, + { + "ref": "safer-buffer@2.1.2" + }, + { + "ref": "on-finished@2.4.1", + "dependsOn": [ + "ee-first@1.1.1" + ] + }, + { + "ref": "qs@6.11.0", + "dependsOn": [ + "side-channel@1.0.6" + ] + }, + { + "ref": "raw-body@2.5.2", + "dependsOn": [ + "bytes@3.1.2", + "http-errors@2.0.0", + "iconv-lite@0.4.24", + "unpipe@1.0.0" + ] + }, + { + "ref": "unpipe@1.0.0" + }, + { + "ref": "type-is@1.6.18", + "dependsOn": [ + "media-typer@0.3.0", + "mime-types@2.1.35" + ] + }, + { + "ref": "content-disposition@0.5.4", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "cookie-signature@1.0.6" + }, + { + "ref": "cookie@0.6.0" + }, + { + "ref": "encodeurl@1.0.2" + }, + { + "ref": "escape-html@1.0.3" + }, + { + "ref": "etag@1.8.1" + }, + { + "ref": "finalhandler@1.2.0", + "dependsOn": [ + "finalhandler@1.2.0|debug@2.6.9", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "on-finished@2.4.1", + "parseurl@1.3.3", + "statuses@2.0.1", + "unpipe@1.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|debug@2.6.9", + "dependsOn": [ + "finalhandler@1.2.0|ms@2.0.0" + ] + }, + { + "ref": "finalhandler@1.2.0|ms@2.0.0" + }, + { + "ref": "parseurl@1.3.3" + }, + { + "ref": "statuses@2.0.1" + }, + { + "ref": "fresh@0.5.2" + }, + { + "ref": "setprototypeof@1.2.0" + }, + { + "ref": "toidentifier@1.0.1" + }, + { + "ref": "merge-descriptors@1.0.1" + }, + { + "ref": "methods@1.1.2" + }, + { + "ref": "ee-first@1.1.1" + }, + { + "ref": "path-to-regexp@0.1.7" + }, + { + "ref": "proxy-addr@2.0.7", + "dependsOn": [ + "forwarded@0.2.0", + "ipaddr.js@1.9.1" + ] + }, + { + "ref": "forwarded@0.2.0" + }, + { + "ref": "ipaddr.js@1.9.1" + }, + { + "ref": "side-channel@1.0.6", + "dependsOn": [ + "call-bind@1.0.7", + "es-errors@1.3.0", + "get-intrinsic@1.2.4", + "object-inspect@1.13.1" + ] + }, + { + "ref": "call-bind@1.0.7", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "set-function-length@1.2.2" + ] + }, + { + "ref": "es-define-property@1.0.0", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "get-intrinsic@1.2.4", + "dependsOn": [ + "es-errors@1.3.0", + "function-bind@1.1.2", + "has-proto@1.0.3", + "has-symbols@1.0.3", + "hasown@2.0.2" + ] + }, + { + "ref": "es-errors@1.3.0" + }, + { + "ref": "function-bind@1.1.2" + }, + { + "ref": "set-function-length@1.2.2", + "dependsOn": [ + "define-data-property@1.1.4", + "es-errors@1.3.0", + "function-bind@1.1.2", + "get-intrinsic@1.2.4", + "gopd@1.0.1", + "has-property-descriptors@1.0.2" + ] + }, + { + "ref": "define-data-property@1.1.4", + "dependsOn": [ + "es-define-property@1.0.0", + "es-errors@1.3.0", + "gopd@1.0.1" + ] + }, + { + "ref": "gopd@1.0.1", + "dependsOn": [ + "get-intrinsic@1.2.4" + ] + }, + { + "ref": "has-property-descriptors@1.0.2", + "dependsOn": [ + "es-define-property@1.0.0" + ] + }, + { + "ref": "has-proto@1.0.3" + }, + { + "ref": "has-symbols@1.0.3" + }, + { + "ref": "hasown@2.0.2", + "dependsOn": [ + "function-bind@1.1.2" + ] + }, + { + "ref": "object-inspect@1.13.1" + }, + { + "ref": "range-parser@1.2.1" + }, + { + "ref": "send@0.18.0", + "dependsOn": [ + "send@0.18.0|debug@2.6.9", + "depd@2.0.0", + "destroy@1.2.0", + "encodeurl@1.0.2", + "escape-html@1.0.3", + "etag@1.8.1", + "fresh@0.5.2", + "http-errors@2.0.0", + "mime@1.6.0", + "ms@2.1.3", + "on-finished@2.4.1", + "range-parser@1.2.1", + "statuses@2.0.1" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9", + "dependsOn": [ + "send@0.18.0|debug@2.6.9|ms@2.0.0" + ] + }, + { + "ref": "send@0.18.0|debug@2.6.9|ms@2.0.0" + }, + { + "ref": "mime@1.6.0" + }, + { + "ref": "serve-static@1.15.0", + "dependsOn": [ + "encodeurl@1.0.2", + "escape-html@1.0.3", + "parseurl@1.3.3", + "send@0.18.0" + ] + }, + { + "ref": "media-typer@0.3.0" + }, + { + "ref": "utils-merge@1.0.1" + }, + { + "ref": "vary@1.1.2" + }, + { + "ref": "asynckit@0.4.0" + }, + { + "ref": "combined-stream@1.0.8", + "dependsOn": [ + "delayed-stream@1.0.0" + ] + }, + { + "ref": "delayed-stream@1.0.0" + }, + { + "ref": "mime-db@1.52.0" + }, + { + "ref": "fs-extra@11.2.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "jsonfile@6.1.0", + "universalify@2.0.1" + ] + }, + { + "ref": "jsonfile@6.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "universalify@2.0.1" + ] + }, + { + "ref": "universalify@2.0.1" + }, + { + "ref": "get-installed-path@4.0.8", + "dependsOn": [ + "global-modules@1.0.0" + ] + }, + { + "ref": "global-modules@1.0.0", + "dependsOn": [ + "global-prefix@1.0.2", + "is-windows@1.0.2", + "resolve-dir@1.0.1" + ] + }, + { + "ref": "global-prefix@1.0.2", + "dependsOn": [ + "expand-tilde@2.0.2", + "homedir-polyfill@1.0.3", + "ini@1.3.8", + "is-windows@1.0.2", + "global-prefix@1.0.2|which@1.3.1" + ] + }, + { + "ref": "global-prefix@1.0.2|which@1.3.1", + "dependsOn": [ + "isexe@2.0.0" + ] + }, + { + "ref": "expand-tilde@2.0.2", + "dependsOn": [ + "homedir-polyfill@1.0.3" + ] + }, + { + "ref": "homedir-polyfill@1.0.3", + "dependsOn": [ + "parse-passwd@1.0.0" + ] + }, + { + "ref": "parse-passwd@1.0.0" + }, + { + "ref": "is-windows@1.0.2" + }, + { + "ref": "resolve-dir@1.0.1", + "dependsOn": [ + "expand-tilde@2.0.2", + "global-modules@1.0.0" + ] + }, + { + "ref": "domhandler@5.0.3", + "dependsOn": [ + "domelementtype@2.3.0" + ] + }, + { + "ref": "domutils@3.1.0", + "dependsOn": [ + "dom-serializer@2.0.0", + "domelementtype@2.3.0", + "domhandler@5.0.3" + ] + }, + { + "ref": "dom-serializer@2.0.0", + "dependsOn": [ + "domelementtype@2.3.0", + "domhandler@5.0.3", + "entities@4.5.0" + ] + }, + { + "ref": "entities@4.5.0" + }, + { + "ref": "https@1.0.0" + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2", + "dependsOn": [ + "chalk@4.1.2", + "cli-cursor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1" + ] + }, + { + "ref": "inquirer-file-tree-selection-prompt@2.0.2|rxjs@7.8.1", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "cli-cursor@3.1.0", + "dependsOn": [ + "restore-cursor@3.1.0" + ] + }, + { + "ref": "restore-cursor@3.1.0", + "dependsOn": [ + "onetime@5.1.2", + "signal-exit@3.0.7" + ] + }, + { + "ref": "onetime@5.1.2", + "dependsOn": [ + "mimic-fn@2.1.0" + ] + }, + { + "ref": "mimic-fn@2.1.0" + }, + { + "ref": "signal-exit@3.0.7" + }, + { + "ref": "figures@3.2.0", + "dependsOn": [ + "figures@3.2.0|escape-string-regexp@1.0.5" + ] + }, + { + "ref": "figures@3.2.0|escape-string-regexp@1.0.5" + }, + { + "ref": "inquirer@8.0.0", + "dependsOn": [ + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-cursor@3.1.0", + "cli-width@3.0.0", + "external-editor@3.1.0", + "figures@3.2.0", + "lodash@4.17.21", + "mute-stream@0.0.8", + "run-async@2.4.1", + "rxjs@6.6.7", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "through@2.3.8" + ] + }, + { + "ref": "cli-width@3.0.0" + }, + { + "ref": "external-editor@3.1.0", + "dependsOn": [ + "chardet@0.7.0", + "iconv-lite@0.4.24", + "external-editor@3.1.0|tmp@0.0.33" + ] + }, + { + "ref": "external-editor@3.1.0|tmp@0.0.33", + "dependsOn": [ + "os-tmpdir@1.0.2" + ] + }, + { + "ref": "chardet@0.7.0" + }, + { + "ref": "os-tmpdir@1.0.2" + }, + { + "ref": "mute-stream@0.0.8" + }, + { + "ref": "run-async@2.4.1" + }, + { + "ref": "rxjs@6.6.7", + "dependsOn": [ + "rxjs@6.6.7|tslib@1.14.1" + ] + }, + { + "ref": "rxjs@6.6.7|tslib@1.14.1" + }, + { + "ref": "through@2.3.8" + }, + { + "ref": "jest-mock@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-util@29.7.0" + ] + }, + { + "ref": "@types/istanbul-lib-report@3.0.3", + "dependsOn": [ + "@types/istanbul-lib-coverage@2.0.6" + ] + }, + { + "ref": "@types/yargs-parser@21.0.3" + }, + { + "ref": "jest@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/types@29.6.3", + "import-local@3.1.0", + "jest-cli@29.7.0" + ] + }, + { + "ref": "@jest/core@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/reporters@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "@jest/core@29.7.0|ci-info@3.9.0", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-changed-files@29.7.0", + "jest-config@29.7.0", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve-dependencies@29.7.0", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "jest-watcher@29.7.0", + "micromatch@4.0.5", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@jest/core@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/console@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "@jest/reporters@29.7.0", + "dependsOn": [ + "@bcoe/v8-coverage@0.2.3", + "@jest/console@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "@types/node@20.14.1", + "chalk@4.1.2", + "collect-v8-coverage@1.0.2", + "exit@0.1.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "istanbul-lib-coverage@3.2.2", + "istanbul-lib-instrument@6.0.2", + "istanbul-lib-report@3.0.1", + "istanbul-lib-source-maps@4.0.1", + "istanbul-reports@3.1.7", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "slash@3.0.0", + "string-length@4.0.2", + "strip-ansi@6.0.1", + "v8-to-istanbul@9.2.0" + ] + }, + { + "ref": "@jest/test-result@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/types@29.6.3", + "@types/istanbul-lib-coverage@2.0.6", + "collect-v8-coverage@1.0.2" + ] + }, + { + "ref": "@jest/transform@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/types@29.6.3", + "@jridgewell/trace-mapping@0.3.25", + "babel-plugin-istanbul@6.1.1", + "chalk@4.1.2", + "convert-source-map@2.0.0", + "fast-json-stable-stringify@2.1.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "micromatch@4.0.5", + "pirates@4.0.6", + "slash@3.0.0", + "write-file-atomic@4.0.2" + ] + }, + { + "ref": "fs.realpath@1.0.0" + }, + { + "ref": "inflight@1.0.6", + "dependsOn": [ + "once@1.4.0", + "wrappy@1.0.2" + ] + }, + { + "ref": "path-is-absolute@1.0.1" + }, + { + "ref": "istanbul-lib-instrument@6.0.2", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/parser@7.24.4", + "@istanbuljs/schema@0.1.3", + "istanbul-lib-coverage@3.2.2", + "semver@7.6.2" + ] + }, + { + "ref": "make-dir@4.0.0", + "dependsOn": [ + "semver@7.6.2" + ] + }, + { + "ref": "source-map@0.6.1" + }, + { + "ref": "html-escaper@2.0.2" + }, + { + "ref": "jest-worker@29.7.0", + "dependsOn": [ + "@types/node@20.14.1", + "jest-util@29.7.0", + "merge-stream@2.0.0", + "supports-color@8.1.1" + ] + }, + { + "ref": "char-regex@1.0.2" + }, + { + "ref": "convert-source-map@2.0.0" + }, + { + "ref": "jest-changed-files@29.7.0", + "dependsOn": [ + "execa@5.1.1", + "jest-util@29.7.0", + "p-limit@3.1.0" + ] + }, + { + "ref": "get-stream@6.0.1" + }, + { + "ref": "human-signals@2.1.0" + }, + { + "ref": "npm-run-path@4.0.1", + "dependsOn": [ + "path-key@3.1.1" + ] + }, + { + "ref": "strip-final-newline@2.0.0" + }, + { + "ref": "yocto-queue@0.1.0" + }, + { + "ref": "jest-config@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/test-sequencer@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "babel-jest@29.7.0", + "chalk@4.1.2", + "jest-config@29.7.0|ci-info@3.9.0", + "deepmerge@4.3.1", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-circus@29.7.0", + "jest-environment-node@29.7.0", + "jest-get-type@29.6.3", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-runner@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "micromatch@4.0.5", + "parse-json@5.2.0", + "pretty-format@29.7.0", + "slash@3.0.0", + "strip-json-comments@3.1.1", + "ts-node@10.9.2" + ] + }, + { + "ref": "jest-config@29.7.0|ci-info@3.9.0" + }, + { + "ref": "@jest/test-sequencer@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "slash@3.0.0" + ] + }, + { + "ref": "jest-haste-map@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@types/graceful-fs@4.1.9", + "@types/node@20.14.1", + "anymatch@3.1.3", + "fb-watchman@2.0.2", + "fsevents@2.3.3", + "graceful-fs@4.2.11", + "jest-regex-util@29.6.3", + "jest-util@29.7.0", + "jest-worker@29.7.0", + "micromatch@4.0.5", + "walker@1.0.8" + ] + }, + { + "ref": "babel-jest@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@types/babel__core@7.20.5", + "babel-plugin-istanbul@6.1.1", + "babel-preset-jest@29.6.3", + "chalk@4.1.2", + "graceful-fs@4.2.11", + "slash@3.0.0" + ] + }, + { + "ref": "jest-circus@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "co@4.6.0", + "dedent@1.5.3", + "is-generator-fn@2.1.0", + "jest-each@29.7.0", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-runtime@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "p-limit@3.1.0", + "pretty-format@29.7.0", + "pure-rand@6.1.0", + "slash@3.0.0", + "stack-utils@2.0.6" + ] + }, + { + "ref": "@jest/environment@29.7.0", + "dependsOn": [ + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/expect@29.7.0", + "dependsOn": [ + "expect@29.7.0", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "jest-snapshot@29.7.0", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/generator@7.24.4", + "@babel/plugin-syntax-jsx@7.24.1", + "@babel/plugin-syntax-typescript@7.24.1", + "@babel/types@7.24.0", + "@jest/expect-utils@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-preset-current-node-syntax@1.0.1", + "chalk@4.1.2", + "expect@29.7.0", + "graceful-fs@4.2.11", + "jest-diff@29.7.0", + "jest-get-type@29.6.3", + "jest-matcher-utils@29.7.0", + "jest-message-util@29.7.0", + "jest-util@29.7.0", + "natural-compare@1.4.0", + "pretty-format@29.7.0", + "semver@7.6.2" + ] + }, + { + "ref": "dedent@1.5.3" + }, + { + "ref": "jest-each@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "jest-util@29.7.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-runtime@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/globals@29.7.0", + "@jest/source-map@29.6.3", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "cjs-module-lexer@1.2.3", + "collect-v8-coverage@1.0.2", + "glob@7.2.3", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-regex-util@29.6.3", + "jest-resolve@29.7.0", + "jest-snapshot@29.7.0", + "jest-util@29.7.0", + "slash@3.0.0", + "strip-bom@4.0.0" + ] + }, + { + "ref": "pure-rand@6.1.0" + }, + { + "ref": "jest-environment-node@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/fake-timers@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "@jest/fake-timers@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "@sinonjs/fake-timers@10.3.0", + "@types/node@20.14.1", + "jest-message-util@29.7.0", + "jest-mock@29.7.0", + "jest-util@29.7.0" + ] + }, + { + "ref": "jest-regex-util@29.6.3" + }, + { + "ref": "jest-resolve@29.7.0", + "dependsOn": [ + "chalk@4.1.2", + "graceful-fs@4.2.11", + "jest-haste-map@29.7.0", + "jest-pnp-resolver@1.2.3", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "resolve.exports@2.0.2", + "resolve@1.22.8", + "slash@3.0.0" + ] + }, + { + "ref": "jest-runner@29.7.0", + "dependsOn": [ + "@jest/console@29.7.0", + "@jest/environment@29.7.0", + "@jest/test-result@29.7.0", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "chalk@4.1.2", + "emittery@0.13.1", + "graceful-fs@4.2.11", + "jest-docblock@29.7.0", + "jest-environment-node@29.7.0", + "jest-haste-map@29.7.0", + "jest-leak-detector@29.7.0", + "jest-message-util@29.7.0", + "jest-resolve@29.7.0", + "jest-runtime@29.7.0", + "jest-util@29.7.0", + "jest-watcher@29.7.0", + "jest-worker@29.7.0", + "p-limit@3.1.0", + "source-map-support@0.5.13" + ] + }, + { + "ref": "jest-validate@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "jest-validate@29.7.0|camelcase@6.3.0", + "chalk@4.1.2", + "jest-get-type@29.6.3", + "leven@3.1.0", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-validate@29.7.0|camelcase@6.3.0" + }, + { + "ref": "bser@2.1.1", + "dependsOn": [ + "node-int64@0.4.0" + ] + }, + { + "ref": "node-int64@0.4.0" + }, + { + "ref": "makeerror@1.0.12", + "dependsOn": [ + "tmpl@1.0.5" + ] + }, + { + "ref": "tmpl@1.0.5" + }, + { + "ref": "jest-resolve-dependencies@29.7.0", + "dependsOn": [ + "jest-regex-util@29.6.3", + "jest-snapshot@29.7.0" + ] + }, + { + "ref": "resolve.exports@2.0.2" + }, + { + "ref": "emittery@0.13.1" + }, + { + "ref": "jest-docblock@29.7.0", + "dependsOn": [ + "detect-newline@3.1.0" + ] + }, + { + "ref": "jest-leak-detector@29.7.0", + "dependsOn": [ + "jest-get-type@29.6.3", + "pretty-format@29.7.0" + ] + }, + { + "ref": "jest-watcher@29.7.0", + "dependsOn": [ + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "@types/node@20.14.1", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "emittery@0.13.1", + "jest-util@29.7.0", + "string-length@4.0.2" + ] + }, + { + "ref": "@jest/globals@29.7.0", + "dependsOn": [ + "@jest/environment@29.7.0", + "@jest/expect@29.7.0", + "@jest/types@29.6.3", + "jest-mock@29.7.0" + ] + }, + { + "ref": "@jest/source-map@29.6.3", + "dependsOn": [ + "@jridgewell/trace-mapping@0.3.25", + "callsites@3.1.0", + "graceful-fs@4.2.11" + ] + }, + { + "ref": "@babel/plugin-syntax-jsx@7.24.1", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/helper-plugin-utils@7.24.0" + }, + { + "ref": "@babel/plugin-syntax-async-generators@7.8.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-bigint@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-class-properties@7.12.13", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-import-meta@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-json-strings@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-logical-assignment-operators@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-nullish-coalescing-operator@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-numeric-separator@7.10.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-object-rest-spread@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-catch-binding@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-optional-chaining@7.8.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "@babel/plugin-syntax-top-level-await@7.14.5", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-plugin-utils@7.24.0" + ] + }, + { + "ref": "pkg-dir@4.2.0", + "dependsOn": [ + "pkg-dir@4.2.0|find-up@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|find-up@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|locate-path@5.0.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-locate@4.1.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-locate@4.1.0", + "dependsOn": [ + "pkg-dir@4.2.0|p-limit@2.3.0" + ] + }, + { + "ref": "pkg-dir@4.2.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0", + "dependsOn": [ + "resolve-cwd@3.0.0|resolve-from@5.0.0" + ] + }, + { + "ref": "resolve-cwd@3.0.0|resolve-from@5.0.0" + }, + { + "ref": "jest-cli@29.7.0", + "dependsOn": [ + "@jest/core@29.7.0", + "@jest/test-result@29.7.0", + "@jest/types@29.6.3", + "chalk@4.1.2", + "create-jest@29.7.0", + "exit@0.1.2", + "import-local@3.1.0", + "jest-config@29.7.0", + "jest-util@29.7.0", + "jest-validate@29.7.0", + "yargs@17.7.2" + ] + }, + { + "ref": "create-jest@29.7.0", + "dependsOn": [ + "@jest/types@29.6.3", + "chalk@4.1.2", + "exit@0.1.2", + "graceful-fs@4.2.11", + "jest-config@29.7.0", + "jest-util@29.7.0", + "prompts@2.4.2" + ] + }, + { + "ref": "cliui@8.0.1", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "get-caller-file@2.0.5" + }, + { + "ref": "require-directory@2.1.1" + }, + { + "ref": "y18n@5.0.8" + }, + { + "ref": "argparse@2.0.1" + }, + { + "ref": "json-colorizer@2.2.2", + "dependsOn": [ + "json-colorizer@2.2.2|chalk@2.4.2", + "lodash.get@4.4.2" + ] + }, + { + "ref": "json-colorizer@2.2.2|chalk@2.4.2", + "dependsOn": [ + "json-colorizer@2.2.2|ansi-styles@3.2.1", + "json-colorizer@2.2.2|escape-string-regexp@1.0.5", + "json-colorizer@2.2.2|supports-color@5.5.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|ansi-styles@3.2.1", + "dependsOn": [ + "json-colorizer@2.2.2|color-convert@1.9.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-convert@1.9.3", + "dependsOn": [ + "json-colorizer@2.2.2|color-name@1.1.3" + ] + }, + { + "ref": "json-colorizer@2.2.2|color-name@1.1.3" + }, + { + "ref": "json-colorizer@2.2.2|escape-string-regexp@1.0.5" + }, + { + "ref": "json-colorizer@2.2.2|supports-color@5.5.0", + "dependsOn": [ + "json-colorizer@2.2.2|has-flag@3.0.0" + ] + }, + { + "ref": "json-colorizer@2.2.2|has-flag@3.0.0" + }, + { + "ref": "markdown-diff@2.0.0", + "dependsOn": [ + "markdown-diff@2.0.0|diff@5.2.0", + "marked@12.0.2" + ] + }, + { + "ref": "markdown-diff@2.0.0|diff@5.2.0" + }, + { + "ref": "marked@12.0.2" + }, + { + "ref": "markdown-table-ts@1.0.3" + }, + { + "ref": "mocha@10.4.0", + "dependsOn": [ + "ansi-colors@4.1.1", + "browser-stdout@1.3.1", + "chokidar@3.5.3", + "debug@4.3.4", + "mocha@10.4.0|diff@5.0.0", + "escape-string-regexp@4.0.0", + "find-up@5.0.0", + "mocha@10.4.0|glob@8.1.0", + "he@1.2.0", + "js-yaml@4.1.0", + "mocha@10.4.0|log-symbols@4.1.0", + "mocha@10.4.0|minimatch@5.0.1", + "ms@2.1.3", + "serialize-javascript@6.0.0", + "strip-json-comments@3.1.1", + "supports-color@8.1.1", + "workerpool@6.2.1", + "yargs-parser@20.2.4", + "yargs-unparser@2.0.0", + "mocha@10.4.0|yargs@16.2.0" + ] + }, + { + "ref": "mocha@10.4.0|diff@5.0.0" + }, + { + "ref": "mocha@10.4.0|glob@8.1.0", + "dependsOn": [ + "fs.realpath@1.0.0", + "inflight@1.0.6", + "inherits@2.0.4", + "mocha@10.4.0|minimatch@5.0.1", + "once@1.4.0" + ] + }, + { + "ref": "mocha@10.4.0|minimatch@5.0.1", + "dependsOn": [ + "brace-expansion@2.0.1" + ] + }, + { + "ref": "mocha@10.4.0|log-symbols@4.1.0", + "dependsOn": [ + "chalk@4.1.2", + "is-unicode-supported@0.1.0" + ] + }, + { + "ref": "mocha@10.4.0|yargs@16.2.0", + "dependsOn": [ + "mocha@10.4.0|cliui@7.0.4", + "escalade@3.1.2", + "get-caller-file@2.0.5", + "require-directory@2.1.1", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "y18n@5.0.8", + "yargs-parser@20.2.4" + ] + }, + { + "ref": "mocha@10.4.0|cliui@7.0.4", + "dependsOn": [ + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "browser-stdout@1.3.1" + }, + { + "ref": "fill-range@7.0.1", + "dependsOn": [ + "to-regex-range@5.0.1" + ] + }, + { + "ref": "to-regex-range@5.0.1", + "dependsOn": [ + "is-number@7.0.0" + ] + }, + { + "ref": "is-number@7.0.0" + }, + { + "ref": "is-binary-path@2.1.0", + "dependsOn": [ + "binary-extensions@2.3.0" + ] + }, + { + "ref": "binary-extensions@2.3.0" + }, + { + "ref": "readdirp@3.6.0", + "dependsOn": [ + "picomatch@2.3.1" + ] + }, + { + "ref": "wrappy@1.0.2" + }, + { + "ref": "is-unicode-supported@0.1.0" + }, + { + "ref": "serialize-javascript@6.0.0", + "dependsOn": [ + "randombytes@2.1.0" + ] + }, + { + "ref": "randombytes@2.1.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "workerpool@6.2.1" + }, + { + "ref": "yargs-parser@20.2.4" + }, + { + "ref": "yargs-unparser@2.0.0", + "dependsOn": [ + "yargs-unparser@2.0.0|camelcase@6.3.0", + "decamelize@4.0.0", + "flat@5.0.2", + "is-plain-obj@2.1.0" + ] + }, + { + "ref": "yargs-unparser@2.0.0|camelcase@6.3.0" + }, + { + "ref": "decamelize@4.0.0" + }, + { + "ref": "is-plain-obj@2.1.0" + }, + { + "ref": "mock-fs@5.2.0" + }, + { + "ref": "objects-to-csv@1.3.6", + "dependsOn": [ + "async-csv@2.1.3" + ] + }, + { + "ref": "async-csv@2.1.3", + "dependsOn": [ + "csv@5.5.3" + ] + }, + { + "ref": "csv@5.5.3", + "dependsOn": [ + "csv-generate@3.4.3", + "csv-parse@4.16.3", + "csv-stringify@5.6.5", + "stream-transform@2.1.3" + ] + }, + { + "ref": "csv-generate@3.4.3" + }, + { + "ref": "csv-stringify@5.6.5" + }, + { + "ref": "stream-transform@2.1.3", + "dependsOn": [ + "mixme@0.5.10" + ] + }, + { + "ref": "mixme@0.5.10" + }, + { + "ref": "oclif@4.13.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0", + "@aws-sdk/client-s3@3.583.0", + "@inquirer/confirm@3.1.9", + "@inquirer/input@2.1.9", + "@inquirer/select@2.3.5", + "oclif@4.13.0|@oclif/core@4.0.1", + "@oclif/plugin-help@6.1.0", + "@oclif/plugin-not-found@3.2.1", + "@oclif/plugin-warn-if-update-available@3.1.4", + "async-retry@1.3.3", + "chalk@4.1.2", + "change-case@4.1.2", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "find-yarn-workspace-root@2.0.0", + "oclif@4.13.0|fs-extra@8.1.0", + "github-slugger@2.0.0", + "got@13.0.0", + "lodash@4.17.21", + "normalize-package-data@6.0.1", + "semver@7.6.2", + "sort-package-json@2.10.0", + "tiny-jsonc@1.0.1", + "validate-npm-package-name@5.0.1" + ] + }, + { + "ref": "oclif@4.13.0|@oclif/core@4.0.1", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "oclif@4.13.0|debug@4.3.5", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "oclif@4.13.0|debug@4.3.5", + "dependsOn": [ + "oclif@4.13.0|ms@2.1.2" + ] + }, + { + "ref": "oclif@4.13.0|ms@2.1.2" + }, + { + "ref": "oclif@4.13.0|fs-extra@8.1.0", + "dependsOn": [ + "graceful-fs@4.2.11", + "oclif@4.13.0|jsonfile@4.0.0", + "oclif@4.13.0|universalify@0.1.2" + ] + }, + { + "ref": "oclif@4.13.0|jsonfile@4.0.0", + "dependsOn": [ + "graceful-fs@4.2.11" + ] + }, + { + "ref": "oclif@4.13.0|universalify@0.1.2" + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/types@3.0.0", + "bowser@2.11.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-http@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-ini@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-env@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-process@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-sso@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/credential-provider-web-identity@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sts@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso@3.575.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/core@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-host-header@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-logger@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-recursion-detection@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/middleware-user-agent@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/region-config-resolver@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-endpoints@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-browser@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/util-user-agent-node@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/token-providers@3.575.0", + "dependsOn": [ + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/client-sso-oidc@3.575.0", + "@aws-sdk/client-cloudfront@3.575.0|@aws-sdk/types@3.575.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/xml-builder@3.575.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/util-waiter@3.0.0", + "dependsOn": [ + "@smithy/abort-controller@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0", + "dependsOn": [ + "@aws-crypto/sha1-browser@3.0.0", + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "@aws-sdk/middleware-expect-continue@3.577.0", + "@aws-sdk/middleware-flexible-checksums@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-location-constraint@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/middleware-signing@3.577.0", + "@aws-sdk/middleware-ssec@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/signature-v4-multi-region@3.582.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@aws-sdk/xml-builder@3.575.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/eventstream-serde-browser@3.0.0", + "@smithy/eventstream-serde-config-resolver@3.0.0", + "@smithy/eventstream-serde-node@3.0.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-blob-browser@3.0.0", + "@smithy/hash-node@3.0.0", + "@smithy/hash-stream-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/md5-js@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-retry@3.0.0", + "@smithy/util-stream@3.0.1", + "@smithy/util-utf8@3.0.0", + "@smithy/util-waiter@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso-oidc@3.583.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-node@3.583.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-http@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-ini@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sts@3.583.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/credential-provider-sso@3.583.0", + "dependsOn": [ + "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-s3@3.583.0|@aws-sdk/client-sso@3.583.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/core@3.582.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/middleware-user-agent@3.583.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/client-s3@3.583.0|@aws-sdk/util-endpoints@3.583.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0", + "dependsOn": [ + "@aws-crypto/ie11-detection@3.0.0", + "@aws-crypto/supports-web-crypto@3.0.0", + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-locate-window@3.535.0", + "@aws-sdk/util-utf8-browser@3.259.0", + "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/sha1-browser@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/region-config-resolver@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-user-agent-node@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-env@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-process@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-web-identity@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/token-providers@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso-oidc@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sts@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/client-sso-oidc@3.577.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/credential-provider-node@3.577.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0", + "dependsOn": [ + "@smithy/core@2.1.1", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/core@3.576.0|fast-xml-parser@4.2.5", + "dependsOn": [ + "strnum@1.0.5" + ] + }, + { + "ref": "@aws-sdk/credential-provider-node@3.577.0", + "dependsOn": [ + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-http@3.577.0", + "@aws-sdk/credential-provider-ini@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-user-agent@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-endpoints@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "@smithy/util-endpoints@2.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-http@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/node-http-handler@3.0.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-stream@3.0.1", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-ini@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sts@3.577.0", + "@aws-sdk/credential-provider-env@3.577.0", + "@aws-sdk/credential-provider-process@3.577.0", + "@aws-sdk/credential-provider-sso@3.577.0", + "@aws-sdk/credential-provider-web-identity@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/credential-provider-imds@3.1.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/credential-provider-sso@3.577.0", + "dependsOn": [ + "@aws-sdk/client-sso@3.577.0", + "@aws-sdk/token-providers@3.577.0", + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/shared-ini-file-loader@3.1.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/client-sso@3.577.0", + "dependsOn": [ + "@aws-crypto/sha256-browser@3.0.0", + "@aws-crypto/sha256-js@3.0.0", + "@aws-sdk/core@3.576.0", + "@aws-sdk/middleware-host-header@3.577.0", + "@aws-sdk/middleware-logger@3.577.0", + "@aws-sdk/middleware-recursion-detection@3.577.0", + "@aws-sdk/middleware-user-agent@3.577.0", + "@aws-sdk/region-config-resolver@3.577.0", + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-endpoints@3.577.0", + "@aws-sdk/util-user-agent-browser@3.577.0", + "@aws-sdk/util-user-agent-node@3.577.0", + "@smithy/config-resolver@3.0.1", + "@smithy/core@2.1.1", + "@smithy/fetch-http-handler@3.0.1", + "@smithy/hash-node@3.0.0", + "@smithy/invalid-dependency@3.0.0", + "@smithy/middleware-content-length@3.0.0", + "@smithy/middleware-endpoint@3.0.1", + "@smithy/middleware-retry@3.0.3", + "@smithy/middleware-serde@3.0.0", + "@smithy/middleware-stack@3.0.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/node-http-handler@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/url-parser@3.0.0", + "@smithy/util-base64@3.0.0", + "@smithy/util-body-length-browser@3.0.0", + "@smithy/util-body-length-node@3.0.0", + "@smithy/util-defaults-mode-browser@3.0.3", + "@smithy/util-defaults-mode-node@3.0.3", + "@smithy/util-endpoints@2.0.1", + "@smithy/util-middleware@3.0.0", + "@smithy/util-retry@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-bucket-endpoint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/util-arn-parser@3.568.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-expect-continue@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-flexible-checksums@3.577.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@aws-crypto/crc32c@3.0.0", + "@aws-sdk/types@3.577.0", + "@smithy/is-array-buffer@3.0.0", + "@smithy/protocol-http@4.0.0", + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-crypto/crc32c@3.0.0", + "dependsOn": [ + "@aws-crypto/util@3.0.0", + "@aws-sdk/types@3.577.0", + "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + ] + }, + { + "ref": "@aws-crypto/crc32c@3.0.0|tslib@1.14.1" + }, + { + "ref": "@aws-sdk/middleware-location-constraint@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-sdk-s3@3.582.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@aws-sdk/util-arn-parser@3.568.0", + "@smithy/node-config-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/smithy-client@3.1.1", + "@smithy/types@3.0.0", + "@smithy/util-config-provider@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-signing@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/property-provider@3.1.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-middleware@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/middleware-ssec@3.577.0", + "dependsOn": [ + "@aws-sdk/types@3.577.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@aws-sdk/signature-v4-multi-region@3.582.0", + "dependsOn": [ + "@aws-sdk/middleware-sdk-s3@3.582.0", + "@aws-sdk/types@3.577.0", + "@smithy/protocol-http@4.0.0", + "@smithy/signature-v4@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-browser@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-universal@3.0.0", + "dependsOn": [ + "@smithy/eventstream-codec@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-codec@3.0.0", + "dependsOn": [ + "@aws-crypto/crc32@3.0.0", + "@smithy/types@3.0.0", + "@smithy/util-hex-encoding@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-config-resolver@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/eventstream-serde-node@3.0.0", + "dependsOn": [ + "@smithy/eventstream-serde-universal@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-blob-browser@3.0.0", + "dependsOn": [ + "@smithy/chunked-blob-reader-native@3.0.0", + "@smithy/chunked-blob-reader@3.0.0", + "@smithy/types@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader-native@3.0.0", + "dependsOn": [ + "@smithy/util-base64@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/chunked-blob-reader@3.0.0", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/hash-stream-node@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@smithy/md5-js@3.0.0", + "dependsOn": [ + "@smithy/types@3.0.0", + "@smithy/util-utf8@3.0.0", + "tslib@2.6.3" + ] + }, + { + "ref": "@inquirer/confirm@3.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/core@8.2.2", + "dependsOn": [ + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "@types/mute-stream@0.0.4", + "@types/node@20.14.1", + "@types/wrap-ansi@3.0.0", + "ansi-escapes@4.3.2", + "chalk@4.1.2", + "cli-spinners@2.9.2", + "@inquirer/core@8.2.2|cli-width@4.1.0", + "@inquirer/core@8.2.2|mute-stream@1.0.0", + "@inquirer/core@8.2.2|signal-exit@4.1.0", + "strip-ansi@6.0.1", + "@inquirer/core@8.2.2|wrap-ansi@6.2.0" + ] + }, + { + "ref": "@inquirer/core@8.2.2|cli-width@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|mute-stream@1.0.0" + }, + { + "ref": "@inquirer/core@8.2.2|signal-exit@4.1.0" + }, + { + "ref": "@inquirer/core@8.2.2|wrap-ansi@6.2.0", + "dependsOn": [ + "ansi-styles@4.3.0", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "strip-ansi@6.0.1" + ] + }, + { + "ref": "@inquirer/figures@1.0.3" + }, + { + "ref": "@inquirer/type@1.3.3" + }, + { + "ref": "@types/mute-stream@0.0.4", + "dependsOn": [ + "@types/node@20.14.1" + ] + }, + { + "ref": "@types/wrap-ansi@3.0.0" + }, + { + "ref": "@inquirer/input@2.1.9", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/type@1.3.3" + ] + }, + { + "ref": "@inquirer/select@2.3.5", + "dependsOn": [ + "@inquirer/core@8.2.2", + "@inquirer/figures@1.0.3", + "@inquirer/type@1.3.3", + "ansi-escapes@4.3.2", + "chalk@4.1.2" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1", + "dependsOn": [ + "@inquirer/confirm@3.1.9", + "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "ansis@3.2.0", + "fast-levenshtein@3.0.0" + ] + }, + { + "ref": "@oclif/plugin-not-found@3.2.1|@oclif/core@4.0.0-beta.15", + "dependsOn": [ + "ansi-escapes@4.3.2", + "ansis@3.2.0", + "clean-stack@3.0.1", + "cli-spinners@2.9.2", + "cosmiconfig@9.0.0", + "debug@4.3.4", + "ejs@3.1.10", + "get-package-type@0.1.0", + "globby@11.1.0", + "indent-string@4.0.0", + "is-wsl@2.2.0", + "minimatch@9.0.4", + "BomRef.5hrhe0lu5jo.6brcifutiug", + "supports-color@8.1.1", + "widest-line@3.1.0", + "wordwrap@1.0.0", + "BomRef.okvgjdrtm6.tqh1scmn9b8" + ] + }, + { + "ref": "fast-levenshtein@3.0.0", + "dependsOn": [ + "fastest-levenshtein@1.0.16" + ] + }, + { + "ref": "fastest-levenshtein@1.0.16" + }, + { + "ref": "async-retry@1.3.3", + "dependsOn": [ + "retry@0.13.1" + ] + }, + { + "ref": "retry@0.13.1" + }, + { + "ref": "change-case@4.1.2", + "dependsOn": [ + "camel-case@4.1.2", + "capital-case@1.0.4", + "constant-case@3.0.4", + "dot-case@3.0.4", + "header-case@2.0.4", + "no-case@3.0.4", + "param-case@3.0.4", + "pascal-case@3.1.2", + "path-case@3.0.4", + "sentence-case@3.0.4", + "snake-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "camel-case@4.1.2", + "dependsOn": [ + "pascal-case@3.1.2", + "tslib@2.6.3" + ] + }, + { + "ref": "pascal-case@3.1.2", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "capital-case@1.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "no-case@3.0.4", + "dependsOn": [ + "lower-case@2.0.2", + "tslib@2.6.3" + ] + }, + { + "ref": "upper-case-first@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "constant-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case@2.0.2" + ] + }, + { + "ref": "upper-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "dot-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "header-case@2.0.4", + "dependsOn": [ + "capital-case@1.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "lower-case@2.0.2", + "dependsOn": [ + "tslib@2.6.3" + ] + }, + { + "ref": "param-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "path-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "sentence-case@3.0.4", + "dependsOn": [ + "no-case@3.0.4", + "tslib@2.6.3", + "upper-case-first@2.0.2" + ] + }, + { + "ref": "snake-case@3.0.4", + "dependsOn": [ + "dot-case@3.0.4", + "tslib@2.6.3" + ] + }, + { + "ref": "find-yarn-workspace-root@2.0.0", + "dependsOn": [ + "micromatch@4.0.5" + ] + }, + { + "ref": "github-slugger@2.0.0" + }, + { + "ref": "got@13.0.0", + "dependsOn": [ + "@sindresorhus/is@5.6.0", + "@szmarczak/http-timer@5.0.1", + "cacheable-lookup@7.0.0", + "cacheable-request@10.2.14", + "decompress-response@6.0.0", + "form-data-encoder@2.1.4", + "get-stream@6.0.1", + "http2-wrapper@2.2.1", + "lowercase-keys@3.0.0", + "p-cancelable@3.0.0", + "responselike@3.0.0" + ] + }, + { + "ref": "@sindresorhus/is@5.6.0" + }, + { + "ref": "@szmarczak/http-timer@5.0.1", + "dependsOn": [ + "defer-to-connect@2.0.1" + ] + }, + { + "ref": "defer-to-connect@2.0.1" + }, + { + "ref": "cacheable-lookup@7.0.0" + }, + { + "ref": "cacheable-request@10.2.14", + "dependsOn": [ + "@types/http-cache-semantics@4.0.4", + "get-stream@6.0.1", + "http-cache-semantics@4.1.1", + "keyv@4.5.4", + "mimic-response@4.0.0", + "normalize-url@8.0.1", + "responselike@3.0.0" + ] + }, + { + "ref": "@types/http-cache-semantics@4.0.4" + }, + { + "ref": "http-cache-semantics@4.1.1" + }, + { + "ref": "mimic-response@4.0.0" + }, + { + "ref": "normalize-url@8.0.1" + }, + { + "ref": "responselike@3.0.0", + "dependsOn": [ + "lowercase-keys@3.0.0" + ] + }, + { + "ref": "decompress-response@6.0.0", + "dependsOn": [ + "decompress-response@6.0.0|mimic-response@3.1.0" + ] + }, + { + "ref": "decompress-response@6.0.0|mimic-response@3.1.0" + }, + { + "ref": "form-data-encoder@2.1.4" + }, + { + "ref": "http2-wrapper@2.2.1", + "dependsOn": [ + "quick-lru@5.1.1", + "resolve-alpn@1.2.1" + ] + }, + { + "ref": "resolve-alpn@1.2.1" + }, + { + "ref": "lowercase-keys@3.0.0" + }, + { + "ref": "p-cancelable@3.0.0" + }, + { + "ref": "normalize-package-data@6.0.1", + "dependsOn": [ + "hosted-git-info@7.0.2", + "is-core-module@2.13.1", + "semver@7.6.2", + "validate-npm-package-license@3.0.4" + ] + }, + { + "ref": "spdx-correct@3.2.0", + "dependsOn": [ + "spdx-expression-parse@3.0.1", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-expression-parse@3.0.1", + "dependsOn": [ + "spdx-exceptions@2.5.0", + "spdx-license-ids@3.0.17" + ] + }, + { + "ref": "spdx-license-ids@3.0.17" + }, + { + "ref": "spdx-exceptions@2.5.0" + }, + { + "ref": "sort-package-json@2.10.0", + "dependsOn": [ + "detect-indent@7.0.1", + "sort-package-json@2.10.0|detect-newline@4.0.1", + "get-stdin@9.0.0", + "git-hooks-list@3.1.0", + "sort-package-json@2.10.0|globby@13.2.2", + "sort-package-json@2.10.0|is-plain-obj@4.1.0", + "semver@7.6.2", + "sort-object-keys@1.1.3" + ] + }, + { + "ref": "sort-package-json@2.10.0|detect-newline@4.0.1" + }, + { + "ref": "sort-package-json@2.10.0|globby@13.2.2", + "dependsOn": [ + "dir-glob@3.0.1", + "fast-glob@3.3.2", + "ignore@5.3.1", + "merge2@1.4.1", + "sort-package-json@2.10.0|slash@4.0.0" + ] + }, + { + "ref": "sort-package-json@2.10.0|slash@4.0.0" + }, + { + "ref": "sort-package-json@2.10.0|is-plain-obj@4.1.0" + }, + { + "ref": "detect-indent@7.0.1" + }, + { + "ref": "get-stdin@9.0.0" + }, + { + "ref": "git-hooks-list@3.1.0" + }, + { + "ref": "sort-object-keys@1.1.3" + }, + { + "ref": "tiny-jsonc@1.0.1" + }, + { + "ref": "open@10.1.0", + "dependsOn": [ + "default-browser@5.2.1", + "define-lazy-prop@3.0.0", + "is-inside-container@1.0.0", + "open@10.1.0|is-wsl@3.1.0" + ] + }, + { + "ref": "open@10.1.0|is-wsl@3.1.0", + "dependsOn": [ + "is-inside-container@1.0.0" + ] + }, + { + "ref": "default-browser@5.2.1", + "dependsOn": [ + "bundle-name@4.1.0", + "default-browser-id@5.0.0" + ] + }, + { + "ref": "bundle-name@4.1.0", + "dependsOn": [ + "run-applescript@7.0.0" + ] + }, + { + "ref": "run-applescript@7.0.0" + }, + { + "ref": "default-browser-id@5.0.0" + }, + { + "ref": "define-lazy-prop@3.0.0" + }, + { + "ref": "is-inside-container@1.0.0", + "dependsOn": [ + "is-inside-container@1.0.0|is-docker@3.0.0" + ] + }, + { + "ref": "is-inside-container@1.0.0|is-docker@3.0.0" + }, + { + "ref": "prompt-sync@4.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|strip-ansi@5.2.0" + ] + }, + { + "ref": "prompt-sync@4.2.0|strip-ansi@5.2.0", + "dependsOn": [ + "prompt-sync@4.2.0|ansi-regex@4.1.1" + ] + }, + { + "ref": "prompt-sync@4.2.0|ansi-regex@4.1.1" + }, + { + "ref": "lodash.truncate@4.4.2" + }, + { + "ref": "tmp@0.2.3" + }, + { + "ref": "ts-jest@29.1.4", + "dependsOn": [ + "@babel/core@7.24.4", + "@jest/transform@29.7.0", + "@jest/types@29.6.3", + "babel-jest@29.7.0", + "bs-logger@0.2.6", + "fast-json-stable-stringify@2.1.0", + "jest-util@29.7.0", + "jest@29.7.0", + "json5@2.2.3", + "lodash.memoize@4.1.2", + "make-error@1.3.6", + "semver@7.6.2", + "typescript@5.1.6", + "ts-jest@29.1.4|yargs-parser@21.1.1" + ] + }, + { + "ref": "ts-jest@29.1.4|yargs-parser@21.1.1" + }, + { + "ref": "@ampproject/remapping@2.3.0", + "dependsOn": [ + "@jridgewell/gen-mapping@0.3.5", + "@jridgewell/trace-mapping@0.3.25" + ] + }, + { + "ref": "js-tokens@4.0.0" + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6", + "dependsOn": [ + "@babel/compat-data@7.24.4", + "@babel/helper-validator-option@7.23.5", + "browserslist@4.23.0", + "lru-cache@5.1.1", + "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + ] + }, + { + "ref": "@babel/helper-compilation-targets@7.23.6|semver@6.3.1" + }, + { + "ref": "@babel/compat-data@7.24.4" + }, + { + "ref": "@babel/helper-validator-option@7.23.5" + }, + { + "ref": "lru-cache@5.1.1", + "dependsOn": [ + "yallist@3.1.1" + ] + }, + { + "ref": "yallist@3.1.1" + }, + { + "ref": "@babel/helper-module-transforms@7.23.3", + "dependsOn": [ + "@babel/core@7.24.4", + "@babel/helper-environment-visitor@7.22.20", + "@babel/helper-module-imports@7.24.3", + "@babel/helper-simple-access@7.22.5", + "@babel/helper-split-export-declaration@7.22.6", + "@babel/helper-validator-identifier@7.22.20" + ] + }, + { + "ref": "@babel/helper-environment-visitor@7.22.20" + }, + { + "ref": "@babel/helper-module-imports@7.24.3", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-simple-access@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-split-export-declaration@7.22.6", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helpers@7.24.4", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/traverse@7.24.1", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-function-name@7.23.0", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-hoist-variables@7.22.5", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@babel/helper-string-parser@7.24.1" + }, + { + "ref": "to-fast-properties@2.0.0" + }, + { + "ref": "gensync@1.0.0-beta.2" + }, + { + "ref": "@jridgewell/resolve-uri@3.1.2" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0", + "dependsOn": [ + "camelcase@5.3.1", + "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "get-package-type@0.1.0", + "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|find-up@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "path-exists@4.0.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|locate-path@5.0.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-locate@4.1.0", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|p-limit@2.3.0", + "dependsOn": [ + "p-try@2.2.0" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|js-yaml@3.14.1", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "esprima@4.0.1" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|argparse@1.0.10", + "dependsOn": [ + "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + ] + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|sprintf-js@1.0.3" + }, + { + "ref": "@istanbuljs/load-nyc-config@1.1.0|resolve-from@5.0.0" + }, + { + "ref": "camelcase@5.3.1" + }, + { + "ref": "test-exclude@6.0.0", + "dependsOn": [ + "@istanbuljs/schema@0.1.3", + "glob@7.2.3", + "test-exclude@6.0.0|minimatch@3.1.2" + ] + }, + { + "ref": "test-exclude@6.0.0|minimatch@3.1.2", + "dependsOn": [ + "test-exclude@6.0.0|brace-expansion@1.1.11" + ] + }, + { + "ref": "test-exclude@6.0.0|brace-expansion@1.1.11", + "dependsOn": [ + "balanced-match@1.0.2", + "concat-map@0.0.1" + ] + }, + { + "ref": "@types/babel__generator@7.6.8", + "dependsOn": [ + "@babel/types@7.24.0" + ] + }, + { + "ref": "@types/babel__template@7.4.4", + "dependsOn": [ + "@babel/parser@7.24.4", + "@babel/types@7.24.0" + ] + }, + { + "ref": "babel-preset-jest@29.6.3", + "dependsOn": [ + "@babel/core@7.24.4", + "babel-plugin-jest-hoist@29.6.3", + "babel-preset-current-node-syntax@1.0.1" + ] + }, + { + "ref": "babel-plugin-jest-hoist@29.6.3", + "dependsOn": [ + "@babel/template@7.24.0", + "@babel/types@7.24.0", + "@types/babel__core@7.20.5", + "@types/babel__traverse@7.20.5" + ] + }, + { + "ref": "ts-mocha@10.0.0", + "dependsOn": [ + "mocha@10.4.0", + "ts-mocha@10.0.0|ts-node@7.0.1", + "tsconfig-paths@3.15.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|ts-node@7.0.1", + "dependsOn": [ + "ts-mocha@10.0.0|arrify@1.0.1", + "buffer-from@1.1.2", + "ts-mocha@10.0.0|diff@3.5.0", + "make-error@1.3.6", + "minimist@1.2.8", + "ts-mocha@10.0.0|mkdirp@0.5.6", + "source-map-support@0.5.13", + "ts-mocha@10.0.0|yn@2.0.0" + ] + }, + { + "ref": "ts-mocha@10.0.0|arrify@1.0.1" + }, + { + "ref": "ts-mocha@10.0.0|diff@3.5.0" + }, + { + "ref": "ts-mocha@10.0.0|mkdirp@0.5.6", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "ts-mocha@10.0.0|yn@2.0.0" + }, + { + "ref": "buffer-from@1.1.2" + }, + { + "ref": "tsconfig-paths@3.15.0", + "dependsOn": [ + "@types/json5@0.0.29", + "tsconfig-paths@3.15.0|json5@1.0.2", + "minimist@1.2.8", + "tsconfig-paths@3.15.0|strip-bom@3.0.0" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|json5@1.0.2", + "dependsOn": [ + "minimist@1.2.8" + ] + }, + { + "ref": "tsconfig-paths@3.15.0|strip-bom@3.0.0" + }, + { + "ref": "@types/json5@0.0.29" + }, + { + "ref": "@cspotcode/source-map-support@0.8.1", + "dependsOn": [ + "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9" + ] + }, + { + "ref": "@cspotcode/source-map-support@0.8.1|@jridgewell/trace-mapping@0.3.9", + "dependsOn": [ + "@jridgewell/resolve-uri@3.1.2", + "@jridgewell/sourcemap-codec@1.4.15" + ] + }, + { + "ref": "@tsconfig/node10@1.0.11" + }, + { + "ref": "@tsconfig/node12@1.0.11" + }, + { + "ref": "@tsconfig/node14@1.0.3" + }, + { + "ref": "@tsconfig/node16@1.0.4" + }, + { + "ref": "acorn-walk@8.3.2" + }, + { + "ref": "create-require@1.1.1" + }, + { + "ref": "diff@4.0.2" + }, + { + "ref": "v8-compile-cache-lib@3.0.1" + }, + { + "ref": "yn@3.1.1" + }, + { + "ref": "tsimportlib@0.0.5" + }, + { + "ref": "@colors/colors@1.6.0" + }, + { + "ref": "@dabh/diagnostics@2.0.3", + "dependsOn": [ + "colorspace@1.1.4", + "enabled@2.0.0", + "kuler@2.0.0" + ] + }, + { + "ref": "colorspace@1.1.4", + "dependsOn": [ + "colorspace@1.1.4|color@3.2.1", + "text-hex@1.0.0" + ] + }, + { + "ref": "colorspace@1.1.4|color@3.2.1", + "dependsOn": [ + "colorspace@1.1.4|color-convert@1.9.3", + "color-string@1.9.1" + ] + }, + { + "ref": "colorspace@1.1.4|color-convert@1.9.3", + "dependsOn": [ + "colorspace@1.1.4|color-name@1.1.3" + ] + }, + { + "ref": "colorspace@1.1.4|color-name@1.1.3" + }, + { + "ref": "text-hex@1.0.0" + }, + { + "ref": "enabled@2.0.0" + }, + { + "ref": "kuler@2.0.0" + }, + { + "ref": "logform@2.6.0", + "dependsOn": [ + "@colors/colors@1.6.0", + "@types/triple-beam@1.3.5", + "fecha@4.2.3", + "ms@2.1.3", + "safe-stable-stringify@2.4.3", + "triple-beam@1.4.1" + ] + }, + { + "ref": "fecha@4.2.3" + }, + { + "ref": "safe-stable-stringify@2.4.3" + }, + { + "ref": "triple-beam@1.4.1" + }, + { + "ref": "one-time@1.0.0", + "dependsOn": [ + "fn.name@1.1.0" + ] + }, + { + "ref": "fn.name@1.1.0" + }, + { + "ref": "string_decoder@1.3.0", + "dependsOn": [ + "safe-buffer@5.2.1" + ] + }, + { + "ref": "stack-trace@0.0.10" + }, + { + "ref": "winston-transport@4.7.0", + "dependsOn": [ + "logform@2.6.0", + "readable-stream@3.6.2", + "triple-beam@1.4.1" + ] + }, + { + "ref": "xlsx-populate@1.21.0", + "dependsOn": [ + "cfb@1.2.2", + "jszip@3.10.1", + "lodash@4.17.21", + "xlsx-populate@1.21.0|sax@1.3.0" + ] + }, + { + "ref": "xlsx-populate@1.21.0|sax@1.3.0" + }, + { + "ref": "cfb@1.2.2", + "dependsOn": [ + "adler-32@1.3.1", + "crc-32@1.2.2" + ] + }, + { + "ref": "adler-32@1.3.1" + }, + { + "ref": "crc-32@1.2.2" + }, + { + "ref": "jszip@3.10.1", + "dependsOn": [ + "lie@3.3.0", + "pako@1.0.11", + "jszip@3.10.1|readable-stream@2.3.8", + "setimmediate@1.0.5" + ] + }, + { + "ref": "jszip@3.10.1|readable-stream@2.3.8", + "dependsOn": [ + "core-util-is@1.0.3", + "inherits@2.0.4", + "isarray@1.0.0", + "process-nextick-args@2.0.1", + "jszip@3.10.1|safe-buffer@5.1.2", + "jszip@3.10.1|string_decoder@1.1.1", + "util-deprecate@1.0.2" + ] + }, + { + "ref": "jszip@3.10.1|safe-buffer@5.1.2" + }, + { + "ref": "jszip@3.10.1|string_decoder@1.1.1", + "dependsOn": [ + "jszip@3.10.1|safe-buffer@5.1.2" + ] + }, + { + "ref": "lie@3.3.0", + "dependsOn": [ + "immediate@3.0.6" + ] + }, + { + "ref": "immediate@3.0.6" + }, + { + "ref": "pako@1.0.11" + }, + { + "ref": "core-util-is@1.0.3" + }, + { + "ref": "isarray@1.0.0" + }, + { + "ref": "process-nextick-args@2.0.1" + }, + { + "ref": "setimmediate@1.0.5" + }, + { + "ref": "sax@1.2.1" + }, + { + "ref": "xmlbuilder@11.0.1" + }, + { + "ref": "zip-lib@1.0.4", + "dependsOn": [ + "yauzl@3.1.3", + "yazl@2.5.1" + ] + }, + { + "ref": "yauzl@3.1.3", + "dependsOn": [ + "buffer-crc32@0.2.13", + "pend@1.2.0" + ] + }, + { + "ref": "buffer-crc32@0.2.13" + }, + { + "ref": "pend@1.2.0" + }, + { + "ref": "yazl@2.5.1", + "dependsOn": [ + "buffer-crc32@0.2.13" + ] + } + ], + "data": { + "$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "serialNumber": "urn:uuid:7103f08b-5c5e-4b5b-b2c7-d4be65fa19fe", + "metadata": { + "timestamp": "2024-07-08T18:08:55.978Z", + "tools": [ + { + "name": "npm", + "version": "10.7.0" + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-npm", + "version": "1.19.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + }, + { + "vendor": "@cyclonedx", + "name": "cyclonedx-library", + "version": "6.10.0", + "externalReferences": [ + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ] + } + ], + "component": { + "type": "application", + "name": "saf", + "group": "@mitre", + "version": "1.4.7", + "bom-ref": "@mitre/saf@1.4.7", + "author": "The MITRE Security Automation Framework", + "description": "The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "purl": "pkg:npm/%40mitre/saf@1.4.7?vcs_url=git%2Bhttps%3A//github.com/mitre/saf.git", + "externalReferences": [ + { + "url": "git+https://github.com/mitre/saf.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/mitre/saf", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + }, + { + "url": "https://github.com/mitre/saf/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + } + ], + "properties": [ + { + "name": "cdx:npm:package:path", + "value": "" + } + ] + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf-withraw.json new file mode 100644 index 000000000..32b1c6d73 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf-withraw.json @@ -0,0 +1,3072 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: container/1d098408640ab242", + "title": "alpine CycloneDX BOM Report", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "f57879a123b5e7ca79958826037eca3b44402838eab9c4418280c4abc06ec12e" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "331776" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1zwvKMnYs1b6ZdPTBJ0Z7D5P3jyA=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "alpine-baselayout-data=3.4.3-r1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:size", + "value": "8914" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout-data", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout-data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout-data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "77824" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1YCAH7jdO2W816b85sUh9Z8av4Cc=" + }, + { + "name": "syft:metadata:size", + "value": "11705" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c3e1269ff75aa1d8", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-keys", + "version": "2.4-r1", + "description": "Public keys for Alpine Linux packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:alpine-keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "aab68f8c9ab434a46710de8e12fb3206e2930a59" + }, + { + "name": "syft:metadata:installedSize", + "value": "159744" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-keys" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q17Do9XvTHoWjQlRYJe7MhnKd8FTQ=" + }, + { + "name": "syft:metadata:size", + "value": "13360" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "type": "library", + "publisher": "Natanael Copa ", + "name": "apk-tools", + "version": "2.14.0-r2", + "description": "Alpine Package Keeper - package manager for alpine", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/apk-tools", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk-tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "cbaf845cd82388decc932885aa5b6d695bd8a306" + }, + { + "name": "syft:metadata:installedSize", + "value": "311296" + }, + { + "name": "syft:metadata:originPackage", + "value": "apk-tools" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libapk.so.2.14.0=2.14.0" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:apk=2.14.0-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1jN4l8jnr9pHNE1o5VOUZPBrCrhM=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl>=1.2.3_git20230424" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "ca-certificates-bundle" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:3", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:4", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:pullDependencies:5", + "value": "so:libz.so.1" + }, + { + "name": "syft:metadata:size", + "value": "125679" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox", + "version": "1.36.1-r2", + "description": "Size optimized toolbox of many common UNIX utilities", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox:busybox:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "946176" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1gQ/L3UBnSjgkFWEHQaUkUDubqdI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "510086" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox-binsh", + "version": "1.36.1-r2", + "description": "busybox ash /bin/sh", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "8192" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:sh=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1ng9K4zeuARW5It8leWhwxor0cRQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:size", + "value": "1543" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "type": "library", + "publisher": "Natanael Copa ", + "name": "ca-certificates-bundle", + "version": "20230506-r0", + "description": "Pre generated bundle of Mozilla certificates", + "licenses": [ + { + "expression": "MPL-2.0 AND MIT" + } + ], + "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "59534a02716a92a10d177a118c34066162eff4a6" + }, + { + "name": "syft:metadata:installedSize", + "value": "237568" + }, + { + "name": "syft:metadata:originPackage", + "value": "ca-certificates" + }, + { + "name": "syft:metadata:provides:0", + "value": "ca-certificates-cacert=20230506-r0" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1R/SF0IZwqesh6/EOcK5l3EOrbD0=" + }, + { + "name": "syft:metadata:size", + "value": "126311" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "type": "library", + "publisher": "Natanael Copa ", + "name": "libc-utils", + "version": "0.7.2-r5", + "description": "Meta package to pull in correct libc", + "licenses": [ + { + "expression": "BSD-2-Clause AND BSD-3-Clause" + } + ], + "cpe": "cpe:2.3:a:libc-utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc-utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "988f183cc9d6699930c3e18ccf4a9e36010afb56" + }, + { + "name": "syft:metadata:installedSize", + "value": "4096" + }, + { + "name": "syft:metadata:originPackage", + "value": "libc-dev" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1Llna/ri8oHhlQIRsaG8SGug0ikI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl-utils" + }, + { + "name": "syft:metadata:size", + "value": "1484" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libcrypto3", + "version": "3.1.2-r0", + "description": "Crypto library from openssl", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto3:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "4575232" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libcrypto.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1NsXXS8muNMooXArl1YhRLj5Rvno=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "1740170" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libssl3", + "version": "3.1.2-r0", + "description": "SSL shared libraries", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libssl3:libssl3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl3:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "565248" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libssl.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q16d3kU5nHnWY7SeXMWOWZGiQjKcg=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:size", + "value": "236713" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:musl-libc:musl:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_libc:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "634880" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libc.musl-x86_64.so.1=1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q12qHLEadu7QpBuz8kHB5EDF3mKB4=" + }, + { + "name": "syft:metadata:size", + "value": "390477" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl-utils", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "expression": "MIT AND BSD-2-Clause AND GPL-2.0-or-later" + } + ], + "cpe": "cpe:2.3:a:musl-utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "135168" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:getconf=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:getent=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:2", + "value": "cmd:iconv=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:3", + "value": "cmd:ldconfig=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:4", + "value": "cmd:ldd=1.2.4-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1x4sUHXjWjUzYP5FPvJL1HWBjL1M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "scanelf" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "36691" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "type": "library", + "publisher": "Natanael Copa ", + "name": "scanelf", + "version": "1.3.7-r1", + "description": "Scan ELF binaries for stuff", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:scanelf:scanelf:1.3.7-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "90112" + }, + { + "name": "syft:metadata:originPackage", + "value": "pax-utils" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:scanelf=1.3.7-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q14nq9o4+uo2NaLbTVDQB3UeooC0M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "35664" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "type": "library", + "publisher": "Sören Tempel ", + "name": "ssl_client", + "version": "1.36.1-r2", + "description": "EXternal ssl_client for busybox wget", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl-client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "28672" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:ssl_client=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1j6LHWpavmnFtpYjzQkH7apSIVOc=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:size", + "value": "4944" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "type": "library", + "publisher": "Natanael Copa ", + "name": "zlib", + "version": "1.2.13-r1", + "description": "A compression/decompression Library", + "licenses": [ + { + "license": { + "id": "Zlib" + } + } + ], + "cpe": "cpe:2.3:a:zlib:zlib:1.2.13-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://zlib.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "110592" + }, + { + "name": "syft:metadata:originPackage", + "value": "zlib" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libz.so.1=1.2.13" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1JlboSJkrN4qkDcokr4zenpcWEXQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "54253" + } + ] + }, + { + "bom-ref": "os:alpine@3.18.3", + "type": "operating-system", + "name": "alpine", + "version": "3.18.3", + "description": "Alpine Linux v3.18", + "swid": { + "tagId": "alpine", + "name": "alpine", + "version": "3.18.3" + }, + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues", + "type": "issue-tracker" + }, + { + "url": "https://alpinelinux.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "syft:distro:id", + "value": "alpine" + }, + { + "name": "syft:distro:prettyName", + "value": "Alpine Linux v3.18" + }, + { + "name": "syft:distro:versionID", + "value": "3.18.3" + } + ] + } + ], + "dependencies": [ + { + "ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "dependsOn": [ + "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca" + ] + }, + { + "ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "dependsOn": [ + "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc" + ] + }, + { + "ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "dependsOn": [ + "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5" + ] + }, + { + "ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "dependsOn": [ + "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6" + ] + }, + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970" + ] + }, + { + "ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + } + ], + "data": { + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "serialNumber": "urn:uuid:600bf98a-94fb-4a9c-b7b5-0bae4f32aeb7", + "version": 1, + "metadata": { + "timestamp": "2024-08-19T08:25:05-04:00", + "tools": { + "components": [ + { + "type": "application", + "author": "anchore", + "name": "syft", + "version": "1.11.0" + } + ] + }, + "component": { + "bom-ref": "1d098408640ab242", + "type": "container", + "name": "alpine", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33" + } + } + } + } + ], + "raw": { + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "serialNumber": "urn:uuid:600bf98a-94fb-4a9c-b7b5-0bae4f32aeb7", + "version": 1, + "metadata": { + "timestamp": "2024-08-19T08:25:05-04:00", + "tools": { + "components": [ + { + "type": "application", + "author": "anchore", + "name": "syft", + "version": "1.11.0" + } + ] + }, + "component": { + "bom-ref": "1d098408640ab242", + "type": "container", + "name": "alpine", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33" + } + }, + "components": [ + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "331776" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1zwvKMnYs1b6ZdPTBJ0Z7D5P3jyA=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "alpine-baselayout-data=3.4.3-r1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:size", + "value": "8914" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout-data", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout-data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout-data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "77824" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1YCAH7jdO2W816b85sUh9Z8av4Cc=" + }, + { + "name": "syft:metadata:size", + "value": "11705" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c3e1269ff75aa1d8", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-keys", + "version": "2.4-r1", + "description": "Public keys for Alpine Linux packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:alpine-keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "aab68f8c9ab434a46710de8e12fb3206e2930a59" + }, + { + "name": "syft:metadata:installedSize", + "value": "159744" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-keys" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q17Do9XvTHoWjQlRYJe7MhnKd8FTQ=" + }, + { + "name": "syft:metadata:size", + "value": "13360" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "type": "library", + "publisher": "Natanael Copa ", + "name": "apk-tools", + "version": "2.14.0-r2", + "description": "Alpine Package Keeper - package manager for alpine", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/apk-tools", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk-tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "cbaf845cd82388decc932885aa5b6d695bd8a306" + }, + { + "name": "syft:metadata:installedSize", + "value": "311296" + }, + { + "name": "syft:metadata:originPackage", + "value": "apk-tools" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libapk.so.2.14.0=2.14.0" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:apk=2.14.0-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1jN4l8jnr9pHNE1o5VOUZPBrCrhM=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl>=1.2.3_git20230424" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "ca-certificates-bundle" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:3", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:4", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:pullDependencies:5", + "value": "so:libz.so.1" + }, + { + "name": "syft:metadata:size", + "value": "125679" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox", + "version": "1.36.1-r2", + "description": "Size optimized toolbox of many common UNIX utilities", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox:busybox:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "946176" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1gQ/L3UBnSjgkFWEHQaUkUDubqdI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "510086" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox-binsh", + "version": "1.36.1-r2", + "description": "busybox ash /bin/sh", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "8192" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:sh=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1ng9K4zeuARW5It8leWhwxor0cRQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:size", + "value": "1543" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "type": "library", + "publisher": "Natanael Copa ", + "name": "ca-certificates-bundle", + "version": "20230506-r0", + "description": "Pre generated bundle of Mozilla certificates", + "licenses": [ + { + "expression": "MPL-2.0 AND MIT" + } + ], + "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "59534a02716a92a10d177a118c34066162eff4a6" + }, + { + "name": "syft:metadata:installedSize", + "value": "237568" + }, + { + "name": "syft:metadata:originPackage", + "value": "ca-certificates" + }, + { + "name": "syft:metadata:provides:0", + "value": "ca-certificates-cacert=20230506-r0" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1R/SF0IZwqesh6/EOcK5l3EOrbD0=" + }, + { + "name": "syft:metadata:size", + "value": "126311" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "type": "library", + "publisher": "Natanael Copa ", + "name": "libc-utils", + "version": "0.7.2-r5", + "description": "Meta package to pull in correct libc", + "licenses": [ + { + "expression": "BSD-2-Clause AND BSD-3-Clause" + } + ], + "cpe": "cpe:2.3:a:libc-utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc-utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "988f183cc9d6699930c3e18ccf4a9e36010afb56" + }, + { + "name": "syft:metadata:installedSize", + "value": "4096" + }, + { + "name": "syft:metadata:originPackage", + "value": "libc-dev" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1Llna/ri8oHhlQIRsaG8SGug0ikI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl-utils" + }, + { + "name": "syft:metadata:size", + "value": "1484" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libcrypto3", + "version": "3.1.2-r0", + "description": "Crypto library from openssl", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto3:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "4575232" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libcrypto.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1NsXXS8muNMooXArl1YhRLj5Rvno=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "1740170" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libssl3", + "version": "3.1.2-r0", + "description": "SSL shared libraries", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libssl3:libssl3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl3:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "565248" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libssl.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q16d3kU5nHnWY7SeXMWOWZGiQjKcg=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:size", + "value": "236713" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:musl-libc:musl:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_libc:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "634880" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libc.musl-x86_64.so.1=1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q12qHLEadu7QpBuz8kHB5EDF3mKB4=" + }, + { + "name": "syft:metadata:size", + "value": "390477" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl-utils", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "expression": "MIT AND BSD-2-Clause AND GPL-2.0-or-later" + } + ], + "cpe": "cpe:2.3:a:musl-utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "135168" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:getconf=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:getent=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:2", + "value": "cmd:iconv=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:3", + "value": "cmd:ldconfig=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:4", + "value": "cmd:ldd=1.2.4-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1x4sUHXjWjUzYP5FPvJL1HWBjL1M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "scanelf" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "36691" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "type": "library", + "publisher": "Natanael Copa ", + "name": "scanelf", + "version": "1.3.7-r1", + "description": "Scan ELF binaries for stuff", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:scanelf:scanelf:1.3.7-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "90112" + }, + { + "name": "syft:metadata:originPackage", + "value": "pax-utils" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:scanelf=1.3.7-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q14nq9o4+uo2NaLbTVDQB3UeooC0M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "35664" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "type": "library", + "publisher": "Sören Tempel ", + "name": "ssl_client", + "version": "1.36.1-r2", + "description": "EXternal ssl_client for busybox wget", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl-client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "28672" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:ssl_client=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1j6LHWpavmnFtpYjzQkH7apSIVOc=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:size", + "value": "4944" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "type": "library", + "publisher": "Natanael Copa ", + "name": "zlib", + "version": "1.2.13-r1", + "description": "A compression/decompression Library", + "licenses": [ + { + "license": { + "id": "Zlib" + } + } + ], + "cpe": "cpe:2.3:a:zlib:zlib:1.2.13-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://zlib.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "110592" + }, + { + "name": "syft:metadata:originPackage", + "value": "zlib" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libz.so.1=1.2.13" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1JlboSJkrN4qkDcokr4zenpcWEXQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "54253" + } + ] + }, + { + "bom-ref": "os:alpine@3.18.3", + "type": "operating-system", + "name": "alpine", + "version": "3.18.3", + "description": "Alpine Linux v3.18", + "swid": { + "tagId": "alpine", + "name": "alpine", + "version": "3.18.3" + }, + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues", + "type": "issue-tracker" + }, + { + "url": "https://alpinelinux.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "syft:distro:id", + "value": "alpine" + }, + { + "name": "syft:distro:prettyName", + "value": "Alpine Linux v3.18" + }, + { + "name": "syft:distro:versionID", + "value": "3.18.3" + } + ] + } + ], + "dependencies": [ + { + "ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "dependsOn": [ + "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca" + ] + }, + { + "ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "dependsOn": [ + "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc" + ] + }, + { + "ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "dependsOn": [ + "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5" + ] + }, + { + "ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "dependsOn": [ + "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6" + ] + }, + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970" + ] + }, + { + "ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf.json new file mode 100644 index 000000000..9d793fb7c --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-syft-alpine-container-hdf.json @@ -0,0 +1,1550 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report: container/1d098408640ab242", + "title": "alpine CycloneDX BOM Report", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [], + "sha256": "f57879a123b5e7ca79958826037eca3b44402838eab9c4418280c4abc06ec12e" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "components": [ + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "331776" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1zwvKMnYs1b6ZdPTBJ0Z7D5P3jyA=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "alpine-baselayout-data=3.4.3-r1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:size", + "value": "8914" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-baselayout-data", + "version": "3.4.3-r1", + "description": "Alpine base dir structure and init scripts", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:alpine-baselayout-data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout-data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout_data:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_baselayout:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-baselayout-data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_baselayout_data:3.4.3-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "65502ca9379dd29d1ac4b0bf0dcf03a3dd1b324a" + }, + { + "name": "syft:metadata:installedSize", + "value": "77824" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-baselayout" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1YCAH7jdO2W816b85sUh9Z8av4Cc=" + }, + { + "name": "syft:metadata:size", + "value": "11705" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c3e1269ff75aa1d8", + "type": "library", + "publisher": "Natanael Copa ", + "name": "alpine-keys", + "version": "2.4-r1", + "description": "Public keys for Alpine Linux packages", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:alpine-keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine-keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine_keys:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine-keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:alpine:alpine_keys:2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "aab68f8c9ab434a46710de8e12fb3206e2930a59" + }, + { + "name": "syft:metadata:installedSize", + "value": "159744" + }, + { + "name": "syft:metadata:originPackage", + "value": "alpine-keys" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q17Do9XvTHoWjQlRYJe7MhnKd8FTQ=" + }, + { + "name": "syft:metadata:size", + "value": "13360" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "type": "library", + "publisher": "Natanael Copa ", + "name": "apk-tools", + "version": "2.14.0-r2", + "description": "Alpine Package Keeper - package manager for alpine", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:apk-tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/apk-tools", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk-tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk_tools:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk-tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:apk:apk_tools:2.14.0-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "cbaf845cd82388decc932885aa5b6d695bd8a306" + }, + { + "name": "syft:metadata:installedSize", + "value": "311296" + }, + { + "name": "syft:metadata:originPackage", + "value": "apk-tools" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libapk.so.2.14.0=2.14.0" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:apk=2.14.0-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1jN4l8jnr9pHNE1o5VOUZPBrCrhM=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl>=1.2.3_git20230424" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "ca-certificates-bundle" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:3", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:4", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:pullDependencies:5", + "value": "so:libz.so.1" + }, + { + "name": "syft:metadata:size", + "value": "125679" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox", + "version": "1.36.1-r2", + "description": "Size optimized toolbox of many common UNIX utilities", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox:busybox:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "946176" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1gQ/L3UBnSjgkFWEHQaUkUDubqdI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "510086" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "type": "library", + "publisher": "Sören Tempel ", + "name": "busybox-binsh", + "version": "1.36.1-r2", + "description": "busybox ash /bin/sh", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:busybox-binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox-binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox_binsh:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox-binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:busybox:busybox_binsh:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "8192" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "/bin/sh" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:sh=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1ng9K4zeuARW5It8leWhwxor0cRQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "busybox=1.36.1-r2" + }, + { + "name": "syft:metadata:size", + "value": "1543" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "type": "library", + "publisher": "Natanael Copa ", + "name": "ca-certificates-bundle", + "version": "20230506-r0", + "description": "Pre generated bundle of Mozilla certificates", + "licenses": [ + { + "expression": "MPL-2.0 AND MIT" + } + ], + "cpe": "cpe:2.3:a:ca-certificates-bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates-bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates_bundle:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca-certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca_certificates:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:mozilla:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca-certificates-bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ca:ca_certificates_bundle:20230506-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "59534a02716a92a10d177a118c34066162eff4a6" + }, + { + "name": "syft:metadata:installedSize", + "value": "237568" + }, + { + "name": "syft:metadata:originPackage", + "value": "ca-certificates" + }, + { + "name": "syft:metadata:provides:0", + "value": "ca-certificates-cacert=20230506-r0" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1R/SF0IZwqesh6/EOcK5l3EOrbD0=" + }, + { + "name": "syft:metadata:size", + "value": "126311" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "type": "library", + "publisher": "Natanael Copa ", + "name": "libc-utils", + "version": "0.7.2-r5", + "description": "Meta package to pull in correct libc", + "licenses": [ + { + "expression": "BSD-2-Clause AND BSD-3-Clause" + } + ], + "cpe": "cpe:2.3:a:libc-utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://alpinelinux.org", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc-utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc_utils:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc-utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libc:libc_utils:0.7.2-r5:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "988f183cc9d6699930c3e18ccf4a9e36010afb56" + }, + { + "name": "syft:metadata:installedSize", + "value": "4096" + }, + { + "name": "syft:metadata:originPackage", + "value": "libc-dev" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1Llna/ri8oHhlQIRsaG8SGug0ikI=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "musl-utils" + }, + { + "name": "syft:metadata:size", + "value": "1484" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libcrypto3", + "version": "3.1.2-r0", + "description": "Crypto library from openssl", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libcrypto3:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto3:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libcrypto:libcrypto:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "4575232" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libcrypto.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1NsXXS8muNMooXArl1YhRLj5Rvno=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "1740170" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "type": "library", + "publisher": "Ariadne Conill ", + "name": "libssl3", + "version": "3.1.2-r0", + "description": "SSL shared libraries", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "cpe": "cpe:2.3:a:libssl3:libssl3:3.1.2-r0:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://www.openssl.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl3:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl3:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:libssl:libssl:3.1.2-r0:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "b68a32f25ba44f406e02c2ca8f323a76f167d924" + }, + { + "name": "syft:metadata:installedSize", + "value": "565248" + }, + { + "name": "syft:metadata:originPackage", + "value": "openssl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libssl.so.3=3" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q16d3kU5nHnWY7SeXMWOWZGiQjKcg=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:size", + "value": "236713" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "cpe": "cpe:2.3:a:musl-libc:musl:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_libc:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "634880" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libc.musl-x86_64.so.1=1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q12qHLEadu7QpBuz8kHB5EDF3mKB4=" + }, + { + "name": "syft:metadata:size", + "value": "390477" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "type": "library", + "publisher": "Timo Teräs ", + "name": "musl-utils", + "version": "1.2.4-r1", + "description": "the musl c library (libc) implementation", + "licenses": [ + { + "expression": "MIT AND BSD-2-Clause AND GPL-2.0-or-later" + } + ], + "cpe": "cpe:2.3:a:musl-utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://musl.libc.org/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl_utils:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl-libc:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl-utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:musl:musl_utils:1.2.4-r1:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "a6e14d1837131339f85ff337fbd4ecb8886945ae" + }, + { + "name": "syft:metadata:installedSize", + "value": "135168" + }, + { + "name": "syft:metadata:originPackage", + "value": "musl" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:getconf=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:1", + "value": "cmd:getent=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:2", + "value": "cmd:iconv=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:3", + "value": "cmd:ldconfig=1.2.4-r1" + }, + { + "name": "syft:metadata:provides:4", + "value": "cmd:ldd=1.2.4-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1x4sUHXjWjUzYP5FPvJL1HWBjL1M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "scanelf" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "36691" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "type": "library", + "publisher": "Natanael Copa ", + "name": "scanelf", + "version": "1.3.7-r1", + "description": "Scan ELF binaries for stuff", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:scanelf:scanelf:1.3.7-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "90112" + }, + { + "name": "syft:metadata:originPackage", + "value": "pax-utils" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:scanelf=1.3.7-r1" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q14nq9o4+uo2NaLbTVDQB3UeooC0M=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "35664" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "type": "library", + "publisher": "Sören Tempel ", + "name": "ssl_client", + "version": "1.36.1-r2", + "description": "EXternal ssl_client for busybox wget", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "cpe": "cpe:2.3:a:ssl-client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://busybox.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl-client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl_client:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl-client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:cpe23", + "value": "cpe:2.3:a:ssl:ssl_client:1.36.1-r2:*:*:*:*:*:*:*" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "2684a6593b10051f8f9fcb01e4734e2d9533b0ea" + }, + { + "name": "syft:metadata:installedSize", + "value": "28672" + }, + { + "name": "syft:metadata:originPackage", + "value": "busybox" + }, + { + "name": "syft:metadata:provides:0", + "value": "cmd:ssl_client=1.36.1-r2" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1j6LHWpavmnFtpYjzQkH7apSIVOc=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:pullDependencies:1", + "value": "so:libcrypto.so.3" + }, + { + "name": "syft:metadata:pullDependencies:2", + "value": "so:libssl.so.3" + }, + { + "name": "syft:metadata:size", + "value": "4944" + } + ] + }, + { + "bom-ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "type": "library", + "publisher": "Natanael Copa ", + "name": "zlib", + "version": "1.2.13-r1", + "description": "A compression/decompression Library", + "licenses": [ + { + "license": { + "id": "Zlib" + } + } + ], + "cpe": "cpe:2.3:a:zlib:zlib:1.2.13-r1:*:*:*:*:*:*:*", + "purl": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3", + "externalReferences": [ + { + "url": "https://zlib.net/", + "type": "distribution" + } + ], + "properties": [ + { + "name": "syft:package:foundBy", + "value": "apk-db-cataloger" + }, + { + "name": "syft:package:type", + "value": "apk" + }, + { + "name": "syft:package:metadataType", + "value": "apk-db-entry" + }, + { + "name": "syft:location:0:layerID", + "value": "sha256:4693057ce2364720d39e57e85a5b8e0bd9ac3573716237736d6470ec5b7b7230" + }, + { + "name": "syft:location:0:path", + "value": "/lib/apk/db/installed" + }, + { + "name": "syft:metadata:gitCommitOfApkPort", + "value": "84a227baf001b6e0208e3352b294e4d7a40e93de" + }, + { + "name": "syft:metadata:installedSize", + "value": "110592" + }, + { + "name": "syft:metadata:originPackage", + "value": "zlib" + }, + { + "name": "syft:metadata:provides:0", + "value": "so:libz.so.1=1.2.13" + }, + { + "name": "syft:metadata:pullChecksum", + "value": "Q1JlboSJkrN4qkDcokr4zenpcWEXQ=" + }, + { + "name": "syft:metadata:pullDependencies:0", + "value": "so:libc.musl-x86_64.so.1" + }, + { + "name": "syft:metadata:size", + "value": "54253" + } + ] + }, + { + "bom-ref": "os:alpine@3.18.3", + "type": "operating-system", + "name": "alpine", + "version": "3.18.3", + "description": "Alpine Linux v3.18", + "swid": { + "tagId": "alpine", + "name": "alpine", + "version": "3.18.3" + }, + "externalReferences": [ + { + "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues", + "type": "issue-tracker" + }, + { + "url": "https://alpinelinux.org/", + "type": "website" + } + ], + "properties": [ + { + "name": "syft:distro:id", + "value": "alpine" + }, + { + "name": "syft:distro:prettyName", + "value": "Alpine Linux v3.18" + }, + { + "name": "syft:distro:versionID", + "value": "3.18.3" + } + ] + } + ], + "dependencies": [ + { + "ref": "pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64&distro=alpine-3.18.3&package-id=baca676b3df82a63", + "dependsOn": [ + "pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64&upstream=alpine-baselayout&distro=alpine-3.18.3&package-id=85e34641ddeca26c", + "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca" + ] + }, + { + "ref": "pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64&distro=alpine-3.18.3&package-id=e54b9e6921a9482e", + "dependsOn": [ + "pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64&upstream=ca-certificates&distro=alpine-3.18.3&package-id=e6d1b63d5a046c55", + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc" + ] + }, + { + "ref": "pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=b8384340b5c5b8ca", + "dependsOn": [ + "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5" + ] + }, + { + "ref": "pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64&distro=alpine-3.18.3&package-id=c4df3b964f3b98b5", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64&upstream=libc-dev&distro=alpine-3.18.3&package-id=caef79f1fe0b500a", + "dependsOn": [ + "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6" + ] + }, + { + "ref": "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64&upstream=musl&distro=alpine-3.18.3&package-id=d4ae8261cf0671f6", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3", + "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970" + ] + }, + { + "ref": "pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64&upstream=pax-utils&distro=alpine-3.18.3&package-id=701300eef0967970", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64&upstream=busybox&distro=alpine-3.18.3&package-id=bdbab9ee97709e2f", + "dependsOn": [ + "pkg:apk/alpine/libcrypto3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=8ef465fdfe63fe6b", + "pkg:apk/alpine/libssl3@3.1.2-r0?arch=x86_64&upstream=openssl&distro=alpine-3.18.3&package-id=011c57b5dbefaa2d", + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + }, + { + "ref": "pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64&distro=alpine-3.18.3&package-id=c8e7fc9f117e52bc", + "dependsOn": [ + "pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64&distro=alpine-3.18.3&package-id=cb940afce7c7e0d3" + ] + } + ], + "data": { + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "serialNumber": "urn:uuid:600bf98a-94fb-4a9c-b7b5-0bae4f32aeb7", + "version": 1, + "metadata": { + "timestamp": "2024-08-19T08:25:05-04:00", + "tools": { + "components": [ + { + "type": "application", + "author": "anchore", + "name": "syft", + "version": "1.11.0" + } + ] + }, + "component": { + "bom-ref": "1d098408640ab242", + "type": "container", + "name": "alpine", + "version": "sha256:c5c5fda71656f28e49ac9c5416b3643eaa6a108a8093151d6d1afc9463be8e33" + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-vex-hdf-withraw.json b/test/sample_data/cyclonedx_sbom/sbom-vex-hdf-withraw.json new file mode 100644 index 000000000..a55cb6988 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-vex-hdf-withraw.json @@ -0,0 +1,213 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report", + "title": "CycloneDX BOM Report", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "ratings": "NVD - high, SNYK - high, Acme Inc - none", + "created": "2020-12-03T00:00:00.000Z", + "published": "2020-12-03T00:00:00.000Z", + "updated": "2021-10-26T00:00:00.000Z", + "credits": "Bartosz Baranowski", + "analysis.state": "not_affected", + "analysis.justification": "code_not_reachable", + "analysis.response": "will_not_fix, update", + "analysis.detail": "Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly." + }, + "descriptions": [ + { + "data": "Recommendation: Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.", + "label": "fix" + } + ], + "refs": [ + { + "ref": [ + { + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649" + } + }, + { + "references": [ + { + "id": "SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302", + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + } + } + ] + }, + { + "advisories": [ + { + "title": "GitHub Commit", + "url": "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59" + }, + { + "title": "GitHub Issue", + "url": "https://github.com/FasterXML/jackson-databind/issues/2589" + }, + { + "title": "RedHat Bugzilla Bug", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664" + } + ] + } + ] + } + ], + "source_location": {}, + "title": "com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.", + "id": "CVE-2020-25649", + "desc": "Description: com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.\n\nDetail: XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\n\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.", + "impact": 0.82, + "code": "{\n \"id\": \"CVE-2020-25649\",\n \"source\": {\n \"name\": \"NVD\",\n \"url\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-25649\"\n },\n \"references\": [\n {\n \"id\": \"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\",\n \"source\": {\n \"name\": \"SNYK\",\n \"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\"\n }\n }\n ],\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"NVD\",\n \"url\": \"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N&version=3.1\"\n },\n \"score\": 7.5,\n \"severity\": \"high\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\"\n },\n {\n \"source\": {\n \"name\": \"SNYK\",\n \"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\"\n },\n \"score\": 8.2,\n \"severity\": \"high\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\"\n },\n {\n \"source\": {\n \"name\": \"Acme Inc\",\n \"url\": \"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N&version=3.1\"\n },\n \"score\": 0,\n \"severity\": \"none\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\\n\\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.\",\n \"detail\": \"XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\\n\\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.\",\n \"recommendation\": \"Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.\",\n \"advisories\": [\n {\n \"title\": \"GitHub Commit\",\n \"url\": \"https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59\"\n },\n {\n \"title\": \"GitHub Issue\",\n \"url\": \"https://github.com/FasterXML/jackson-databind/issues/2589\"\n },\n {\n \"title\": \"RedHat Bugzilla Bug\",\n \"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1887664\"\n }\n ],\n \"created\": \"2020-12-03T00:00:00.000Z\",\n \"published\": \"2020-12-03T00:00:00.000Z\",\n \"updated\": \"2021-10-26T00:00:00.000Z\",\n \"credits\": {\n \"individuals\": [\n {\n \"name\": \"Bartosz Baranowski\"\n }\n ]\n },\n \"analysis\": {\n \"state\": \"not_affected\",\n \"justification\": \"code_not_reachable\",\n \"response\": [\n \"will_not_fix\",\n \"update\"\n ],\n \"detail\": \"Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly.\"\n },\n \"affects\": [\n {\n \"ref\": \"urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar\n\n- Name: urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar", + "start_time": "" + } + ] + } + ], + "sha256": "6e7fa4296080be8402cc3a052be4ef033a98f9520959b3ec5dce5c906651160f" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1 + } + } + ], + "raw": { + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1, + "vulnerabilities": [ + { + "id": "CVE-2020-25649", + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649" + }, + "references": [ + { + "id": "SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302", + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + } + } + ], + "ratings": [ + { + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N&version=3.1" + }, + "score": 7.5, + "severity": "high", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + }, + { + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + }, + "score": 8.2, + "severity": "high", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" + }, + { + "source": { + "name": "Acme Inc", + "url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N&version=3.1" + }, + "score": 0, + "severity": "none", + "method": "CVSSv31", + "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N" + } + ], + "cwes": [ + 611 + ], + "description": "com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.", + "detail": "XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\n\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.", + "recommendation": "Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.", + "advisories": [ + { + "title": "GitHub Commit", + "url": "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59" + }, + { + "title": "GitHub Issue", + "url": "https://github.com/FasterXML/jackson-databind/issues/2589" + }, + { + "title": "RedHat Bugzilla Bug", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664" + } + ], + "created": "2020-12-03T00:00:00.000Z", + "published": "2020-12-03T00:00:00.000Z", + "updated": "2021-10-26T00:00:00.000Z", + "credits": { + "individuals": [ + { + "name": "Bartosz Baranowski" + } + ] + }, + "analysis": { + "state": "not_affected", + "justification": "code_not_reachable", + "response": [ + "will_not_fix", + "update" + ], + "detail": "Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly." + }, + "affects": [ + { + "ref": "urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar" + } + ] + } + ] + } + } +} \ No newline at end of file diff --git a/test/sample_data/cyclonedx_sbom/sbom-vex-hdf.json b/test/sample_data/cyclonedx_sbom/sbom-vex-hdf.json new file mode 100644 index 000000000..e0a9a7243 --- /dev/null +++ b/test/sample_data/cyclonedx_sbom/sbom-vex-hdf.json @@ -0,0 +1,114 @@ +{ + "platform": { + "name": "Heimdall Tools", + "release": "2.10.14" + }, + "version": "2.10.14", + "statistics": {}, + "profiles": [ + { + "name": "CycloneDX BOM Report", + "title": "CycloneDX BOM Report", + "supports": [], + "attributes": [], + "groups": [], + "status": "loaded", + "controls": [ + { + "tags": { + "nist": [ + "SI-10" + ], + "cci": [ + "CCI-001310" + ], + "cwe": [ + "CWE-611" + ], + "ratings": "NVD - high, SNYK - high, Acme Inc - none", + "created": "2020-12-03T00:00:00.000Z", + "published": "2020-12-03T00:00:00.000Z", + "updated": "2021-10-26T00:00:00.000Z", + "credits": "Bartosz Baranowski", + "analysis.state": "not_affected", + "analysis.justification": "code_not_reachable", + "analysis.response": "will_not_fix, update", + "analysis.detail": "Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly." + }, + "descriptions": [ + { + "data": "Recommendation: Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.", + "label": "fix" + } + ], + "refs": [ + { + "ref": [ + { + "source": { + "name": "NVD", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649" + } + }, + { + "references": [ + { + "id": "SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302", + "source": { + "name": "SNYK", + "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302" + } + } + ] + }, + { + "advisories": [ + { + "title": "GitHub Commit", + "url": "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59" + }, + { + "title": "GitHub Issue", + "url": "https://github.com/FasterXML/jackson-databind/issues/2589" + }, + { + "title": "RedHat Bugzilla Bug", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664" + } + ] + } + ] + } + ], + "source_location": {}, + "title": "com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.", + "id": "CVE-2020-25649", + "desc": "Description: com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\n\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.\n\nDetail: XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\n\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.", + "impact": 0.82, + "code": "{\n \"id\": \"CVE-2020-25649\",\n \"source\": {\n \"name\": \"NVD\",\n \"url\": \"https://nvd.nist.gov/vuln/detail/CVE-2020-25649\"\n },\n \"references\": [\n {\n \"id\": \"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\",\n \"source\": {\n \"name\": \"SNYK\",\n \"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\"\n }\n }\n ],\n \"ratings\": [\n {\n \"source\": {\n \"name\": \"NVD\",\n \"url\": \"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N&version=3.1\"\n },\n \"score\": 7.5,\n \"severity\": \"high\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\"\n },\n {\n \"source\": {\n \"name\": \"SNYK\",\n \"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302\"\n },\n \"score\": 8.2,\n \"severity\": \"high\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\"\n },\n {\n \"source\": {\n \"name\": \"Acme Inc\",\n \"url\": \"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N&version=3.1\"\n },\n \"score\": 0,\n \"severity\": \"none\",\n \"method\": \"CVSSv31\",\n \"vector\": \"AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:N/MI:N/MA:N\"\n }\n ],\n \"cwes\": [\n 611\n ],\n \"description\": \"com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor.\\n\\nAffected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity.\",\n \"detail\": \"XXE Injection is a type of attack against an application that parses XML input. XML is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. By default, many XML processors allow specification of an external entity, a URI that is dereferenced and evaluated during XML processing. When an XML document is being parsed, the parser can make a request and include the content at the specified URI inside of the XML document.\\n\\nAttacks can include disclosing local files, which may contain sensitive data such as passwords or private user data, using file: schemes or relative paths in the system identifier.\",\n \"recommendation\": \"Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.6.7.4, 2.9.10.7, 2.10.5.1 or higher.\",\n \"advisories\": [\n {\n \"title\": \"GitHub Commit\",\n \"url\": \"https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59\"\n },\n {\n \"title\": \"GitHub Issue\",\n \"url\": \"https://github.com/FasterXML/jackson-databind/issues/2589\"\n },\n {\n \"title\": \"RedHat Bugzilla Bug\",\n \"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1887664\"\n }\n ],\n \"created\": \"2020-12-03T00:00:00.000Z\",\n \"published\": \"2020-12-03T00:00:00.000Z\",\n \"updated\": \"2021-10-26T00:00:00.000Z\",\n \"credits\": {\n \"individuals\": [\n {\n \"name\": \"Bartosz Baranowski\"\n }\n ]\n },\n \"analysis\": {\n \"state\": \"not_affected\",\n \"justification\": \"code_not_reachable\",\n \"response\": [\n \"will_not_fix\",\n \"update\"\n ],\n \"detail\": \"Automated dataflow analysis and manual code review indicates that the vulnerable code is not reachable, either directly or indirectly.\"\n },\n \"affects\": [\n {\n \"ref\": \"urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar\"\n }\n ]\n}", + "results": [ + { + "status": "failed", + "code_desc": "Component urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar is vulnerable", + "message": "-Component Summary-\n\n- Bom-ref: urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar\n\n- Name: urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.0?type=jar", + "start_time": "" + } + ] + } + ], + "sha256": "6e7fa4296080be8402cc3a052be4ef033a98f9520959b3ec5dce5c906651160f" + } + ], + "passthrough": { + "auxiliary_data": [ + { + "name": "SBOM", + "data": { + "bomFormat": "CycloneDX", + "specVersion": "1.4", + "version": 1 + } + } + ] + } +} \ No newline at end of file